From: Jeff Trawick <trawick@apache.org>
Date: Mon, 14 Feb 2011 20:18:20 +0000 (+0000)
Subject: backport from trunk r1033519:
X-Git-Tag: 2.2.18~125
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d26374d7c0bddf98c5ae378d95f1956dd415ce4f;p=thirdparty%2Fapache%2Fhttpd.git

backport from trunk r1033519:

*) suEXEC: Add Suexec directive to disable suEXEC without renaming the
   binary (Suexec Off), or force startup failure if suEXEC is required
   but not supported (Suexec On).

Submitted by: trawick
Reviewed by: covener, wrowe


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1070639 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 39fd0d9d876..488182d7892 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.18
 
+  *) suEXEC: Add Suexec directive to disable suEXEC without renaming the
+     binary (Suexec Off), or force startup failure if suEXEC is required
+     but not supported (Suexec On).  [Jeff Trawick]
+ 
   *) mod_proxy: Put the worker in error state if the SSL handshake with the
      backend fails. PR 50332.
      [Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]
diff --git a/STATUS b/STATUS
index bb8af7606df..03ab2ed414a 100644
--- a/STATUS
+++ b/STATUS
@@ -90,18 +90,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * suEXEC: Add Suexec directive to disable suEXEC without renaming the
-     binary (Suexec Off), or force startup failure if suEXEC is required
-     but not supported (Suexec On).
-     Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1033519
-     Simpler 2.2.x patch: http://people.apache.org/~trawick/suexec-2.2.txt
-       (unlike trunk, a) doesn't cause startup to fail if SuexecUserGroup
-       coded but suEXEC disabled, and b) doesn't add field to unixd structure
-       with reason string for why suEXEC is disabled)
-     Plz consider where doc for directive should go.  Patch has it in core, as
-     enabling/disabling the basic capability is not split out into mod_unixd 2.2.x.
-     +1: trawick, covener, wrowe
-
   * mod_authn_file: Log friendly error message if AuthUserFile is not set.
       Trunk version of patch:
          http://svn.apache.org/viewcvs.cgi?rev=1070096&view=rev
diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml
index ae02ef0b335..8a4946168f8 100644
--- a/docs/manual/mod/core.xml
+++ b/docs/manual/mod/core.xml
@@ -3256,6 +3256,23 @@ server</description>
 <seealso><a href="../filter.html">Filters</a> documentation</seealso>
 </directivesynopsis>
 
+<directivesynopsis>
+<name>Suexec</name>
+<description>Enable or disable the suEXEC feature</description>
+<syntax>Suexec On|Off</syntax>
+<default>On if suexec binary exists with proper owner and mode,
+Off otherwise</default>
+<contextlist><context>server config</context></contextlist>
+<compatibility>Available in Apache httpd 2.2.18 and later</compatibility>
+
+<usage>
+    <p>When On, startup will fail if the suexec binary doesn't exist
+    or has an invalid owner or file mode.</p>
+    <p>When Off, suEXEC will be disabled even if the suexec binary exists
+    and has a valid owner and file mode.</p>
+</usage>
+</directivesynopsis>
+
 <directivesynopsis>
 <name>TimeOut</name>
 <description>Amount of time the server will wait for
diff --git a/docs/manual/mod/mod_suexec.xml b/docs/manual/mod/mod_suexec.xml
index a941f080718..f101b2af9d4 100644
--- a/docs/manual/mod/mod_suexec.xml
+++ b/docs/manual/mod/mod_suexec.xml
@@ -63,7 +63,7 @@ later.</compatibility>
     </example>
 
 </usage>
-
+<seealso><directive module="core">Suexec</directive></seealso>
 </directivesynopsis>
 </modulesynopsis>
 
diff --git a/os/unix/unixd.c b/os/unix/unixd.c
index 7a306be667b..85d5a98ba63 100644
--- a/os/unix/unixd.c
+++ b/os/unix/unixd.c
@@ -237,6 +237,23 @@ AP_DECLARE(const char *) unixd_set_chroot_dir(cmd_parms *cmd, void *dummy,
     return NULL;
 }
 
+AP_DECLARE(const char *) unixd_set_suexec(cmd_parms *cmd, void *dummy,
+                                          int arg)
+{
+    const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+    if (err != NULL) {
+        return err;
+    }
+
+    if (!unixd_config.suexec_enabled && arg) {
+        return "suEXEC isn't supported; check existence, owner, and "
+               "file mode of " SUEXEC_BIN;
+    }
+
+    unixd_config.suexec_enabled = arg;
+    return NULL;
+}
+
 AP_DECLARE(void) unixd_pre_config(apr_pool_t *ptemp)
 {
     apr_finfo_t wrapper;
diff --git a/os/unix/unixd.h b/os/unix/unixd.h
index 833cc8f0c40..0da52784e72 100644
--- a/os/unix/unixd.h
+++ b/os/unix/unixd.h
@@ -90,6 +90,9 @@ AP_DECLARE(void) unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
                            const char *arg, const char * arg2, int type);
 #endif
 
+AP_DECLARE(const char *) unixd_set_suexec(cmd_parms *cmd, void *dummy, 
+                                          int arg);
+
 /**
  * One of the functions to set mutex permissions should be called in
  * the parent process on platforms that switch identity when the 
diff --git a/server/core.c b/server/core.c
index a1f3c9e2dcc..4d0056b74cb 100644
--- a/server/core.c
+++ b/server/core.c
@@ -3483,6 +3483,10 @@ AP_INIT_TAKE1("EnableExceptionHook", ap_mpm_set_exception_hook, NULL, RSRC_CONF,
 #endif
 AP_INIT_TAKE1("TraceEnable", set_trace_enable, NULL, RSRC_CONF,
               "'on' (default), 'off' or 'extended' to trace request body content"),
+#ifdef SUEXEC_BIN
+AP_INIT_FLAG("Suexec", unixd_set_suexec, NULL, RSRC_CONF,
+             "Enable or disable suEXEC support"),
+#endif
 { NULL }
 };