<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
<title></title>
</head>
<body text="#000000" bgcolor="#ffffff">
Ok. I didn't know that SER had the ability to change the GID it runs
under (and therefore change the group owner of the FIFO hopefully).
This would solve the problem. In my case I'd just set "group=serfifo".<br>
<br>
HOWEVER, why I try this, I get: <br>
<br>
<blockquote><tt>{root@fs/pts/7}~# ser -P /var/run/ser.pid -dddd -g
serfifo<br>
Segmentation fault<br>
</tt></blockquote>
<br>
I tried it both in ser.cfg (group=serfifo), and both as text group
names, and as a numeric group ID (499 in my case). Both caused a
SEGFAULT. This is the SER CVS from the "0.8.11-r1" branch, compiled on
a RH7.3 system w/ gcc 2.96.<br>
<br>
I can't really see a reason for this SEGF except for a possible null
pointer dereference in this code seg:<br>
<br>
<blockquote><tt>if ((tmp==0) ||(*tmp)){<br>
</tt></blockquote>
Don't have time to debug at the moment.<br>
<br>
- Jim<br>
<br>
Andrei Pelinescu-Onciul wrote:<br>
<blockquote type="cite"
cite="mid20031126112659.GB5931@fokus.fraunhofer.de">
<pre wrap="">On Nov 25, 2003 at 14:49, Jim Burwell <a class="moz-txt-link-rfc2396E" href="mailto:jimb@jsbc.cc"><jimb@jsbc.cc></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Yes. When they changed the permissions on the FIFO, they made it
inaccessable to the normal Apache user. Too bad they didn't make the
fifo owner/permissions a config file setting. I just created a group
called "serfifo", made "apache" a member of it, and put something like
"(sleep 5; chgrp serfifo $SERFIFO) &" into my SER startup script. This
waits in the background for five seconds, then changes group ownership
of the FIFO to one the apache user is a member of. You have to wait a
few seconds before doing the chgrp, because SER forks immediately on
start, and can take some time to create the FIFO, so your chgrp can
actually execute before the FIFO is created (race condition), so you
must give it a few seconds. The FIFO already has group rw perms as
created by SER.
</pre>
</blockquote>
<pre wrap=""><!---->
Fifo permissions can be changes from the config file. Use
fifo_mode=0666. You could try also to change your ser group (start ser
with -g serinfo or add group=serinfo in the cfg).
We changed the fifo permissions because it introduced some security
problems on multi-user (read untrusted users) systems (DOS on ser using
fifo, overwritting files using fifo and setting the reply fifo to a link
in /tmp to some file elsewhere on the filesystem.). Now also ser will
try to delete & recreate /tmp/fifo on startup to make sure it has the
proper permissions.
Andrei
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="78">--
+---------------------------------------------------------------------------+
| Jim Burwell - Sr. Systems/Network/Security Engineer, JSBC |
+---------------------------------------------------------------------------+
| "I never let my schooling get in the way of my education." - Mark Twain |
| "UNIX was never designed to keep people from doing stupid things, because |
| that policy would also keep them from doing clever things." - Doug Gwyn |
| "Cool is only three letters away from Fool" - Mike Muir, Suicyco |
| "..Government in its best state is but a necessary evil; in its worst |
| state an intolerable one.." - Thomas Paine, "Common Sense" (1776) |
+---------------------------------------------------------------------------+
| Email: <a class="moz-txt-link-abbreviated" href="mailto:jimb@jsbc.cc">jimb@jsbc.cc</a> ICQ UIN: 1695089 |
+---------------------------------------------------------------------------+
| Reply problems ? Turn off the "sign" function in email prog. Blame MS. |
+---------------------------------------------------------------------------+
</pre>
</body>
</html>