You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2002/09/21 19:18:34 UTC
cvs commit: apache-1.3/src/main http_core.c http_main.c
jim 2002/09/21 10:18:34
Modified: src CHANGES
src/include http_conf_globals.h
src/main http_core.c http_main.c
Log:
Add the ShmemUIDisUser directive and logic. Apache does not require
that the SysV shared memory segment be reset to the uid/gid of
User/Group. In fact, it's not wise that it do so. However, there are
some 3rd party "add ons" that require/expect this behavior...
So allow admins to do so, assuming they know the impacts.
Revision Changes Path
1.1853 +7 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1852
retrieving revision 1.1853
diff -u -r1.1852 -r1.1853
--- CHANGES 20 Sep 2002 10:13:55 -0000 1.1852
+++ CHANGES 21 Sep 2002 17:18:33 -0000 1.1853
@@ -1,5 +1,12 @@
Changes with Apache 1.3.27
+ *) Add the new directive 'ShmemUIDisUser'. By default, Apache
+ will no longer set the uid/gid of SysV shared memory scoreboard
+ to User/Group, and it will therefore stay the uid/gid of
+ the parent Apache process. This is actually the way it should
+ be, however, some implementations may still require this, which
+ can be enabled by 'ShmemUIDisUser On'. [Jim Jagielski]
+
*) Fix a problem with the definition of union semun which broke
System V semaphores on systems where sizeof(int) != sizeof(long).
PR 12072 [<wi...@de.ibm.com>]
1.50 +1 -0 apache-1.3/src/include/http_conf_globals.h
Index: http_conf_globals.h
===================================================================
RCS file: /home/cvs/apache-1.3/src/include/http_conf_globals.h,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- http_conf_globals.h 8 Jul 2002 18:06:55 -0000 1.49
+++ http_conf_globals.h 21 Sep 2002 17:18:34 -0000 1.50
@@ -104,6 +104,7 @@
extern enum server_token_type ap_server_tokens;
extern int ap_protocol_req_check;
+extern int ap_change_shmem_uid;
/* Trying to allocate these in the config pool gets us into some *nasty*
* chicken-and-egg problems in http_main.c --- where do you stick them
1.316 +14 -0 apache-1.3/src/main/http_core.c
Index: http_core.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/http_core.c,v
retrieving revision 1.315
retrieving revision 1.316
diff -u -r1.315 -r1.316
--- http_core.c 21 Aug 2002 13:33:07 -0000 1.315
+++ http_core.c 21 Sep 2002 17:18:34 -0000 1.316
@@ -2790,6 +2790,18 @@
return NULL;
}
+static const char *set_change_shmem_uid(cmd_parms *cmd,
+ core_dir_config *d, int arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err != NULL) {
+ return err;
+ }
+
+ ap_change_shmem_uid = arg != 0;
+ return NULL;
+}
+
/*
* Handle a request to include the server's OS platform in the Server
* response header field (the ServerTokens directive). Unfortunately
@@ -3424,6 +3436,8 @@
"Limit (in bytes) on maximum size of request message body" },
{ "ProtocolReqCheck", set_protocol_req_check, NULL, RSRC_CONF, FLAG,
"Enable strict checking of Protocol type in requests" },
+{ "ShmemUIDisUser", set_change_shmem_uid, NULL, RSRC_CONF, FLAG,
+ "Enable the setting of SysV shared memory scoreboard uid/gid to User/Group" },
{ "AcceptMutex", set_accept_mutex, NULL, RSRC_CONF, TAKE1,
"Serialized Accept Mutex; the methods "
#ifdef HAVE_USLOCK_SERIALIZED_ACCEPT
1.592 +5 -1 apache-1.3/src/main/http_main.c
Index: http_main.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/http_main.c,v
retrieving revision 1.591
retrieving revision 1.592
diff -u -r1.591 -r1.592
--- http_main.c 20 Sep 2002 10:13:57 -0000 1.591
+++ http_main.c 21 Sep 2002 17:18:34 -0000 1.592
@@ -402,6 +402,8 @@
/* Also global, for http_core and http_protocol */
int ap_protocol_req_check = 1;
+int ap_change_shmem_uid = 0;
+
/*
* This routine is called when the pconf pool is vacuumed. It resets the
* server version string to a known value and [re]enables modifications
@@ -2330,7 +2332,9 @@
* We exit below, after we try to remove the segment
*/
}
- else { /* only worry about permissions if we attached the segment */
+ /* only worry about permissions if we attached the segment
+ and we want/need to change the uid/gid */
+ else if (ap_change_shmem_uid) {
if (shmctl(shmid, IPC_STAT, &shmbuf) != 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, server_conf,
"shmctl() could not stat segment #%d", shmid);