Date: Thu, 23 Oct 1997 14:42:27 -0500 From: "Scot W. Hetzel" <hetzels@aol.com> To: "FreeBSD Ports" <ports@freebsd.org>, "FreeBSD ISP" <isp@freebsd.org> Subject: Apache w/FrontPage Module Port Message-ID: <01bcdfeb$cb4c11c0$0500000a@hetzels>
next in thread | raw e-mail | index | archive | help
I am currently writing a port for apache to use the frontpage module. The
port is 98% complete, which used an old distribution of the FrontPage 3.0
Extensions. (Can't use current file due to corrupted tar file at the
source). The apache-fp port does the following:
1. fetches apache-1.2.4.tar.gz, & fp30.bsdi.tar.Z
2. extracts apache-1.2.4.tar.gz
a. extracts files (fp_install.sh, change_server.sh,
fp-patch-apache-1.2.1) from fp30.bsdi.tar.Z
3. Apply patches to apache sources and the extracted frontpage files
a. Apply fp-patch-apache-1.2.1 to apache sources.
4. Run Configure script
5. Build apache-fp
6. Install apache-fp server & files (icons, config files, etc.).
a. Run fp_install.sh to install the frontpage extensions & setup the
FrontPage Webs.
Every thing works to this point but, when you use FrontPage 98 to create a
FrontPage web, it complains that it can't create its lock file in
/usr/local/etc/apache as the dir. permission is set to 755 & owned by user
root & group wheel. Changing the directory so that it is world writable
fixes the problem, but causes a security problem. Also, another problem
appears, 'Cannot open file "/usr/local/etc/apache/httpd.conf" for
read/write.' the files permissions are set to 644, but apparently the FP
Exts can't open the file.
This problem is caused by the fp_install.sh which reads the httpd.conf
file for the user that the server is to run as, since the default is nobody
it chowns -R the directory /usr/local/www/data to user nobody. While
/usr/local/etc/apache is owned by root. The solution I have come up with is
to chown -R ./etc/apache & ./www/data to the same owner & group after the
fp_install.sh script has run. As just chown the directories doesn't solve
the problem with reading the httpd.conf file.
b. Add user & group www
c. chown -R www:www /usr/local/etc/apache /usr/local/www/data
Q. How do I add these to the group & passwd list (would like them to be uid
& gid < 99)?
Q. Is there any security issues with having the configuration directory
(./etc/apache) & files (httpd.conf, srm.conf, access.conf), readable &
writeable by the frontpage extensions?
Scot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01bcdfeb$cb4c11c0$0500000a>