Solved

How can I start the apache with specific user account?

Posted on 2002-03-06
6
255 Views
Last Modified: 2010-03-04
Hi,
   I want to start the apache service on UNIX platform with specific user, e.g "root".  How can I set it?  Thanks
0
Comment
Question by:HenryChang
6 Comments
 
LVL 1

Expert Comment

by:johnnyp
ID: 6844119
I am pretty certain that the first instance of httpd will always run as root.  The other 4 httpd processes,
unless you changed the value of StartServers in your httpd.conf file, will run as the user you have
specified in the httpd.conf (defaults to nobody).

Have you compiled apache from source or are you using an RPM?  If source, check ./configure --help there
may be an option to set the username to run apache as.  I can't remember as its been a while since I
compiled from source.
0
 
LVL 2

Expert Comment

by:mhonomichl
ID: 6846173
Any port below 1024 (eg 80 for http) has to be run by root.  Apache runs it's master process as root, then spawns the rest of the process based on what is specified in the httpd.conf file as user and group.  You never want to run it as root completely, otherwise people can do some nasty things to the server.

Now, if you are just talking about starting the process (not how it runs), it has to be started as root because of the 1024 issue.  If you are looking to let another user be able to start it without giving them access to root, the best way to do it is with sudo.
0
 
LVL 15

Accepted Solution

by:
samri earned 100 total points
ID: 6846362
I tried to simulate with no success.

1. Upack apachec tarball, and run the configure scrips;

./configure --server-uid=root --server-gid=root

2. make, and make install.  Still does not work.
Apache still complains to add the following entry to EXTRA_CFLASG -DBIG_SECURITY_HOLE

3. I added the following -DBIG_SECURITY_HOLE to every,
EXTRA_CFLAGS in every Makefile I found.

4.  Compile, and make install.

5.  Make sure your httpd.conf has the right user/grou in it's User/Group Directive (root/root).

Ttry to start it.  And voila.  all httpd should be running by root now.

And you have be warned, running Apache as root is a BIG mistake.

I wonder why you still require the server to run as root.  If we could offer a better alternative to
that.

good luck
0
 
LVL 15

Expert Comment

by:samri
ID: 6928091
HenryChang,

Does any of our proposed solution works, or are you still tweaking your Apache?

cheers.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 9681914
No comment has been added lately, so it's time to clean up this TA.

I will leave a recommendation in the Cleanup topic area with the following recommendation for this question:

Answered by Samri

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

periwinkle
EE Cleanup Volunteer
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now