You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Matthieu FEREYRE <ma...@sagem.com> on 2007/08/29 14:03:07 UTC

Réf. : Re: Restarting Apache2.2 from PERL

The point of that is to restart apache from a web adress like 
http://my_server/restart (after authentification)
The function :
kill -USR1 apache_pid
do that extremly well but apache doesn't have the rights to launch it from 
perl !
(because the ppid of apache is launched by root)






Stephane GUIBOUD-RIBAUD <st...@st.com>

29/08/2007 13:56
Remis le : 29/08/2007 13:57

 
        Pour :  modperl@perl.apache.org
        cc :    (ccc : Matthieu FEREYRE/DSEC/SAGEM)
        Objet : Re: Restarting Apache2.2 from PERL



It's like a suicide ?
If you kill Apache, you kill yourself.

Probably, you can create a detached process from your script that will
be in charge of making the stuff.

Take care about OS you are running perl on to do this.

Regards

Matthieu FEREYRE a écrit :
> Is it possible to restart Apache from a perl script (executed by Apache) 
?
> 
> I tried to send a Kill system command with no success.
> 
> Any idea ?
> 
> FEREYRE Matthieu
> 
> " Ce courriel et les documents qui y sont attaches peuvent contenir des 
> informations confidentielles. Si vous n'etes pas le destinataire 
> escompte, merci d'en informer l'expediteur immediatement et de detruire 
> ce courriel ainsi que tous les documents attaches de votre systeme 
> informatique. Toute divulgation, distribution ou copie du present 
> courriel et des documents attaches sans autorisation prealable de son 
> emetteur est interdite."
> 
> " This e-mail and any attached documents may contain confidential or 
> proprietary information. If you are not the intended recipient, please 
> advise the sender immediately and delete this e-mail and all attached 
> documents from your computer system. Any unauthorised disclosure, 
> distribution or copying hereof is prohibited."
> 





" Ce courriel et les documents qui y sont attaches peuvent contenir des informations confidentielles. Si vous n'etes  pas le destinataire escompte, merci d'en informer l'expediteur immediatement et de detruire ce courriel  ainsi que tous les documents attaches de votre systeme informatique. Toute divulgation, distribution ou copie du present courriel et des documents attaches sans autorisation prealable de son emetteur est interdite." 

" This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, please advise the sender immediately and delete this e-mail and all attached documents from your computer system. Any unauthorised disclosure, distribution or copying hereof is prohibited."

Re: Restarting Apache2.2 from PERL

Posted by Frank Wiles <fr...@wiles.org>.

On Wed, 29 Aug 2007 13:23:30 +0100
John ORourke <jo...@o-rourke.org> wrote:

> Matthieu FEREYRE wrote:
> >
> > kill -USR1 apache_pid
> >
> > do that extremly well but apache doesn't have the rights to launch
> > it from perl !
> >
> 
> Try writing a script which does it - eg.
> 
> #!/bin/sh
> /etc/init.d/apache restart
> 
> put that somewhere and make it setuid root, then in your perl code
> call
> 
> system("/path/to/your/script &");
> 
> which would launch it in the background and return control sensibly,
> I think.
> 
> The 2 flaws are [1] you have no way to feed back success to the user
> - you could put a Refresh header in the returned page to jump to a
> status page - and [2] any script or user on your server would be able
> to restart it by running the setuid root script.

  While that definitely will work, there is a better solution from 
  a security perspective.  You write a small daemon that either 
  accepts simple messages via IP or a local socket, or just simply
  looks for the existence of some file
  '/home/httpd/restart-apache.now'. 

  When the daemon receives the message or spots the file on disk 
  it could handle the restart for you.  Sure there is a bit of
  a delay compared to issuing your own sigkill, but you don't have
  as much exposure. 

 -------------------------------------------------------
   Frank Wiles, Revolution Systems, LLC. 
     Personal : frank@wiles.org  http://www.wiles.org
     Work     : frank@revsys.com http://www.revsys.com

Re: Restarting Apache2.2 from PERL

Posted by John ORourke <jo...@o-rourke.org>.

Matthieu FEREYRE wrote:
>
> kill -USR1 apache_pid
>
> do that extremly well but apache doesn't have the rights to launch it 
> from perl !
>

Try writing a script which does it - eg.

#!/bin/sh
/etc/init.d/apache restart

put that somewhere and make it setuid root, then in your perl code call

system("/path/to/your/script &");

which would launch it in the background and return control sensibly, I 
think.

The 2 flaws are [1] you have no way to feed back success to the user - 
you could put a Refresh header in the returned page to jump to a status 
page - and [2] any script or user on your server would be able to 
restart it by running the setuid root script.

cheers
John