Solved

How can I start the apache with specific user account?

Posted on 2002-03-06
6
260 Views
Last Modified: 2010-03-04
Hi,
   I want to start the apache service on UNIX platform with specific user, e.g "root".  How can I set it?  Thanks
0
Comment
Question by:HenryChang
6 Comments
 
LVL 1

Expert Comment

by:johnnyp
ID: 6844119
I am pretty certain that the first instance of httpd will always run as root.  The other 4 httpd processes,
unless you changed the value of StartServers in your httpd.conf file, will run as the user you have
specified in the httpd.conf (defaults to nobody).

Have you compiled apache from source or are you using an RPM?  If source, check ./configure --help there
may be an option to set the username to run apache as.  I can't remember as its been a while since I
compiled from source.
0
 
LVL 2

Expert Comment

by:mhonomichl
ID: 6846173
Any port below 1024 (eg 80 for http) has to be run by root.  Apache runs it's master process as root, then spawns the rest of the process based on what is specified in the httpd.conf file as user and group.  You never want to run it as root completely, otherwise people can do some nasty things to the server.

Now, if you are just talking about starting the process (not how it runs), it has to be started as root because of the 1024 issue.  If you are looking to let another user be able to start it without giving them access to root, the best way to do it is with sudo.
0
 
LVL 15

Accepted Solution

by:
samri earned 100 total points
ID: 6846362
I tried to simulate with no success.

1. Upack apachec tarball, and run the configure scrips;

./configure --server-uid=root --server-gid=root

2. make, and make install.  Still does not work.
Apache still complains to add the following entry to EXTRA_CFLASG -DBIG_SECURITY_HOLE

3. I added the following -DBIG_SECURITY_HOLE to every,
EXTRA_CFLAGS in every Makefile I found.

4.  Compile, and make install.

5.  Make sure your httpd.conf has the right user/grou in it's User/Group Directive (root/root).

Ttry to start it.  And voila.  all httpd should be running by root now.

And you have be warned, running Apache as root is a BIG mistake.

I wonder why you still require the server to run as root.  If we could offer a better alternative to
that.

good luck
0
 
LVL 15

Expert Comment

by:samri
ID: 6928091
HenryChang,

Does any of our proposed solution works, or are you still tweaking your Apache?

cheers.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 9681914
No comment has been added lately, so it's time to clean up this TA.

I will leave a recommendation in the Cleanup topic area with the following recommendation for this question:

Answered by Samri

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

periwinkle
EE Cleanup Volunteer
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question