[ic] mod_interchange permissions

Dan Browning interchange-users@icdevgroup.org
Mon Apr 7 18:01:23 2003 

At 04:20 PM 4/7/2003 -0500, you wrote:
>I'm attempting to get mod_interchange working, but I'm having a problem 
>with permissions. My setup is RedHat 7.3, Apache 1.3.27, IC 
>4.9.7.200304050658, running in Unix mode.
>
>I setup IC without the intention of using mod_interchange, and I seem to 
>remember something it asked me in the base setup about "leave this blank 
>if using mod_interchange" so I don't know if that has anything to do with this.
>
>The catalog I had already setup was modified in catalog.cfg with "Variable 
>CGI_URL /hero", and interchange.cfg was changed to "Catalog hero 
>/home/interch/catalogs/hero /hero" instead of the /cgi-bin/hero stuff.
>
>Then I put this in httpd.conf under my catalog's virtual host:
><Location /hero>
>         SetHandler interchange-handler
>         InterchangeServer /usr/local/interchange/etc/socket
>         DropRequestList /default.ida /x.ida /cmd.exe /root.exe
></Location>
>
>Accessing the URL with /hero gave a 500 error, and my error log said:
>[error] (13)Permission denied: access to /hero/index.html failed for 
>64.238.152.225, reason: Connection failed
>
>Then I restarted IC with SocketPerms=666 and the catalog came up, although 
>sans images. (Probably just need to fix some link for images w/o cgi-bin.)
>
>My question is, what do I do to make the permissions work? It seemed like 
>the docs and mailing list articles talked about changes for vlink and 
>tlink, but not mod_interchange. Should I set SocketPerms 0660 in 
>interchange.cfg? I just don't want to screw anything up.
>
>My /usr/local/interchange/etc looks like (partial):
>-rw-------    1 interch  interch        33 Apr  7 16:01 mode.unix
>srw-------    1 interch  interch         0 Apr  7 16:01 socket
>srwx------    1 interch  interch         0 Apr  7 16:01 socket.ipc

Hi Josh,

Hmm... recent versions of mod_interchange documentation don't seem to have 
this tidbit:

  * Make sure that the Web server user has permissions to the socket.

For example, if your web server is apache, and the user.group is 
apache.apache, then you would do:

chgrp apache /usr/local/interchange/etc/socket
chmod g+rws /usr/local/interchange/etc/socket

# I also like to do...

chgrp apache /usr/local/interchange/etc/
chmod g+rws /usr/local/interchange/etc/

I'll see if I can get that into the documentation.  Kevin Walsh has done a 
great job with the mod_interchange module, thanks Kevin.

-Dan

--
/~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\
| Dan Browning, Kavod Technologies,      <dan.browning@kavod.com> |
| 6700 NE 162nd Ave, Suite 210, Vancouver, WA (360) 843-4074 x217 |
\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/
When you try to make an impression, the chances are that is the
impression you will make.