Hi all,

I am trying to write some scripts to provide a web interface to users
to allow them to stop and start the httpd daemon.

I couldn't do this in the normal httpd environment because once the
server has stopped it becomes unavailable for restart.

I have installed a second instance of apache + mod_ssl, listening only
on port 443. I am now trying to write some scripts to do the restart
of the normal httpd on port 80.

The main problem I am having is permissions. I am using perl for the
scripts as my config files are XML based. I have set the ownership of
the script to root:secureweb and permissions to 4750 (which does
setuid root)

However these scripts are unable to kill the httpd process started as
root :

Stop command is kill 13882

kill: 13882: Operation not permitted

When trying to start the server, I get :
Server start result : fopen: Permission denied
httpd: could not open error log file /usr/local/apache_admin/logs/error_log.
/usr/local/apache_admin/bin/apachectl start: httpd could not be
started

Is there an elegant way to get around this? I could run the https
admin server as root and then I would be able to execute scripts as
root, but I _REALLY_ don't want to do this.

Any assistance would be appreciated.

--
- Wayne Pascoe
                                 | Be nice to your daemons.
wa...@penguinpowered.org.uk      |
http://www.**-**.com/ |

In article <86vghytats....@pan.ehsrealtime.com>,
Wayne Pascoe  <wa...@penguinpowered.org.uk> wrote:

Most versions of Unix don't allow setuid scripts, so you may need to use a
C wrapper.

Also, if perl is running setuid on an OS that permits it, it requires that
you use the -T (taint) option or run it as taintperl.

--
Barry Margolin, bar...@genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.