Howdy. I'm new to the list as of this morning.
Yesterday I met Brian Behlendorf here in Ottawa/Canada. I told him I did some
work on suexec.c
to make it work with the Solaris 9 resource manager. He suggested that this may
be worth
sending in as a patch. So here it is. It is worth emphasizing again that this
code is only
valid for Solaris 9 and will work on the newer Solaris releases as well
according to our local
Sun SE. The code in suexec.c is heavy in logging. Obviously this should be
removed.
To make it work, I changed the log entry in http_main.c, the makefile in
src/support and
suexec.c. Below is my patch created from a Solaris 9 system, using a context
diff.
Cheers
> *** src/main/http_main.c.orig Thu Feb 20 16:08:51 2003
> --- src/main/http_main.c Fri May 9 11:01:07 2003
> ***************
> *** 5112,5118 ****
> if (ap_suexec_enabled) {
> ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, server_conf,
> "suEXEC mechanism enabled (wrapper: %s)",
SUEXEC_BIN);
> ! }
> ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, server_conf,
> "Server built: %s", ap_get_server_built());
> ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, server_conf,
> --- 5112,5123 ----
> if (ap_suexec_enabled) {
> ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, server_conf,
> "suEXEC mechanism enabled (wrapper: %s)",
SUEXEC_BIN);
> !
> ! ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, server_conf,
> ! "%s starting with SRM functionality",
> ! ap_get_server_version());
> ! }
> !
> ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, server_conf,
> "Server built: %s", ap_get_server_built());
> ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, server_conf,
> *** Makefile.orig Fri May 9 10:51:58 2003
> --- Makefile Fri May 9 09:49:05 2003
> ***************
> *** 59,64 ****
> --- 59,65 ----
> LIBS=-lm -lap -los $(EXTRA_LIBS) $(LIBS1)
> INCLUDES=$(INCLUDES1) $(INCLUDES0) $(EXTRA_INCLUDES)
> LDFLAGS=$(LDFLAGS1) $(EXTRA_LDFLAGS) -L$(OSDIR) -L$(SRCDIR)/ap
> + LDFLAGS_SUEXEC=$(LDFLAGS1) $(EXTRA_LDFLAGS) -L$(OSDIR) -L$(SRCDIR)/ap
-lproject
>
> TARGETS=htpasswd htdigest rotatelogs logresolve ab apxs checkgid
>
> ***************
> *** 98,104 ****
> -e 's%@LIBS_SHLIB@%$(LIBS_SHLIB)%g' && chmod a+x apxs
>
> suexec: suexec.o
> ! $(CC) $(CFLAGS) -o suexec $(LDFLAGS) suexec.o $(LIBS)
>
> clean:
> rm -f $(TARGETS) *.o
> --- 99,105 ----
> -e 's%@LIBS_SHLIB@%$(LIBS_SHLIB)%g' && chmod a+x apxs
>
> suexec: suexec.o
> ! $(CC) $(CFLAGS) -o suexec $(LDFLAGS_SUEXEC) suexec.o $(LIBS)
>
> clean:
> rm -f $(TARGETS) *.o
> *** suexec.c.orig Thu Feb 20 12:01:08 2003
> --- suexec.c Fri May 9 10:38:13 2003
> ***************
> *** 93,98 ****
> --- 93,100 ----
>
> #include "suexec.h"
>
> + #include <project.h>
> +
> /*
> ***********************************************************************
> * There is no initgroups() in QNX, so I believe this is safe :-)
> ***************
> *** 263,268 ****
> --- 265,274 ----
> char *cmd; /* command to be executed */
> char cwd[AP_MAXPATH]; /* current working directory */
> char dwd[AP_MAXPATH]; /* docroot working directory */
> + char buf[500]; /* buffer */
> + char projbuf[PROJNAME_MAX]; /* maximum project name size */
> + char cgi[256]; /* name of cgi */
> + struct project pj_ptr; /* project entry holder */
> struct passwd *pw; /* password entry holder */
> struct group *gr; /* group entry holder */
> struct stat dir_info; /* directory info holder */
> ***************
> *** 617,633 ****
> ap_execve(cmd, &argv[3], environ);
> }
> #else /*NEED_HASHBANG_EMUL*/
> - execv(cmd, &argv[3]);
> - #endif /*NEED_HASHBANG_EMUL*/
>
> ! /*
> ! * (I can't help myself...sorry.)
> ! *
> ! * Uh oh. Still here. Where's the kaboom? There was supposed to be an
> ! * EARTH-shattering kaboom!
> ! *
> ! * Oh well, log the failure and error out.
> ! */
> ! log_err("emerg: (%d)%s: exec failed (%s)\n", errno, strerror(errno),
cmd);
> ! exit(255);
> }
> --- 623,671 ----
> ap_execve(cmd, &argv[3], environ);
> }
> #else /*NEED_HASHBANG_EMUL*/
>
> ! /* use target_uname to setup the project */
> !
> ! sprintf(projbuf,"user.%s",target_uname);
> ! snprintf(cgi,sizeof(cmd),"./%s",cmd);
> !
> ! /* Have to make SURE the project exists. If user.username doesn't exist
> ! * then set the project to the default project name. If that doesn't exist
> ! * either, then execute the SSI or CGI with no SRM functionality and log
it.
> ! */
> !
> ! if (getprojbyname(projbuf,&pj_ptr,buf,sizeof(buf)) == NULL ) {
> !
> ! log_err("emerg: project (%s) doesn't exist. Correct httpd.conf
entry!\n",projbuf);
> ! sprintf(projbuf,"default");
> !
> ! if (getprojbyname(projbuf,&pj_ptr,buf,sizeof(buf)) == NULL ) {
> !
> ! log_err("emerg: default project missing, executing without SRM
functionality\n");
> ! if (execl(cgi,cgi,(char *) 0) < 0) {
> ! log_err("crit: execl failed\n");
> ! exit(255);
> ! }
> ! }
> ! else { /* If default project exists, log it and run cgi */
> !
> ! log_err("emerg: using default project\n");
> ! log_err("notice: execing (%s) uid %d project %s\n",cgi,uid,projbuf);
> ! if (execl("/bin/newtask","newtask","-l","-p",projbuf,cgi,(char *) 0)
< 0) {
> ! log_err("crit: execl failed\n");
> ! exit(255);
> ! }
> ! }
> ! }
> ! else {
> ! /* user.default project exists, execute it! */
> !
> ! log_err("notice: execing (%s) uid %d project %s\n",cgi,uid,projbuf);
> ! if (execl("/bin/newtask","newtask","-l","-p",projbuf,cgi,(char *) 0) < 0)
{
> ! log_err("crit: execl failed\n");
> ! exit(255);
> ! }
> ! }
> !
> ! #endif /*NEED_HASHBANG_EMUL*/
> }
--
Rocke Robertson
NCS/GTIS/PWGSC
700 Montreal Rd.
Rocker@...
(613) 748-4604
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
Send Email