Anthony M. Farrell wrote: > fedora core 6 - 2.6.20-1.2933.fc6 > fedora-ds-1.0.4-1.FC6 > httpd-2.2.4-2.fc6 > > I installed the directory server as a typical install with owner and group set > to root. > > Directory server starts OK > > Admin server will not start. > > Output of 'admin-serv/logs/error ' shows above subject error. > > Output of /tmp file3SRK6D: > Syntax error on line 35 of /opt/fedora-ds/admin-serv/config/console.conf: > Error:\tApache has not been designed to serve pages while\n\trunning as root. > There are known race conditions that\n\twill allow any local user to read any > file on the system.\n\tIf you still desire to serve pages as root > then\n\tadd -DBIG_SECURITY_HOLE to the CFLAGS env variable\n\tand then > rebuild the server.\n\tIt is strongly suggested that you instead modify the > User\n\tdirective in your httpd.conf file to list a non-root\n\tuser.\n > This error message is telling you that Apache will not run as root. You must change your User in admin-serv/config/console.conf to a non-root user, preferably the same user as you run your directory server as (if that is also root, I strongly encourage you to use a non-root user). If you're not very far along, I suggest starting over from scratch, and re-installing using a non-root user for both the Directory and Admin servers. > Changing the console.conf user and group to apache does not make any > difference. > > Output of ls -l admin-serv/config: > -rw------- 1 root root 337 Jun 24 13:17 adm.conf > -rw------- 1 root root 39 Jun 24 13:17 admpw > -rw------- 1 root root 4588 Jun 24 13:17 admserv.conf > -rw------- 1 root root 1324 Jun 24 13:17 admserv.conf.rej > -rw------- 1 root root 3726 Jun 24 15:54 console.conf > -rw------- 1 root root 30468 Jun 24 15:38 httpd.conf > -rw------- 1 root root 2048 Jun 24 13:17 httpd.conf.rej > -rw-r--r-- 1 root root 19707 Jun 24 13:17 local.conf > -rw------- 1 root root 4573 Jun 24 13:17 nss.conf > > I have installed on two separate servers with latest fc6 and have the same > problem on both boxes. > > I would appreciate any ideas from list members as to how to resolve this > problem. > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070625/b19fe19a/attachment.bin
