[ic] socket permission group
john_young at sonic.net
Tue May 11 15:20:15 EDT 2004
> After restarting the ic server (v5.2.0) the permission group of the
> socket-files changes to 'user', so I had to change the group by hand to
> allow apache the use of the socket.
> Is there a way, maybe similar to the SocketPerm Directive, to set the socket
> permission group?
Set the group sticky bit on the directory in which it resides.
chmod g+s directoryname
and also set the group ownership to a group to which your interchange
user and httpd user both belong (may require editing /etc/group). I
would not make those two users have the same primary group.
chgrp sharedgroupname directoryname
You also might want to make sure that there is no sensitive information
in that directory (nothing that would matter if httpd read it) and/or
tighten-up permissions on files in there to not allow reading by group, etc.
Shouldn't be much in there anyway.
You can use symbolic links to the directory if you need to get it into
a place where it can be read (due to permissions, chroot, or whatever).
More information about the interchange-users