You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Olivier Nicole <on...@cs.ait.ac.th> on 1998/11/13 07:18:48 UTC

suexec/3396: Split suEXEC log per 

>Number:         3396
>Category:       suexec
>Synopsis:       Split suEXEC log per <VirtualHost>
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Thu Nov 12 22:20:00 PST 1998
>Last-Modified:
>Originator:     on@cs.ait.ac.th
>Organization:
apache
>Release:        1.3
>Environment:
Whatever
>Description:
Hello,

I wonder if it would be possible to split suEXEC logs by <VirtualHost>.

I have done it the following way:

1) check earlier that target user name is valid
2) find the home directory
3) and open a user log file in a fixed sub-directory of the target user 
   home dir.

Error if the target user is not valid, if the log dir cannot be open, etc
are reported in a global log file as defined by $LOG_EXEC

I have made this working, it is badly written and I am not really sure
how secure it is or it is not.

I have a second suggestion that does not involve security at all, I think
it would be better if logs could be changed so that it only generates 
on line per call to suEXEC. I have set up the following format:

/home/sat/cgi-bin/ej-sat/feedback.cgi sat httpd [1998-11-10 14:39:15] user misma
tch (suEXEC is run by sat instead of httpd)
/home/sat/cgi-bin/ej-sat/feedback.cgi sat httpd [1998-11-10 14:49:51]
/home/sat/cgi-bin/ej-sat/feedback.cgi sat httpd [1998-11-10 14:51:35]
/home/sat/cgi-bin/ej-sat/feedback.cgi sat httpd [1998-11-10 15:00:37]
/home/sat/cgi-bin/ej-sat/feedback.cgi sat httpd [1998-11-10 15:01:25] target uid
/gid (200/1000) mismatch with directory (200/1000) or CGI (0/1000)

First is the full pathname of the CGI called (as Apache changes directory 
to the one of the CGI it is about to execute, two scripts with similar
name would not log under the same name) then target name and group, date
and followed by blank or the error message.

Only case that cannot fit is when exec fails. It should be uncommon enough
not to bother solving it.

This way the log file is easier to process through log analysis packages and
is more consistant to read for human beings.

Thanks for your attention

And above all thanks for making Apache exist

Olivier
>How-To-Repeat:

>Fix:

>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request ]
[from a developer.                                      ]
[Reply only with text; DO NOT SEND ATTACHMENTS!         ]