Re: Failure to start 2.4.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, April 10, 2013 14:17, Jens-U. Mozdzen wrote:
> Hi Steven,
>
> Zitat von Redalert Commander <redalert.commander@xxxxxxxxx>:
>> Hi Jens, thanks for having a look.
>>
>> 2013/4/10 Jens-U. Mozdzen <jmozdzen@xxxxxx>:
>>> Hi Steve,
>>>
[...]
>>>
>>> I believe you have no or a wrong path set for the shared memory
>>> location...
>>> it shouldn't point to "/etc/httpd/logs/authdigest_shm.23908", but more
>>> probably to "/var/log/httpd/..." or even better to "/var/run/httpd/..."
>>> (or
>>> similar)?
>>
>> /etc/httpd/logs is a symlink to /var/log/httpd.
>
> ah, I should have thought of that.
>
> In your original message you wrote that httpd is running as user (and
> group) "apache", and that /var/log/httpd is owned by root:root with
> 700 permission.
>
> Judging from that and the error message, httpd attempts to open the
> shm file as user "apache" (not "root") and thus fails. Is there any
> specific reason /var/log/httpd is not owned by your httpd user?

This is how it is done in both Fedora and RHEL releases (also for 2.4), my
guess is that this is done so that a compromised instance would be unable
to delete the logs since they are written with elevated permissions. (I
believe Debian does this as well).

>
>> Although /var/run/httpd does look like a better location for such a
>> file, so where would I configure this?
>> Is it a configure option when compiling or a directive in httpd.conf?
>> I couldn't find a reference to it on a quick search.
>
> Me neither - might be you'd have to look at the documentation written
> in that other language (I'm talking about the module's source code ;)
> ) to see if it is configurable. The online man page at least lists *no
> hint at all* that you may influence the location. Sorry for putting
> you on that wrong track.

I found something in configure that looks like an option, 'runtimedir',
but that is not actually a valid option.
Something is definately wrong here, I see other people having the
authdigest_shm files in /var/run/httpd by default, without extra configure
arguments.

[...]

Regards,
Steven

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux