Solved

How can I start the apache with specific user account?

Posted on 2002-03-06
6
263 Views
Last Modified: 2010-03-04
Hi,
   I want to start the apache service on UNIX platform with specific user, e.g "root".  How can I set it?  Thanks
0
Comment
Question by:HenryChang
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 1

Expert Comment

by:johnnyp
ID: 6844119
I am pretty certain that the first instance of httpd will always run as root.  The other 4 httpd processes,
unless you changed the value of StartServers in your httpd.conf file, will run as the user you have
specified in the httpd.conf (defaults to nobody).

Have you compiled apache from source or are you using an RPM?  If source, check ./configure --help there
may be an option to set the username to run apache as.  I can't remember as its been a while since I
compiled from source.
0
 
LVL 2

Expert Comment

by:mhonomichl
ID: 6846173
Any port below 1024 (eg 80 for http) has to be run by root.  Apache runs it's master process as root, then spawns the rest of the process based on what is specified in the httpd.conf file as user and group.  You never want to run it as root completely, otherwise people can do some nasty things to the server.

Now, if you are just talking about starting the process (not how it runs), it has to be started as root because of the 1024 issue.  If you are looking to let another user be able to start it without giving them access to root, the best way to do it is with sudo.
0
 
LVL 15

Accepted Solution

by:
samri earned 100 total points
ID: 6846362
I tried to simulate with no success.

1. Upack apachec tarball, and run the configure scrips;

./configure --server-uid=root --server-gid=root

2. make, and make install.  Still does not work.
Apache still complains to add the following entry to EXTRA_CFLASG -DBIG_SECURITY_HOLE

3. I added the following -DBIG_SECURITY_HOLE to every,
EXTRA_CFLAGS in every Makefile I found.

4.  Compile, and make install.

5.  Make sure your httpd.conf has the right user/grou in it's User/Group Directive (root/root).

Ttry to start it.  And voila.  all httpd should be running by root now.

And you have be warned, running Apache as root is a BIG mistake.

I wonder why you still require the server to run as root.  If we could offer a better alternative to
that.

good luck
0
 
LVL 15

Expert Comment

by:samri
ID: 6928091
HenryChang,

Does any of our proposed solution works, or are you still tweaking your Apache?

cheers.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 9681914
No comment has been added lately, so it's time to clean up this TA.

I will leave a recommendation in the Cleanup topic area with the following recommendation for this question:

Answered by Samri

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

periwinkle
EE Cleanup Volunteer
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question