Hi all, I have a redhat 5 ES box that I'm having trouble with. Out of the box, redhat 5 will not allow users with a uid < 500 to login. I modified the /etc/pam.d/system-auth file to work around this: Original : auth requisite pam_succeed_if.so uid >= 500 quiet Modified: auth requisite pam_succeed_if.so uid >= 100 quiet I had to make this change, as the box is authenticating against our ldap environment, and there are a few users that have uid's less than 500. So, for things such as ssh interactive logins, all is okay. I'm now running into a problem in which httpd is not letting seemingly the same group of users execute cgi's from their home directories. I've modified cat /etc/httpd/conf/httpd.conf to allow for the execution of cgi's from users home directories. For users with a uid greater than 500, cgi's execute as expected. For users with a uid less than 500, the cgi doesn't execute and the following is logged in /var/log/httpd/suexec.log: cannot run as forbidden uid (402/hello.cgi) Any ideas how I can modify the behavior to allow uid's < 500 to run cgi's? If not, how do I disable suexec from loading? I would rather not re-compile this, as I prefer to use yum to keep the box patched and from what I've read, suexec does add some extended security to httpd. Thanks. Aaron -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
