Re: Apache umask

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 7/13/20 4:21 PM, Phoenix, Merka wrote:

I need to set the umask for apache to 002.  I've tried every idea I've found on the internet, but nothing make a difference.  Most suggest that I put "umask 002" in /etc/sysconfig/httpd, but that doesn't seem to make a difference.>>
   Other's suggest adding something to the httpd.service script for systemd.  And that doesn't make any difference.

Any suggestion from this list would be appreciated.

Emmett


SystemD does have a directive for UMask in their "unit" scripts under the '[service]' section

  See: https://www.freedesktop.org/software/systemd/man/systemd.exec.html#UMask=
[ https :// www. freedesktop. org /software/systemd/man/systemd.exec.html#UMask= ]
and also:
https://man7.org/linux/man-pages/man5/systemd.exec.5.html
[ https :// man7. org /linux/man-pages/man5/systemd.exec.5.html ]

Several posts on StackExchange indicate that the name of the directive 'UMask' is case-sensitive, so it must match the first two letters as UPPERcase, the remainder lowercase.

This posting at ServerFault provides the exact steps:
https://serverfault.com/questions/924960/how-to-set-umask-for-apache-on-amazon-linux-2-ami

[ https :// serverfault. com /questions/924960/how-to-set-umask-for-apache-on-amazon-linux-2-ami ]

Depending on how Apache httpd is called (for example, if there is a wrapper script called instead of an executable), there may be other players in the mix that would influence what the process ends up with for its umask.

Start first with how Apache httpd is called by SystemD, and trace it out to the binary (see if your script(s) call any other scripts). Worst case, you could go the opposite route and have the unit script call a bash script instead of the executable directly, and the bash script can set umask right before it calls the httpd binary.

Cheers!

Simba
Engineering


Thanks for the info.  I hadn't seen that before nor many of the links.  I had seen the suggested systemd fix, but have never been able got them to work. And I've tried many combinations.  Still no luck.

There has to be a way to get this done.

Emmett
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux