root身份运行apache
2013-02-02 16:57
351 查看
在运维过程中,有时候我们需要以root身份运行apache,之所以管理系统采用root身份运行,是因为有些配置文件或程序必须是root身份才能运行。
如果使用默认的安装选项装好apache之后,如果简单地修改配置文件,会得到如下提示:
Error: Apache has not been designed to serve pages while running as root. There are known race conditions that will allow any local user to read any file on the system. If you still desire to serve pages as root then add -DBIG_SECURITY_HOLE to the EXTRA_CFLAGS line in your src/Configuration file and rebuild the server. It is strongly suggested that you instead modify the User directive in your httpd.conf file to list a non-root user.
解决办法:采用源码方式重新编译安装apache。
1、卸载系统默认安装的apr、apr-util
rpm -e --allmatches --nodeps apr-util
rpm -e --allmatches --nodeps apr
2、安装apr
tar zxvf apr-1.4.6.tar.gz
cd apr-1.4.6
./configure
make
make install
echo "/usr/local/apr/lib" >>/etc/ld.so.conf
ldconfig
2、安装apr-util
tar zxvf apr-util-1.5.1.tar.gz
cd apr-util-1.5.1
./configure --with-apr=/usr/local/apr
make
make install
3、安装pcre
tar zxvf pcre-8.21.tar.gz
cd pcre-8.21
./configure --with-apr=/usr/local/apr
make
make install
4、安装httpd
tar zxvf httpd-2.4.3.tar.gz
cd httpd-2.4.3
修改Apache 源代码,在 include/http_config.h 头部中自行添加如下语句
#ifndef BIG_SECURITY_HOLE
#define BIG_SECURITY_HOLE
#endif
./configure --prefix=/usr/local/httpd --enable-ssl --enable-cgi --enable-mods-shared=allable-ssl --enable-cgi --enable-mods-shared=all --enable-track-vars --enable-rewrite
make
make install
cd /usr/local/httpd/
5、httpd.conf配置
解压源程序安装包之后,修改Apache 源代码,在 src/include/http_config.h 头部中自行添加 如下语句
#ifndef BIG_SECURITY_HOLE
#define BIG_SECURITY_HOLE
#endif
6、编辑httpd.conf
......
User root
Group root
......
7、重启apache
/usr/local/httpd/bin/apachectl start|stop
如果使用默认的安装选项装好apache之后,如果简单地修改配置文件,会得到如下提示:
Error: Apache has not been designed to serve pages while running as root. There are known race conditions that will allow any local user to read any file on the system. If you still desire to serve pages as root then add -DBIG_SECURITY_HOLE to the EXTRA_CFLAGS line in your src/Configuration file and rebuild the server. It is strongly suggested that you instead modify the User directive in your httpd.conf file to list a non-root user.
解决办法:采用源码方式重新编译安装apache。
1、卸载系统默认安装的apr、apr-util
rpm -e --allmatches --nodeps apr-util
rpm -e --allmatches --nodeps apr
2、安装apr
tar zxvf apr-1.4.6.tar.gz
cd apr-1.4.6
./configure
make
make install
echo "/usr/local/apr/lib" >>/etc/ld.so.conf
ldconfig
2、安装apr-util
tar zxvf apr-util-1.5.1.tar.gz
cd apr-util-1.5.1
./configure --with-apr=/usr/local/apr
make
make install
3、安装pcre
tar zxvf pcre-8.21.tar.gz
cd pcre-8.21
./configure --with-apr=/usr/local/apr
make
make install
4、安装httpd
tar zxvf httpd-2.4.3.tar.gz
cd httpd-2.4.3
修改Apache 源代码,在 include/http_config.h 头部中自行添加如下语句
#ifndef BIG_SECURITY_HOLE
#define BIG_SECURITY_HOLE
#endif
./configure --prefix=/usr/local/httpd --enable-ssl --enable-cgi --enable-mods-shared=allable-ssl --enable-cgi --enable-mods-shared=all --enable-track-vars --enable-rewrite
make
make install
cd /usr/local/httpd/
5、httpd.conf配置
解压源程序安装包之后,修改Apache 源代码,在 src/include/http_config.h 头部中自行添加 如下语句
#ifndef BIG_SECURITY_HOLE
#define BIG_SECURITY_HOLE
#endif
6、编辑httpd.conf
......
User root
Group root
......
7、重启apache
/usr/local/httpd/bin/apachectl start|stop
相关文章推荐
- 关于ubuntu下 chrom 不能以 root 身份 运行的 解决方案
- ubuntu下以root身份成功运行chromium
- ElasticSearch Root身份运行
- ElasticSearch Root身份运行
- 在VMware下运行Fedora Linux以root身份登入时显示鉴定故障
- ubuntu下以root身份成功运行chromium
- php-fpm以root身份运行
- 解决Chromium 不能以 root 身份运行
- 解决Chromium 不能以 root 身份运行
- 在VMware下运行Fedora Linux以root身份登入时显示鉴定故障的解决方法
- 如何实现使得一个普通用户以root身份运行命令和如何使用sudo命令?
- deepin使用root身份运行
- 关于如何以root身份运行Google Chrome
- Linux中,PHP以root身份运行外部命令-sudo实施方法
- ElasticSearch Root身份运行
- 以root用户身份在jenkins中运行shell命令
- 如何实现使得一个普通用户以root身份运行命令
- ubuntu12.04下Google Chrome浏览器不能以root用户身份运行解决方案
- 使用mpm-itk模块让 apache 以特定的用户身份运行虚拟主机 [CentOS 5.5]
- Chrome默认不能以root身份运行 Google Chrome 浏览器