Date: Fri, 12 Mar 2010 10:52:17 -0300 From: Diego Schulz <dschulz@gmail.com> To: Michiel van Es <mve@pcintelligence.nl> Cc: ports@freebsd.org, cherokee@lists.octality.com, Alvaro Lopez Ortega <alvaro@octality.com> Subject: Re: [Cherokee] Cherokee Web Server version in ports tree Message-ID: <47dcfe401003120552u6a095159u541ce9137a54bb3d@mail.gmail.com> In-Reply-To: <4B9A4322.9020506@pcintelligence.nl> References: <47dcfe401003091402m624734a7s732bc8df323ed365@mail.gmail.com> <7be7a2801003091434pd1e341v7d7d9758a5e361c1@mail.gmail.com> <47dcfe401003111548r71bfb6b1hcc38efd96510d849@mail.gmail.com> <4AA5768D-1916-47EB-8A1A-A9B30A33AA42@octality.com> <47dcfe401003120430r565474b9hb085cde4d833a0d6@mail.gmail.com> <5856DABC-3809-4990-A7B6-D636A8C5DD84@octality.com> <4B9A393D.7070100@pcintelligence.nl> <47dcfe401003120533m1422918ds30ed7acfb64f2931@mail.gmail.com> <4B9A4322.9020506@pcintelligence.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Mar 12, 2010 at 10:35 AM, Michiel van Es <mve@pcintelligence.nl> wr= ote: > > > -------- Original Message -------- > Subject: Re: [Cherokee] Cherokee Web Server version in ports tree > From: Diego Schulz <dschulz@gmail.com> > To: Michiel van Es <mve@pcintelligence.nl> > Date: 03/12/2010 02:33 PM > >> On Fri, Mar 12, 2010 at 9:53 AM, Michiel van Es<mve@pcintelligence.nl> >> =A0wrote: >>> >>> Hi, >>> >>> I don't know if it is a problem but I also found out that the install >>> does >>> not create a cherokee user on freebsd and that cherokee is running as >>> root >>> default on freebsd... >> >> Yes, I noticed that too. I also changed the user manually from the >> admin interface. >> > > I tried that too but cherokee won't start with a fresh created cherokee u= ser > or the www user. > The error: > Could not access file descriptors: [3] > Probably you'll need to set proper permissions on log files and rrds directory (if you installed cherokee with rrdtool functionality). Also don't forget to chown to www:www the document_root. But yes, this clearly needs to be improved in the port. I'll try adding a config flag 'Run as www user' in the port's Makefile so the configure script is run with --with-wwwuser=3Dwww --with-wwwgroup=3Dwww before compiling. >>> Security wise it does not sound as a good idea to let it run as root ;) >>> (I know I can change it manually but it would be nice that the installe= r >>> installs the cherokee user and set the permissions right and then start= up >>> as >>> cherokee user). >> >> I think it would be easier to reuse the standard www user (already >> registered in ports/UIDs and ports/GIDs, >> instead of creating a 'cherokee:cherokee' user/group. Please note that >> www:www user/group has nothing apache specific. >> Reusing www:www may be a concern when running apache and cherokee in >> the same installation, though. >> Who needs Apache anyway? ;) > > Nobody wants apache nowadays (although I really want the webdav > functionality ;) ) > But changing the user from cherokee to www did not help..only root helps = :( > > Michiel > >> >> >>> >>> Kind regards, >>> >>> Michiel >>> >> >> regards, >> >> diego >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47dcfe401003120552u6a095159u541ce9137a54bb3d>