that the SysV shared memory segment be reset to the uid/gid of
User/Group. In fact, it's not wise that it do so. However, there are
some 3rd party "add ons" that require/expect this behavior...
So allow admins to do so, assuming they know the impacts.
PR:
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@96941
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 1.3.27
+ *) Add the new directive 'ShmemUIDisUser'. By default, Apache
+ will no longer set the uid/gid of SysV shared memory scoreboard
+ to User/Group, and it will therefore stay the uid/gid of
+ the parent Apache process. This is actually the way it should
+ be, however, some implementations may still require this, which
+ can be enabled by 'ShmemUIDisUser On'. [Jim Jagielski]
+
*) Fix a problem with the definition of union semun which broke
System V semaphores on systems where sizeof(int) != sizeof(long).
PR 12072 [<winterling@de.ibm.com>]
extern enum server_token_type ap_server_tokens;
extern int ap_protocol_req_check;
+extern int ap_change_shmem_uid;
/* Trying to allocate these in the config pool gets us into some *nasty*
* chicken-and-egg problems in http_main.c --- where do you stick them
return NULL;
}
+static const char *set_change_shmem_uid(cmd_parms *cmd,
+ core_dir_config *d, int arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err != NULL) {
+ return err;
+ }
+
+ ap_change_shmem_uid = arg != 0;
+ return NULL;
+}
+
/*
* Handle a request to include the server's OS platform in the Server
* response header field (the ServerTokens directive). Unfortunately
"Limit (in bytes) on maximum size of request message body" },
{ "ProtocolReqCheck", set_protocol_req_check, NULL, RSRC_CONF, FLAG,
"Enable strict checking of Protocol type in requests" },
+{ "ShmemUIDisUser", set_change_shmem_uid, NULL, RSRC_CONF, FLAG,
+ "Enable the setting of SysV shared memory scoreboard uid/gid to User/Group" },
{ "AcceptMutex", set_accept_mutex, NULL, RSRC_CONF, TAKE1,
"Serialized Accept Mutex; the methods "
#ifdef HAVE_USLOCK_SERIALIZED_ACCEPT
/* Also global, for http_core and http_protocol */
int ap_protocol_req_check = 1;
+int ap_change_shmem_uid = 0;
+
/*
* This routine is called when the pconf pool is vacuumed. It resets the
* server version string to a known value and [re]enables modifications
* We exit below, after we try to remove the segment
*/
}
- else { /* only worry about permissions if we attached the segment */
+ /* only worry about permissions if we attached the segment
+ and we want/need to change the uid/gid */
+ else if (ap_change_shmem_uid) {
if (shmctl(shmid, IPC_STAT, &shmbuf) != 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, server_conf,
"shmctl() could not stat segment #%d", shmid);
projects / thirdparty / apache / httpd.git / commitdiff
