You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs@httpd.apache.org by rb...@locus.apache.org on 2000/10/31 01:47:25 UTC
cvs commit: apache-2.0/src/os/unix Makefile.in unixd.c unixd.h suexec.c suexec.h
rbb 00/10/30 16:47:25
Modified: src/modules/standard mod_suexec.c mod_userdir.c
src/os/unix Makefile.in unixd.c unixd.h
Removed: src/os/unix suexec.c suexec.h
Log:
Make mod_cgi and mod_include work when compiled as DSO's again. This is
accomplished by moving suexec out of it's own file and into unixd.[ch].
The problem was that suexec.c wasn't being linked into the server unless
a module was actually using ap_os_create_process. This is still not clean,
but it works now.
Revision Changes Path
1.3 +0 -1 apache-2.0/src/modules/standard/mod_suexec.c
Index: mod_suexec.c
===================================================================
RCS file: /home/cvs/apache-2.0/src/modules/standard/mod_suexec.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- mod_suexec.c 2000/10/30 19:30:55 1.2
+++ mod_suexec.c 2000/10/31 00:47:21 1.3
@@ -61,7 +61,6 @@
#include "http_core.h"
#include "http_request.h"
#include "apr_strings.h"
-#include "suexec.h"
#include "unixd.h"
module MODULE_VAR_EXPORT suexec_module;
1.23 +1 -1 apache-2.0/src/modules/standard/mod_userdir.c
Index: mod_userdir.c
===================================================================
RCS file: /home/cvs/apache-2.0/src/modules/standard/mod_userdir.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- mod_userdir.c 2000/10/23 19:30:30 1.22
+++ mod_userdir.c 2000/10/31 00:47:21 1.23
@@ -101,7 +101,7 @@
#include "http_config.h"
#include "http_request.h"
#ifdef HAVE_UNIX_SUEXEC
-#include "suexec.h" /* Contains the suexec_identity hook used on Unix */
+#include "unixd.h" /* Contains the suexec_identity hook used on Unix */
#endif
#ifdef HAVE_PWD_H
#include <pwd.h>
1.7 +1 -1 apache-2.0/src/os/unix/Makefile.in
Index: Makefile.in
===================================================================
RCS file: /home/cvs/apache-2.0/src/os/unix/Makefile.in,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- Makefile.in 2000/10/23 15:30:55 1.6
+++ Makefile.in 2000/10/31 00:47:22 1.7
@@ -1,5 +1,5 @@
LTLIBRARY_NAME = libos.la
-LTLIBRARY_SOURCES = os-inline.c unixd.c suexec.c
+LTLIBRARY_SOURCES = os-inline.c unixd.c
include $(top_srcdir)/build/ltlib.mk
1.28 +69 -0 apache-2.0/src/os/unix/unixd.c
Index: unixd.c
===================================================================
RCS file: /home/cvs/apache-2.0/src/os/unix/unixd.c,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- unixd.c 2000/10/23 15:30:55 1.27
+++ unixd.c 2000/10/31 00:47:23 1.28
@@ -62,6 +62,10 @@
#include "http_main.h"
#include "http_log.h"
#include "unixd.h"
+#include "os.h"
+#include "ap_mpm.h"
+#include "apr_thread_proc.h"
+#include "apr_strings.h"
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
@@ -412,5 +416,70 @@
ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, cmd->server,
"Platform does not support rlimit for %s", cmd->cmd->name);
#endif
+}
+
+AP_HOOK_STRUCT(
+ AP_HOOK_LINK(get_suexec_identity)
+)
+
+AP_IMPLEMENT_HOOK_RUN_FIRST(ap_unix_identity_t *, get_suexec_identity,
+ (const request_rec *r), (r), NULL)
+
+static apr_status_t ap_unix_create_privileged_process(
+ apr_proc_t *newproc, const char *progname,
+ char *const *args, char **env,
+ apr_procattr_t *attr, ap_unix_identity_t *ugid,
+ apr_pool_t *p)
+{
+ int i = 0;
+ char **newargs;
+ char *newprogname;
+ char *execuser, *execgroup;
+
+ if (!unixd_config.suexec_enabled) {
+ return apr_create_process(newproc, progname, args, env, attr, p);
+ }
+
+ execuser = apr_psprintf(p, "%ld", (long) ugid->uid);
+ execgroup = apr_psprintf(p, "%ld", (long) ugid->gid);
+
+ if (!execuser || !execgroup) {
+ return APR_ENOMEM;
+ }
+
+ i = 0;
+ if (args) {
+ while (args[i]) {
+ i++;
+ }
+ }
+ newargs = apr_palloc(p, sizeof(char *) * (i + 4));
+ newprogname = SUEXEC_BIN;
+ newargs[0] = SUEXEC_BIN;
+ newargs[1] = execuser;
+ newargs[2] = execgroup;
+ newargs[3] = apr_pstrdup(p, progname);
+
+ i = 0;
+ do {
+ newargs[i + 4] = args[i];
+ } while (args[i++]);
+
+ return apr_create_process(newproc, newprogname, newargs, env, attr, p);
+}
+
+AP_DECLARE(apr_status_t) ap_os_create_privileged_process(const request_rec *r,
+ apr_proc_t *newproc, const char *progname,
+ char *const *args, char **env,
+ apr_procattr_t *attr, apr_pool_t *p)
+{
+ ap_unix_identity_t *ugid = ap_run_get_suexec_identity(r);
+
+ if (ugid == NULL) {
+ return apr_create_process(newproc, progname, args, env, attr, p);
+ }
+
+ return ap_unix_create_privileged_process(newproc, progname, args, env,
+ attr, ugid, p);
}
1.16 +14 -0 apache-2.0/src/os/unix/unixd.h
Index: unixd.h
===================================================================
RCS file: /home/cvs/apache-2.0/src/os/unix/unixd.h,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- unixd.h 2000/10/23 15:30:55 1.15
+++ unixd.h 2000/10/31 00:47:24 1.16
@@ -64,6 +64,20 @@
#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif
+#include "ap_hooks.h"
+#include "apr_thread_proc.h"
+
+#include <pwd.h>
+#include <grp.h>
+#include <sys/types.h>
+
+typedef struct {
+ uid_t uid;
+ gid_t gid;
+} ap_unix_identity_t;
+
+AP_DECLARE_HOOK(ap_unix_identity_t *, get_suexec_identity,(const request_rec *r)
+)
/* common stuff that unix MPMs will want */