You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Adam Griffiths <ne...@adam-griffiths.co.uk> on 2003/11/05 12:46:54 UTC
[users@httpd] starting httpd as a non-root user
Hi,
I have been running apache httpd for over three years on a server provided
to me by an ISP. The server automatically starts httpd from it's /etc/rc.
I have a login, but not root access, I can kill the httpd process (killall
httpd) and I would like to be able to start it again, without rebooting my
server and having /etc/rc do the job. The reason for this is that I need to
do some debugging and I would like to be able to stop and start httpd at
will from my non-root login account. However try as I might I can't start
http at non-root.
I am logging in using ssh, with my non-root account and attempting to start
httpd, here is an example of what happens:
[...]$ httpd -X -D SSL -D NONROOT &
[1] 3548
[...]$
[1]+ Exit 1 httpd -X -D SSL -D NONROOT
[...]$
httpd exits! but no errors appear in the error log.
I would be very grateful for any suggestions. My httpd.conf is below.
Kind Regards
Adam
###################################
# httpd.conf
ServerType standalone
ServerRoot /usr/local/etc/httpd
LockFile /var/lock/httpd.lock
PidFile /var/run/httpd.pid
ScoreBoardFile /var/run/httpd.scoreboard
#ResourceConfig /usr/local/etc/httpd/conf/srm.conf
#AccessConfig /usr/local/etc/httpd/conf/access.conf
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 30
MaxRequestsPerChild 3000
# Dynamic Shared Object (DSO) support.
# Please respect the order below.
#LoadModule bandwidth_module /usr/lib/apache/mod_bandwidth.so
#mod_status - performance considerations
#LoadModule status_module /usr/lib/apache/mod_status.so
LoadModule includes_module /usr/lib/apache/mod_include.so
LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so
#LoadModule asis_module /usr/lib/apache/mod_asis.so
#LoadModule imap_module /usr/lib/apache/mod_imap.so
#LoadModule action_module /usr/lib/apache/mod_actions.so
#LoadModule speling_module /usr/lib/apache/mod_speling.so
#LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so
#LoadModule anon_auth_module /usr/lib/apache/mod_auth_anon.so
#LoadModule db_auth_module /usr/lib/apache/mod_auth_db.so
#LoadModule dbm_auth_module /usr/lib/apache/mod_auth_dbm.so
#LoadModule mysql_auth_module /usr/lib/apache/mod_auth_mysql.so
#LoadModule auth_pgsql_module /usr/lib/apache/mod_auth_pgsql.so
#LoadModule cern_meta_module /usr/lib/apache/mod_cern_meta.so
#LoadModule unique_id_module /usr/lib/apache/mod_unique_id.so
LoadModule perl_module /usr/lib/apache/libperl.so
#LoadModule php3_module /usr/lib/apache/libphp3.so
#LoadModule php4_module /opt/php-4.1.1/lib/apache/libphp4.so
#LoadModule dav_module /usr/lib/apache/libdav.so
LoadModule ssl_module /usr/lib/apache/libssl.so
#LoadModule python_module /usr/lib/apache/mod_python.so
# Reconstruction of the complete module list from all available modules
# (static and shared ones) to achieve correct module execution order.
# [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
ClearModuleList
#AddModule mod_mmap_static.c
AddModule mod_vhost_alias.c
#AddModule mod_bandwidth.c
AddModule mod_env.c
AddModule mod_log_config.c
AddModule mod_log_agent.c
AddModule mod_log_referer.c
#AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_negotiation.c
#AddModule mod_status.c
#This module provides a comprehensive overview of the server configuration
including all installed modules and directives in the configuration files.
#AddModule mod_info.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
#AddModule mod_asis.c
#AddModule mod_imap.c
#AddModule mod_actions.c
#AddModule mod_speling.c
#AddModule mod_userdir.c
AddModule mod_alias.c
#AddModule mod_rewrite.c
AddModule mod_access.c
AddModule mod_auth.c
#AddModule mod_auth_anon.c
#AddModule mod_auth_db.c
#AddModule mod_auth_any.c
#AddModule mod_auth_dbm.c
#AddModule auth_ldap.c
#AddModule mod_auth_mysql.c
#AddModule mod_auth_pgsql.c
#AddModule mod_digest.c
AddModule mod_proxy.c
#AddModule mod_cern_meta.c
AddModule mod_expires.c
AddModule mod_headers.c
#AddModule mod_usertrack.c
#AddModule mod_example.c
#AddModule mod_unique_id.c
#AddModule mod_frontpage.c
AddModule mod_so.c
AddModule mod_setenvif.c
AddModule mod_perl.c
#AddModule mod_php3.c
#AddModule mod_php4.c
#AddModule mod_dav.c
#AddModule mod_roaming.c
AddModule mod_ssl.c
#AddModule mod_put.c
#AddModule mod_python.c
PerlSetEnv PERL5PATH
/usr/local/lib/perl5/site_perl:/usr/local/lib/perl5/site_perl/i386-linux-thr
ead-multi
<Perl>
use lib '/usr/local/lib/perl5/site_perl';
use lib '/usr/local/lib/perl5/site_perl/i386-linux-thread-multi';
</Perl>
#########################
# AxKit
#########################
#PerlModule Apache::DBI
PerlModule AxKit
##Appache Directives
##Apparently not nesesary for AxKit 1.6 and later
#AddType text/xml .xsp
#AddType text/xml .xml
#AddType text/xml .xsl
#AddHandler axkit .xml
#AddHandler axkit .xsp
#AddHandler axkit .dkb
##AxAddStyleMap
##This is one of the more important directives. It is responsible for
##mapping module stylesheet MIME types to stylesheet processor modules (the
##reason we do this is to make it easy to switch out different modules for
##the same functionality, for example different XSLT processors).
#AxAddStyleMap text/xsl Apache::AxKit::Language::LibXSLT
#AxAddStyleMap application/x-xsp Apache::AxKit::Language::XSP
#AxAddStyleMap application/x-xpathscript
Apache::AxKit::Language::XPathScript
#AxNoCache On
AxDebugLevel 10
#AxLogDeclines Off
#AxCacheDir /usr/local/axcache
#AxGzipOutput Off
##AxAddXSPTaglib
##XSP supports two types of tag libraries. The simplest type to understand
##is merely an XSLT or XPathScript (or other transformation language)
##stylesheet that transforms custom tags into the "raw" XSP tag form.
##However there is another kind, that is faster, and these taglibs
##transform
##the custom tags into pure code which then gets compiled. These taglibs
##must be loaded into the server using the AxAddXSPTaglib configuration
##directive.
#AxAddXSPTaglib AxKit::XSP::Util
#AxAddXSPTaglib AxKit::XSP::Param
#AxAddXSPTaglib AxKit::XSP::Cookie
#AxAddXSPTaglib AxKit::XSP::ESQL
#AxAddXSPTaglib AxKit::XSP::WebUtils
#AxAddXSPTaglib AxKit::XSP::AttrParam
#AxAddXSPTaglib AxKit::XSP::CharsetConv
#AxAddXSPTaglib AxKit::XSP::Sendmail
#AxAddXSPTaglib GCT::XSP::Shopping
#AxAddXSPTaglib GCT::XSP::Encrypt
#AxAddXSPTaglib GCT::XSP::GCForm
#AxAddXSPTaglib GCT::XSP::GCValidate
#PerlSetVar AxXPSInterpolate 1
####################
#End AxKit
####################
SSLEngine off
<IfDefine !NONROOT>
Port 80
Listen 212.69.201.109:80
</IfDefine>
<IfDefine NONROOT>
Port 1234
Listen 212.69.201.109:1234
</IfDefine>
<IfDefine SSL>
Listen 212.69.201.109:443
</IfDefine>
<IfDefine !NONROOT>
User web
Group web
</IfDefine>
ServerAdmin me@my.domain
ServerName my.domain
DocumentRoot /home/httpd/docs
UseCanonicalName On
TypesConfig /usr/local/etc/httpd/conf/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
MIMEMagicFile /usr/local/etc/httpd/conf/magic
</IfModule>
ServerSignature On
Alias /icons/ "/home/httpd/icons/"
<Directory "/home/httpd/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
IndexOptions FancyIndexing
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
ReadmeName README
HeaderName HEADER
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddEncoding x-compress Z
AddEncoding x-gzip gz
AddLanguage en .en
AddLanguage fr .fr
AddLanguage de .de
AddLanguage da .da
AddLanguage el .el
AddLanguage it .it
LanguagePriority en fr de
AddType application/x-httpd-php3 .php3
AddType application/x-httpd-php3-source .phps
AddType application/x-httpd-php .php .php4
AddType application/x-httpd-php-source .phps
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfDefine>
<IfModule mod_ssl.c>
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/log/httpd/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/log/httpd/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#LOG MOVE
<IfDefine !NONROOT>
SSLLog /var/log/httpd/ssl_engine_log
</IfDefine>
<IfDefine NONROOT>
SSLLog /www/logs/errors/ssl_engine_log
</IfDefine>
SSLLogLevel error
</IfModule>
NameVirtualHost 212.69.201.109
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot /home/httpd/docs
#
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
<Directory />
Options FollowSymLinks Indexes
AllowOverride All
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory /home/httpd/docs>
#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options Indexes FollowSymLinks
#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
#
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.
#
#UserDir public_html
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
# Order deny,allow
# Deny from all
# </Limit>
#</Directory>
#
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
#
DirectoryIndex index.html index.htm index.xml index.xsp
#
# AccessFileName: The name of the file to look for in each directory
# for access control information.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess files from being viewed by
# Web clients. Since .htaccess files often contain authorization
# information, access is disallowed for security reasons. Comment
# these lines out if you want Web visitors to see the contents of
# .htaccess files. If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
#
<Files .htaccess>
Order allow,deny
Deny from all
</Files>
HostnameLookups Off
#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
#LOG MOVE
<IfDefine !NONROOT>
ErrorLog /var/log/httpd/error_log
</IfDefine>
<IfDefine NONROOT>
ErrorLog /www/logs/errors/error_log
</IfDefine>
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
#CustomLog /var/log/httpd/access_log common
#
# If you would like to have agent and referer logfiles, uncomment the
# following directives.
#
#CustomLog /var/log/httpd/referer_log referer
#CustomLog /var/log/httpd/agent_log agent
#
# If you prefer a single logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#
#CustomLog /var/log/httpd/access_log combined
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the
client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
#
ScriptAlias /cgi-bin/ "/home/httpd/cgi-bin/"
#
# "/usr/apps/apache/cgi-bin" should be changed to whatever your
ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/home/httpd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
#
# AddType allows you to tweak mime.types without actually editing it, or to
# make certain files to be certain types.
#
#
# AddHandler allows you to map certain file extensions to "handlers",
# actions unrelated to filetype. These can be either built into the server
# or added with the Action command (see below)
#
# If you want to use server side includes, or CGI outside
# ScriptAliased directories, uncomment the following lines.
#
# To use CGI scripts:
#
AddHandler cgi-script .cgi .pl
#
# To use server-parsed HTML files
#
#AddType text/html .shtml
#AddHandler server-parsed .shtml
#
# Uncomment the following line to enable Apache's send-asis HTTP file
# feature
#
#AddHandler send-as-is asis
#
# If you wish to use server-parsed imagemap files, use
#
#AddHandler imap-file map
#
# To enable type maps, you might want to use
#
#AddHandler type-map var
# javascript
#AddHandler javascript-html .jshtml
#AddHandler javascript-script .ssjs
#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#
#
# MetaDir: specifies the name of the directory in which Apache can find
# meta information files. These files contain additional HTTP headers
# to include when sending the document
#
#MetaDir .web
#
# MetaSuffix: specifies the file name suffix for the file containing the
# meta information.
#
#MetaSuffix .meta
#
# Customizable error response (Apache style)
# these come in three flavors
#
# 1) plain text
#ErrorDocument 500 "The server made a boo boo.
# n.b. the (") marks it as text, it does not get output
#
# 2) local redirects
#ErrorDocument 404 /missing.html
# to redirect to local URL /missing.html
#ErrorDocument 404 /cgi-bin/missing_handler.pl
ErrorDocument 404 "The page you are looking for does not exist"
# N.B.: You can redirect to a script or a document using
server-side-includes.
#
# 3) external redirects
#ErrorDocument 402 http://some.other_server.com/subscription_info.html
# N.B.: Many of the environment variables associated with the original
# request will *not* be available to such a script.
<IfDefine SSL>
# Insert SSL enabled virtual hosts within
# this <Ifdefine> ... </IfDefine> section.
</IfDefine>
# Standard non-SSL enabled virtual hosts
#first Virtual host is the default
########
#default
########
<VirtualHost 212.69.201.109>
ServerName holding.my.doamin
DocumentRoot /www/vhtdocs/holding/
</VirtualHost>
## ... etc more virual hosts here
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Re: starting httpd as a non-root user
Posted by Adam Griffiths <ne...@adam-griffiths.co.uk>.
The version of apachectl on my server doesn't work, it fails with:
line 26: /etc/rc.d/init.d/functions: No such file or directory
However,
$ http -t
returns:
Syntax OK
"Dan Trainor" <da...@cavecreek.net> wrote in message
news:1068033954.31076.26.camel@xserv.cavecreek.net...
> apachectl configtest, rather. graveyard shift, sorry. heh.
>
> -dant
>
>
> On Wed, 2003-11-05 at 05:02, Adam Griffiths wrote:
> > Here is a transcript running without the &:
> >
> > [...]$ httpd -X -D SSL -D NONROOT
> >
> > [...]$
> >
> > I hit enter and get no error message and there is no error message in
the
> > log either...
> >
> > -Adam
> >
> > "Dan Trainor" <da...@cavecreek.net> wrote in message
> > news:1068033221.31076.22.camel@xserv.cavecreek.net...
> > > Try running that command without the &, it should exit with some sort
of
> > > error, or code.
> > >
> > > -dant
> > >
> > >
> > >
> > > On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > > > Hi,
> > > > I have been running apache httpd for over three years on a server
> > provided
> > > > to me by an ISP. The server automatically starts httpd from it's
> > /etc/rc.
> > > >
> > > > I have a login, but not root access, I can kill the httpd process
> > (killall
> > > > httpd) and I would like to be able to start it again, without
rebooting
> > my
> > > > server and having /etc/rc do the job. The reason for this is that I
need
> > to
> > > > do some debugging and I would like to be able to stop and start
httpd at
> > > > will from my non-root login account. However try as I might I can't
> > start
> > > > http at non-root.
> > > >
> > > > I am logging in using ssh, with my non-root account and attempting
to
> > start
> > > > httpd, here is an example of what happens:
> > > >
> > > > [...]$ httpd -X -D SSL -D NONROOT &
> > > > [1] 3548
> > > > [...]$
> > > > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > > > [...]$
> > > >
> > > > httpd exits! but no errors appear in the error log.
> > > >
> > > > I would be very grateful for any suggestions. My httpd.conf is
below.
> > > >
> > > > Kind Regards
> > > >
> > > > Adam
> > > >
> > >
> > > <--------------------- BIG 'OLE SNIP ------------------>
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: starting httpd as a non-root user
Posted by Dan Trainor <da...@cavecreek.net>.
apachectl configtest, rather. graveyard shift, sorry. heh.
-dant
On Wed, 2003-11-05 at 05:02, Adam Griffiths wrote:
> Here is a transcript running without the &:
>
> [...]$ httpd -X -D SSL -D NONROOT
>
> [...]$
>
> I hit enter and get no error message and there is no error message in the
> log either...
>
> -Adam
>
> "Dan Trainor" <da...@cavecreek.net> wrote in message
> news:1068033221.31076.22.camel@xserv.cavecreek.net...
> > Try running that command without the &, it should exit with some sort of
> > error, or code.
> >
> > -dant
> >
> >
> >
> > On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > > Hi,
> > > I have been running apache httpd for over three years on a server
> provided
> > > to me by an ISP. The server automatically starts httpd from it's
> /etc/rc.
> > >
> > > I have a login, but not root access, I can kill the httpd process
> (killall
> > > httpd) and I would like to be able to start it again, without rebooting
> my
> > > server and having /etc/rc do the job. The reason for this is that I need
> to
> > > do some debugging and I would like to be able to stop and start httpd at
> > > will from my non-root login account. However try as I might I can't
> start
> > > http at non-root.
> > >
> > > I am logging in using ssh, with my non-root account and attempting to
> start
> > > httpd, here is an example of what happens:
> > >
> > > [...]$ httpd -X -D SSL -D NONROOT &
> > > [1] 3548
> > > [...]$
> > > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > > [...]$
> > >
> > > httpd exits! but no errors appear in the error log.
> > >
> > > I would be very grateful for any suggestions. My httpd.conf is below.
> > >
> > > Kind Regards
> > >
> > > Adam
> > >
> >
> > <--------------------- BIG 'OLE SNIP ------------------>
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Re: starting httpd as a non-root user
Posted by Adam Griffiths <ne...@adam-griffiths.co.uk>.
A normal start-up of httpd (i.e via etc/rc and as root gives the error log
show bellow.
I noticed mention of suEXEC, could this be anything do with the problem,
i.e. when I'm trying to start as a non-root user might this conflict with
the suEXEC mechanism?
-Adam
[Wed Nov 5 12:37:40 2003] [info] created shared memory segment #802422829
[Wed Nov 5 12:37:40 2003] [notice] Apache/1.3.28 (Unix) (Red-Hat/Linux)
AxKit/1.62 mod_ssl/2.8.15 OpenSSL/0.9.7a mod_perl/1.26 config
ured -- resuming normal operations
[Wed Nov 5 12:37:40 2003] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Wed Nov 5 12:37:40 2003] [info] Server built: Aug 18 2003 12:10:52
[Wed Nov 5 12:37:40 2003] [notice] Accept mutex: flock (Default: flock)
"Adam Griffiths" <ne...@adam-griffiths.co.uk> wrote in message
news:boaqp2$tjc$1@sea.gmane.org...
> with:
> SSLLogLevel debug
> LogLevel debug
>
> I get nothing in error_log, and the follwoing in ssl_engine_log:
>
> [05/Nov/2003 12:29:16 17654] [info] Server: Apache/1.3.28, Interface:
> mod_ssl/2.8.15, Library: OpenSSL/0.9.7a
> [05/Nov/2003 12:29:16 17654] [info] Init: 1st startup round (still not
> detached)
> [05/Nov/2003 12:29:16 17654] [info] Init: Initializing OpenSSL library
> [05/Nov/2003 12:29:16 17654] [info] Init: Seeding PRNG with 136 bytes of
> entropy
> [05/Nov/2003 12:29:16 17654] [info] Init: Generating temporary RSA
private
> keys (512/1024 bits)
> [05/Nov/2003 12:29:16 17654] [info] Init: Configuring temporary DH
> parameters (512/1024 bits)
>
> The for each virtual host (my.domain)
>
> [05/Nov/2003 12:29:16 17654] [trace] Init: (my.domain:1234) Creating new
> proxy SSL context (protocols: SSLv2, SSLv3)
> [05/Nov/2003 12:29:16 17654] [trace] Init: (my.domain:1234) Configuring
> permitted SSL ciphers for SSL
>
>
> "Dan Trainor" <da...@cavecreek.net> wrote in message
> news:1068034548.31076.38.camel@xserv.cavecreek.net...
> > It might also be worth your while to change LogLevel to debug from warn
> > and try to fire it up. What about the SSL logs, do they show anything?
> >
> > -dant
> >
> >
> > On Wed, 2003-11-05 at 05:14, Adam Griffiths wrote:
> > > One more point, it also fails with:
> > >
> > > $ httpd -X -D NONROOT
> > >
> > > i.e. without the "-D SSL", which enables SSL. This is important
because
> ,as
> > > a non-root user, httpd would not be able to bind to the SSL port 443
(in
> > > fact with "-D SSL" it gives a message to this effect in the error
log).
> > >
> > > Anyway, my problem remains, the httpd process just exits with no error
> > > message and nothing in the log.
> > >
> > >
> > > "Adam Griffiths" <ne...@adam-griffiths.co.uk> wrote in message
> > > news:boaorn$o9k$1@sea.gmane.org...
> > > > Here is a transcript running without the &:
> > > >
> > > > [...]$ httpd -X -D SSL -D NONROOT
> > > >
> > > > [...]$
> > > >
> > > > I hit enter and get no error message and there is no error message
in
> the
> > > > log either...
> > > >
> > > > -Adam
> > > >
> > > > "Dan Trainor" <da...@cavecreek.net> wrote in message
> > > > news:1068033221.31076.22.camel@xserv.cavecreek.net...
> > > > > Try running that command without the &, it should exit with some
> sort of
> > > > > error, or code.
> > > > >
> > > > > -dant
> > > > >
> > > > >
> > > > >
> > > > > On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > > > > > Hi,
> > > > > > I have been running apache httpd for over three years on a
server
> > > > provided
> > > > > > to me by an ISP. The server automatically starts httpd from it's
> > > > /etc/rc.
> > > > > >
> > > > > > I have a login, but not root access, I can kill the httpd
process
> > > > (killall
> > > > > > httpd) and I would like to be able to start it again, without
> > > rebooting
> > > > my
> > > > > > server and having /etc/rc do the job. The reason for this is
that
> I
> > > need
> > > > to
> > > > > > do some debugging and I would like to be able to stop and start
> httpd
> > > at
> > > > > > will from my non-root login account. However try as I might I
> can't
> > > > start
> > > > > > http at non-root.
> > > > > >
> > > > > > I am logging in using ssh, with my non-root account and
attempting
> to
> > > > start
> > > > > > httpd, here is an example of what happens:
> > > > > >
> > > > > > [...]$ httpd -X -D SSL -D NONROOT &
> > > > > > [1] 3548
> > > > > > [...]$
> > > > > > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > > > > > [...]$
> > > > > >
> > > > > > httpd exits! but no errors appear in the error log.
> > > > > >
> > > > > > I would be very grateful for any suggestions. My httpd.conf is
> below.
> > > > > >
> > > > > > Kind Regards
> > > > > >
> > > > > > Adam
> > > > > >
> > > > >
> > > > > <--------------------- BIG 'OLE SNIP ------------------>
> > > > >
> > > > >
> > > > >
> > > >
> > ---------------------------------------------------------------------
> > > > > The official User-To-User support forum of the Apache HTTP Server
> > > Project.
> > > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > >
> > >
> ---------------------------------------------------------------------
> > > > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > > >
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Re: starting httpd as a non-root user
Posted by Adam Griffiths <ne...@adam-griffiths.co.uk>.
with:
SSLLogLevel debug
LogLevel debug
I get nothing in error_log, and the follwoing in ssl_engine_log:
[05/Nov/2003 12:29:16 17654] [info] Server: Apache/1.3.28, Interface:
mod_ssl/2.8.15, Library: OpenSSL/0.9.7a
[05/Nov/2003 12:29:16 17654] [info] Init: 1st startup round (still not
detached)
[05/Nov/2003 12:29:16 17654] [info] Init: Initializing OpenSSL library
[05/Nov/2003 12:29:16 17654] [info] Init: Seeding PRNG with 136 bytes of
entropy
[05/Nov/2003 12:29:16 17654] [info] Init: Generating temporary RSA private
keys (512/1024 bits)
[05/Nov/2003 12:29:16 17654] [info] Init: Configuring temporary DH
parameters (512/1024 bits)
The for each virtual host (my.domain)
[05/Nov/2003 12:29:16 17654] [trace] Init: (my.domain:1234) Creating new
proxy SSL context (protocols: SSLv2, SSLv3)
[05/Nov/2003 12:29:16 17654] [trace] Init: (my.domain:1234) Configuring
permitted SSL ciphers for SSL
"Dan Trainor" <da...@cavecreek.net> wrote in message
news:1068034548.31076.38.camel@xserv.cavecreek.net...
> It might also be worth your while to change LogLevel to debug from warn
> and try to fire it up. What about the SSL logs, do they show anything?
>
> -dant
>
>
> On Wed, 2003-11-05 at 05:14, Adam Griffiths wrote:
> > One more point, it also fails with:
> >
> > $ httpd -X -D NONROOT
> >
> > i.e. without the "-D SSL", which enables SSL. This is important because
,as
> > a non-root user, httpd would not be able to bind to the SSL port 443 (in
> > fact with "-D SSL" it gives a message to this effect in the error log).
> >
> > Anyway, my problem remains, the httpd process just exits with no error
> > message and nothing in the log.
> >
> >
> > "Adam Griffiths" <ne...@adam-griffiths.co.uk> wrote in message
> > news:boaorn$o9k$1@sea.gmane.org...
> > > Here is a transcript running without the &:
> > >
> > > [...]$ httpd -X -D SSL -D NONROOT
> > >
> > > [...]$
> > >
> > > I hit enter and get no error message and there is no error message in
the
> > > log either...
> > >
> > > -Adam
> > >
> > > "Dan Trainor" <da...@cavecreek.net> wrote in message
> > > news:1068033221.31076.22.camel@xserv.cavecreek.net...
> > > > Try running that command without the &, it should exit with some
sort of
> > > > error, or code.
> > > >
> > > > -dant
> > > >
> > > >
> > > >
> > > > On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > > > > Hi,
> > > > > I have been running apache httpd for over three years on a server
> > > provided
> > > > > to me by an ISP. The server automatically starts httpd from it's
> > > /etc/rc.
> > > > >
> > > > > I have a login, but not root access, I can kill the httpd process
> > > (killall
> > > > > httpd) and I would like to be able to start it again, without
> > rebooting
> > > my
> > > > > server and having /etc/rc do the job. The reason for this is that
I
> > need
> > > to
> > > > > do some debugging and I would like to be able to stop and start
httpd
> > at
> > > > > will from my non-root login account. However try as I might I
can't
> > > start
> > > > > http at non-root.
> > > > >
> > > > > I am logging in using ssh, with my non-root account and attempting
to
> > > start
> > > > > httpd, here is an example of what happens:
> > > > >
> > > > > [...]$ httpd -X -D SSL -D NONROOT &
> > > > > [1] 3548
> > > > > [...]$
> > > > > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > > > > [...]$
> > > > >
> > > > > httpd exits! but no errors appear in the error log.
> > > > >
> > > > > I would be very grateful for any suggestions. My httpd.conf is
below.
> > > > >
> > > > > Kind Regards
> > > > >
> > > > > Adam
> > > > >
> > > >
> > > > <--------------------- BIG 'OLE SNIP ------------------>
> > > >
> > > >
> > > >
> > >
> ---------------------------------------------------------------------
> > > > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > > >
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: starting httpd as a non-root user
Posted by Dan Trainor <da...@cavecreek.net>.
It might also be worth your while to change LogLevel to debug from warn
and try to fire it up. What about the SSL logs, do they show anything?
-dant
On Wed, 2003-11-05 at 05:14, Adam Griffiths wrote:
> One more point, it also fails with:
>
> $ httpd -X -D NONROOT
>
> i.e. without the "-D SSL", which enables SSL. This is important because ,as
> a non-root user, httpd would not be able to bind to the SSL port 443 (in
> fact with "-D SSL" it gives a message to this effect in the error log).
>
> Anyway, my problem remains, the httpd process just exits with no error
> message and nothing in the log.
>
>
> "Adam Griffiths" <ne...@adam-griffiths.co.uk> wrote in message
> news:boaorn$o9k$1@sea.gmane.org...
> > Here is a transcript running without the &:
> >
> > [...]$ httpd -X -D SSL -D NONROOT
> >
> > [...]$
> >
> > I hit enter and get no error message and there is no error message in the
> > log either...
> >
> > -Adam
> >
> > "Dan Trainor" <da...@cavecreek.net> wrote in message
> > news:1068033221.31076.22.camel@xserv.cavecreek.net...
> > > Try running that command without the &, it should exit with some sort of
> > > error, or code.
> > >
> > > -dant
> > >
> > >
> > >
> > > On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > > > Hi,
> > > > I have been running apache httpd for over three years on a server
> > provided
> > > > to me by an ISP. The server automatically starts httpd from it's
> > /etc/rc.
> > > >
> > > > I have a login, but not root access, I can kill the httpd process
> > (killall
> > > > httpd) and I would like to be able to start it again, without
> rebooting
> > my
> > > > server and having /etc/rc do the job. The reason for this is that I
> need
> > to
> > > > do some debugging and I would like to be able to stop and start httpd
> at
> > > > will from my non-root login account. However try as I might I can't
> > start
> > > > http at non-root.
> > > >
> > > > I am logging in using ssh, with my non-root account and attempting to
> > start
> > > > httpd, here is an example of what happens:
> > > >
> > > > [...]$ httpd -X -D SSL -D NONROOT &
> > > > [1] 3548
> > > > [...]$
> > > > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > > > [...]$
> > > >
> > > > httpd exits! but no errors appear in the error log.
> > > >
> > > > I would be very grateful for any suggestions. My httpd.conf is below.
> > > >
> > > > Kind Regards
> > > >
> > > > Adam
> > > >
> > >
> > > <--------------------- BIG 'OLE SNIP ------------------>
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: starting httpd as a non-root user
Posted by Adam Griffiths <ne...@adam-griffiths.co.uk>.
One more point, it also fails with:
$ httpd -X -D NONROOT
i.e. without the "-D SSL", which enables SSL. This is important because ,as
a non-root user, httpd would not be able to bind to the SSL port 443 (in
fact with "-D SSL" it gives a message to this effect in the error log).
Anyway, my problem remains, the httpd process just exits with no error
message and nothing in the log.
"Adam Griffiths" <ne...@adam-griffiths.co.uk> wrote in message
news:boaorn$o9k$1@sea.gmane.org...
> Here is a transcript running without the &:
>
> [...]$ httpd -X -D SSL -D NONROOT
>
> [...]$
>
> I hit enter and get no error message and there is no error message in the
> log either...
>
> -Adam
>
> "Dan Trainor" <da...@cavecreek.net> wrote in message
> news:1068033221.31076.22.camel@xserv.cavecreek.net...
> > Try running that command without the &, it should exit with some sort of
> > error, or code.
> >
> > -dant
> >
> >
> >
> > On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > > Hi,
> > > I have been running apache httpd for over three years on a server
> provided
> > > to me by an ISP. The server automatically starts httpd from it's
> /etc/rc.
> > >
> > > I have a login, but not root access, I can kill the httpd process
> (killall
> > > httpd) and I would like to be able to start it again, without
rebooting
> my
> > > server and having /etc/rc do the job. The reason for this is that I
need
> to
> > > do some debugging and I would like to be able to stop and start httpd
at
> > > will from my non-root login account. However try as I might I can't
> start
> > > http at non-root.
> > >
> > > I am logging in using ssh, with my non-root account and attempting to
> start
> > > httpd, here is an example of what happens:
> > >
> > > [...]$ httpd -X -D SSL -D NONROOT &
> > > [1] 3548
> > > [...]$
> > > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > > [...]$
> > >
> > > httpd exits! but no errors appear in the error log.
> > >
> > > I would be very grateful for any suggestions. My httpd.conf is below.
> > >
> > > Kind Regards
> > >
> > > Adam
> > >
> >
> > <--------------------- BIG 'OLE SNIP ------------------>
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: starting httpd as a non-root user
Posted by Dan Trainor <da...@cavecreek.net>.
What if you were to run apachectl configcheck, does that come back with
any errors, or does it report 'Syntax OK'?
-dant
On Wed, 2003-11-05 at 05:02, Adam Griffiths wrote:
> Here is a transcript running without the &:
>
> [...]$ httpd -X -D SSL -D NONROOT
>
> [...]$
>
> I hit enter and get no error message and there is no error message in the
> log either...
>
> -Adam
>
> "Dan Trainor" <da...@cavecreek.net> wrote in message
> news:1068033221.31076.22.camel@xserv.cavecreek.net...
> > Try running that command without the &, it should exit with some sort of
> > error, or code.
> >
> > -dant
> >
> >
> >
> > On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > > Hi,
> > > I have been running apache httpd for over three years on a server
> provided
> > > to me by an ISP. The server automatically starts httpd from it's
> /etc/rc.
> > >
> > > I have a login, but not root access, I can kill the httpd process
> (killall
> > > httpd) and I would like to be able to start it again, without rebooting
> my
> > > server and having /etc/rc do the job. The reason for this is that I need
> to
> > > do some debugging and I would like to be able to stop and start httpd at
> > > will from my non-root login account. However try as I might I can't
> start
> > > http at non-root.
> > >
> > > I am logging in using ssh, with my non-root account and attempting to
> start
> > > httpd, here is an example of what happens:
> > >
> > > [...]$ httpd -X -D SSL -D NONROOT &
> > > [1] 3548
> > > [...]$
> > > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > > [...]$
> > >
> > > httpd exits! but no errors appear in the error log.
> > >
> > > I would be very grateful for any suggestions. My httpd.conf is below.
> > >
> > > Kind Regards
> > >
> > > Adam
> > >
> >
> > <--------------------- BIG 'OLE SNIP ------------------>
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: starting httpd as a non-root user
Posted by Adam Griffiths <ne...@adam-griffiths.co.uk>.
Here is a transcript running without the &:
[...]$ httpd -X -D SSL -D NONROOT
[...]$
I hit enter and get no error message and there is no error message in the
log either...
-Adam
"Dan Trainor" <da...@cavecreek.net> wrote in message
news:1068033221.31076.22.camel@xserv.cavecreek.net...
> Try running that command without the &, it should exit with some sort of
> error, or code.
>
> -dant
>
>
>
> On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> > Hi,
> > I have been running apache httpd for over three years on a server
provided
> > to me by an ISP. The server automatically starts httpd from it's
/etc/rc.
> >
> > I have a login, but not root access, I can kill the httpd process
(killall
> > httpd) and I would like to be able to start it again, without rebooting
my
> > server and having /etc/rc do the job. The reason for this is that I need
to
> > do some debugging and I would like to be able to stop and start httpd at
> > will from my non-root login account. However try as I might I can't
start
> > http at non-root.
> >
> > I am logging in using ssh, with my non-root account and attempting to
start
> > httpd, here is an example of what happens:
> >
> > [...]$ httpd -X -D SSL -D NONROOT &
> > [1] 3548
> > [...]$
> > [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> > [...]$
> >
> > httpd exits! but no errors appear in the error log.
> >
> > I would be very grateful for any suggestions. My httpd.conf is below.
> >
> > Kind Regards
> >
> > Adam
> >
>
> <--------------------- BIG 'OLE SNIP ------------------>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] starting httpd as a non-root user
Posted by Dan Trainor <da...@cavecreek.net>.
Try running that command without the &, it should exit with some sort of
error, or code.
-dant
On Wed, 2003-11-05 at 04:46, Adam Griffiths wrote:
> Hi,
> I have been running apache httpd for over three years on a server provided
> to me by an ISP. The server automatically starts httpd from it's /etc/rc.
>
> I have a login, but not root access, I can kill the httpd process (killall
> httpd) and I would like to be able to start it again, without rebooting my
> server and having /etc/rc do the job. The reason for this is that I need to
> do some debugging and I would like to be able to stop and start httpd at
> will from my non-root login account. However try as I might I can't start
> http at non-root.
>
> I am logging in using ssh, with my non-root account and attempting to start
> httpd, here is an example of what happens:
>
> [...]$ httpd -X -D SSL -D NONROOT &
> [1] 3548
> [...]$
> [1]+ Exit 1 httpd -X -D SSL -D NONROOT
> [...]$
>
> httpd exits! but no errors appear in the error log.
>
> I would be very grateful for any suggestions. My httpd.conf is below.
>
> Kind Regards
>
> Adam
>
<--------------------- BIG 'OLE SNIP ------------------>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Re: starting httpd as a non-root user
Posted by Adam Griffiths <ne...@adam-griffiths.co.uk>.
Thanks Brian
I managed to get a cut down version of my server started as non-root,
without most of my virtual host and with out SSL. It was therefore without
many of the logfiles, one of which must of been causing the error. It was
odd to have apache httpd quit without giving an error message, it mad it
difficult to find the problem.
Regards
Adam
"Brian Dessent" <br...@dessent.net> wrote in message
news:3FA971AF.F3845A7D@dessent.net...
> Adam Griffiths wrote:
> >
> > Thanks for your suggestions, however, I do have Apache is listening
> > exclusively on ports >1024. If I try to start apache listening to a
lower
> > port I get an error message when starting it from a non-root user. So
I'm
> > starting apache listening on port 1234 and my problem is that it exits
with
> > no error message.
>
> In that case it sounds to me like it might be a problem switching to the
> user context to the Apache user and group, or something to do with the
> ownership of the logfiles and/or .pid file and/or the directories that
> contain them.
>
> Perhaps instead of trying to get this to start as a non-root user, just
> let it start up as normal from the rc scripts, and then to restart it
> use something like:
>
> kill -HUP `cat /var/run/httpd.pid`
>
> This does the same as "apachectl graceful", it sends a signal to httpd
> telling it to kill any idle workers and reinitialize and reread
> httpd.conf (but it doesn't actually stop and restart per se.) You'd
> have to substitute the actual path of the .pid file, and I'm not sure
> how Unix permissions work here... Specifically, I think only the
> superuser can send signals to processes owned by a different user. In
> that case this may not work, but perhaps you could have Apache running
> as your login user ID and group, via the User and Group settings in
> httpd.conf. I don't know if that would break other things, though. And
> even if it didn't the Apache controller process is still running as root
> AFAIK so to send it a signal you'd need to be root. Sigh. I just don't
> think Apache was designed for this kind of use. I'd seriously look into
> getting sudo installed for this instead, it seems like the cleanest
> solution.
>
> Brian
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: starting httpd as a non-root user
Posted by Brian Dessent <br...@dessent.net>.
Adam Griffiths wrote:
>
> Thanks for your suggestions, however, I do have Apache is listening
> exclusively on ports >1024. If I try to start apache listening to a lower
> port I get an error message when starting it from a non-root user. So I'm
> starting apache listening on port 1234 and my problem is that it exits with
> no error message.
In that case it sounds to me like it might be a problem switching to the
user context to the Apache user and group, or something to do with the
ownership of the logfiles and/or .pid file and/or the directories that
contain them.
Perhaps instead of trying to get this to start as a non-root user, just
let it start up as normal from the rc scripts, and then to restart it
use something like:
kill -HUP `cat /var/run/httpd.pid`
This does the same as "apachectl graceful", it sends a signal to httpd
telling it to kill any idle workers and reinitialize and reread
httpd.conf (but it doesn't actually stop and restart per se.) You'd
have to substitute the actual path of the .pid file, and I'm not sure
how Unix permissions work here... Specifically, I think only the
superuser can send signals to processes owned by a different user. In
that case this may not work, but perhaps you could have Apache running
as your login user ID and group, via the User and Group settings in
httpd.conf. I don't know if that would break other things, though. And
even if it didn't the Apache controller process is still running as root
AFAIK so to send it a signal you'd need to be root. Sigh. I just don't
think Apache was designed for this kind of use. I'd seriously look into
getting sudo installed for this instead, it seems like the cleanest
solution.
Brian
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: starting httpd as a non-root user
Posted by Adam Griffiths <ne...@adam-griffiths.co.uk>.
Thanks for your suggestions, however, I do have Apache is listening
exclusively on ports >1024. If I try to start apache listening to a lower
port I get an error message when starting it from a non-root user. So I'm
starting apache listening on port 1234 and my problem is that it exits with
no error message.
"Gustavo A. Baratto" <gb...@superb.net> wrote in message
news:00d401c3a3d7$786d9710$9c01a8c0@chivas...
> or ask your ISP to forward 80 to an unprivileged port (>1024), then you
make
> apache to listen to the unpriviliged port
>
> This can be done easily if you have a custom kernel in bsd... don't know
the
> other OSes
>
> ----- Original Message -----
> From: "Brian Dessent" <br...@dessent.net>
> To: <us...@httpd.apache.org>
> Sent: Wednesday, November 05, 2003 11:56 AM
> Subject: Re: [users@httpd] starting httpd as a non-root user
>
>
> > Adam Griffiths wrote:
> >
> > > I have been running apache httpd for over three years on a server
> provided
> > > to me by an ISP. The server automatically starts httpd from it's
> /etc/rc.
> > >
> > > I have a login, but not root access, I can kill the httpd process
> (killall
> > > httpd) and I would like to be able to start it again, without
rebooting
> my
> > > server and having /etc/rc do the job. The reason for this is that I
need
> to
> > > do some debugging and I would like to be able to stop and start httpd
at
> > > will from my non-root login account. However try as I might I can't
> start
> > > http at non-root.
> >
> > Unless Apache is listening exclusively on ports >1024, you will require
> > root privileges to start. That's just a fact of the design of Unix; the
> > superuser is the only one that can bind to the lower ports. Apache
> > starts as root because of this and then switches to a non-privileged
> > account.
> >
> > You might want to try to get your ISP's sysadmin to install sudo, which
> > allows normal users to run certain commands as root, with very fine
> > controls over what's allowed.
> >
> > Brian
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] starting httpd as a non-root user
Posted by "Gustavo A. Baratto" <gb...@superb.net>.
or ask your ISP to forward 80 to an unprivileged port (>1024), then you make
apache to listen to the unpriviliged port
This can be done easily if you have a custom kernel in bsd... don't know the
other OSes
----- Original Message -----
From: "Brian Dessent" <br...@dessent.net>
To: <us...@httpd.apache.org>
Sent: Wednesday, November 05, 2003 11:56 AM
Subject: Re: [users@httpd] starting httpd as a non-root user
> Adam Griffiths wrote:
>
> > I have been running apache httpd for over three years on a server
provided
> > to me by an ISP. The server automatically starts httpd from it's
/etc/rc.
> >
> > I have a login, but not root access, I can kill the httpd process
(killall
> > httpd) and I would like to be able to start it again, without rebooting
my
> > server and having /etc/rc do the job. The reason for this is that I need
to
> > do some debugging and I would like to be able to stop and start httpd at
> > will from my non-root login account. However try as I might I can't
start
> > http at non-root.
>
> Unless Apache is listening exclusively on ports >1024, you will require
> root privileges to start. That's just a fact of the design of Unix; the
> superuser is the only one that can bind to the lower ports. Apache
> starts as root because of this and then switches to a non-privileged
> account.
>
> You might want to try to get your ISP's sysadmin to install sudo, which
> allows normal users to run certain commands as root, with very fine
> controls over what's allowed.
>
> Brian
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] starting httpd as a non-root user
Posted by Brian Dessent <br...@dessent.net>.
Adam Griffiths wrote:
> I have been running apache httpd for over three years on a server provided
> to me by an ISP. The server automatically starts httpd from it's /etc/rc.
>
> I have a login, but not root access, I can kill the httpd process (killall
> httpd) and I would like to be able to start it again, without rebooting my
> server and having /etc/rc do the job. The reason for this is that I need to
> do some debugging and I would like to be able to stop and start httpd at
> will from my non-root login account. However try as I might I can't start
> http at non-root.
Unless Apache is listening exclusively on ports >1024, you will require
root privileges to start. That's just a fact of the design of Unix; the
superuser is the only one that can bind to the lower ports. Apache
starts as root because of this and then switches to a non-privileged
account.
You might want to try to get your ISP's sysadmin to install sudo, which
allows normal users to run certain commands as root, with very fine
controls over what's allowed.
Brian
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org