Apache as non root with sudo
Ladner, Eric (Eric.Ladner)
Eric.Ladner at ChevronTexaco.com
Tue Jan 6 11:10:14 EST 2004
Also, depending on your operating system, you can do a chatr
/opt/ebill/app/bin/httpd (as in HP-UX) or ldd /opt/ebill/app/bin/httpd
(most other Unix's) to see what it's linked aginst. That'll help, most
likely.
Eric
-----Original Message-----
From: sudo-users-bounces at sudo.ws [mailto:sudo-users-bounces at sudo.ws] On
Behalf Of donald.ritchey at exeloncorp.com
Sent: Tuesday, January 06, 2004 9:30 AM
To: jamiebowden at hotmail.com; sudo-users at sudo.ws
Subject: RE: Apache as non root with sudo
Jamie:
This looks like an error in the shared library linkage with apachectl.
Your apachectl is compiled with linkage to shared libraries that are not
part of the standard shared library loading environment (probably
depending on a LD_LIBRARY_PATH variable to find the library in
question). As a security measure to prevent spoofing sensitive set-UID
executables, LD_LIBRARY_PATH is cleared for setUID executables when the
real user ID is not root.
Responses:
1. Move the needed library into a library that is in the standard
library search path (in Tru64 UNIX, the loader(5) man page tells you
what those directories are, for your OS, you may have to do some
research to find out where these are) or extend the standard library
search path to include the needed directory.
2. You may compile in the location of the directory containing the
missing shared library into the apachectl executable. Again, this is
dependent on the OS and compilers for your environment. Check your man
pages for cc(1) and ld(1) for the proper options.
Best wishes,
Donald L. (Don) Ritchey
E-mail: Donald.Ritchey at exeloncorp.com
-----Original Message-----
From: Jamie Bowden [mailto:jamiebowden at hotmail.com]
Sent: Tuesday, January 06, 2004 9:10 AM
To: sudo-users at sudo.ws
Subject: Apache as non root with sudo
Hello,
I have installed sudo and am wondering why I cannot get non root users
to
start apache when that user issues the command "sudo apachectl start"
This user has been given 100% root access via sudo command. They can
run
any command root can.
The error message I get is:
ld.so.1: /opt/ebill/app/bin/httpd: fatal: libmm.so.11: open failed: No
such
file or directory
Killed
/opt/ebill/app/bin/apachectl start: httpd could not be started
Does sudo not give the user the same paths as root? Root does not get
this
message - isn't Sudo supposed to make that user "behave" like root?
Any suggestions on what else I could verify?
Thanks
Jamie Bowden
www.atl.bluecross.ca
_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
************************************************************************
This e-mail and any of its attachments may contain Exelon Corporation
proprietary information, which is privileged, confidential, or subject
to copyright belonging to the Exelon Corporation family of Companies.
This e-mail is intended solely for the use of the individual or entity
to which it is addressed. If you are not the intended recipient of this
e-mail, you are hereby notified that any dissemination, distribution,
copying, or action taken in relation to the contents of and attachments
to this e-mail is strictly prohibited and may be unlawful. If you have
received this e-mail in error, please notify the sender immediately and
permanently delete the original and any copy of this e-mail and any
printout. Thank You.
************************************************************************
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list