[ic] suexec? target uid/gid mismatch with program
26 Nov 2000 16:55:09 -0500
Mike Heins <firstname.lastname@example.org> writes:
> Quoting Doug Alcorn (email@example.com):
> > What suexec complains about is "target uid/gid (508/508) mismatch with
> > directory (508/508) or program (510/510)". What I get out of this is
> > that apache sets the target uid/gid based on the User and Group
> > settings in the VirtualHost block. However, the catalog has to run
> > as a different user and group. Apache's User and Group match the
> > uid/gid of the cgi-bin directory, but not the catalog's vlink.
> Sorry, not much except set SocketPerms to 0666 or 0660, whichever
> will work. This is an Apache configuration issue -- if the permissions
> are OK, Interchange will work.
Yes, if I change the permissions on the socket to 0666 interchange
will work. I have a problem and a question about this. First,
everytime I restart interchange the permissions on this socket get
reset to the default (of course). I guess I will just put the chmod
in a wrapper around the restart of interchange.
Now, what was the design decision for the default permissions? What
are you trying to accomplish by limiting access to the socket? Is it
a security risk for me to run it as 0600?
(__) Doug Alcorn (mailto:firstname.lastname@example.org http://www.lathi.net)
oo / Unix Hacker
|_/ "It's too late for paradise" (at least in this life)