general/1552: Server exiting

[Jan Arild Lindstr�m <ja...@nextel.no>]

>Number:         1552
>Category:       general
>Synopsis:       Server exiting
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Mon Dec 15 06:30:01 PST 1997
>Last-Modified:
>Originator:     jal@nextel.no
>Organization:
apache
>Release:        all that support VirtualHost
>Environment:
Yields all OS's.
>Description:
I work for the biggest Norwegian ISP.
2 of our servers have 150+ virtual hosts on each (and still groving). We have now decided to run the 2 servers with suexec and apply a different User (same 
group) to each  of the virtual hosts (running cgi-scripts would be safer with that). When applying an unknown user or group, the server does  an exit telling
us it was a bad user/group name. 

The database that holds usernames and groups are updated by the Customer Service dep. /etc/password is updated form that database. Imagine what will  happen when we rotate the web-server logs at 11:55 pm and one of the customers 
have terminated it's contract and the username is gone from /etc/password? Yes, 
the server would not start...

An ignore of the virtual host(s) with bad user name/group would be much safer 
than an exit of the whole server...
>How-To-Repeat:
Just specify an unknown user or group in the VirtualHost
>Fix:
How about an ignore of the VirtualHost (printing that to STDERR) instead of an
exit of the whole server...


Best regards

Jan Arild Lindstr�
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]