apache-1.3.22-4 no-detach patch

apache-1.3.22-4 no-detach patch

[Stipe Tolj]

[-- Attachment #1: Type: text/plain, Size: 682 bytes --]

Corinna,

could you please apply the attached patch against the last 1.3.22-3
source tree. This will turn detaching of the parent process off.
Please try if this makes cygrunsrv happy.

I haven't included any extra starting flag. In this case apache does
not detach by default for Cygwin. Any objections from the others?

Stipe

tolj@wapme-systems.de
-------------------------------------------------------------------
Wapme Systems AG

Münsterstr. 248
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: info@wapme-systems.de
Internet: http://www.wapme-systems.de
-------------------------------------------------------------------
wapme.net - wherever you are

[-- Attachment #2: apache_1.3.22-4-no-detach.diff --]
[-- Type: text/plain, Size: 1377 bytes --]

diff -ur apache_1.3.22-3/src/include/ap_config.h apache_1.3.22-4/src/include/ap_config.h
--- apache_1.3.22-3/src/include/ap_config.h	Tue Jan  8 09:49:58 2002
+++ apache_1.3.22-4/src/include/ap_config.h	Thu Jan 17 23:26:59 2002
@@ -993,6 +993,7 @@
 #elif defined(CYGWIN)               /* Cygwin 1.x POSIX layer for Win32 */
 #define JMP_BUF jmp_buf
 #define NO_KILLPG
+#define NO_SETSID
 #define USE_LONGJMP
 #define GDBM_STATIC
 #define HAVE_MMAP 1
diff -ur apache_1.3.22-3/src/main/http_main.c apache_1.3.22-4/src/main/http_main.c
--- apache_1.3.22-3/src/main/http_main.c	Tue Jan  8 09:49:58 2002
+++ apache_1.3.22-4/src/main/http_main.c	Thu Jan 17 23:31:25 2002
@@ -3293,7 +3293,7 @@
     int x;
 
     chdir("/");
-#if !defined(MPE) && !defined(OS2) && !defined(TPF)
+#if !defined(MPE) && !defined(OS2) && !defined(TPF) && !defined(CYGWIN)
 /* Don't detach for MPE because child processes can't survive the death of
    the parent. */
     if ((x = fork()) > 0)
@@ -3323,6 +3323,13 @@
 #elif defined(MPE)
     /* MPE uses negative pid for process group */
     pgrp = -getpid();
+#elif defined(CYGWIN)
+    /* Cygwin does not take any argument for setpgrp() */
+    if ((pgrp = setpgrp()) == -1) {
+	perror("setpgrp");
+	fprintf(stderr, "%s: setpgrp failed\n", ap_server_argv0);
+	exit(1);
+    }
 #else
     if ((pgrp = setpgrp(getpid(), 0)) == -1) {
 	perror("setpgrp");

Re: apache-1.3.22-4 no-detach patch

[Corinna Vinschen]

On Fri, Jan 18, 2002 at 12:35:13AM +0100, Stipe Tolj wrote:
> Corinna,
> 
> could you please apply the attached patch against the last 1.3.22-3
> source tree. This will turn detaching of the parent process off.
> Please try if this makes cygrunsrv happy.

Didn't you test it?  Anyway, I don't have the source tree.  I'd
appreciate if you could give me a pointer to a binary archive.

> I haven't included any extra starting flag. In this case apache does
> not detach by default for Cygwin. Any objections from the others?

Hmm, I'd vote for a command line option...  '-n' for `nodetach' or so?

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

Re: apache-1.3.22-4 no-detach patch

[Stipe Tolj]

Corinna Vinschen wrote:
> 
> On Fri, Jan 18, 2002 at 12:35:13AM +0100, Stipe Tolj wrote:
> > Corinna,
> >
> > could you please apply the attached patch against the last 1.3.22-3
> > source tree. This will turn detaching of the parent process off.
> > Please try if this makes cygrunsrv happy.
> 
> Didn't you test it?  Anyway, I don't have the source tree.  I'd
> appreciate if you could give me a pointer to a binary archive.

I did test it if it stays attached and if the service itself is
operational. I wanted to let you do the cygrunsrv magic, it's your
thing I guess.

The apache-1.3.22-3 source tree is available from the location I
announced and the -4 patch applies to it. the /usr/doc/Cygwin readme
describes the configure flags to be used. It's pretty forward and
builds in <= 3 min.

> > I haven't included any extra starting flag. In this case apache does
> > not detach by default for Cygwin. Any objections from the others?
> 
> Hmm, I'd vote for a command line option...  '-n' for `nodetach' or so?

-n is used for the Win32 native port as you pointed out. I'm not sure
what the Apache officials think about this. They may claim that this
may lead to confusion. Anyway, if we decide to have a flag, I would
appritiate it if it is OS-wide, that means any UNIX platform may use
it to run with no-detach. I have posted a RFC for this on the Apache
developers list.

Stipe

tolj@wapme-systems.de
-------------------------------------------------------------------
Wapme Systems AG

Münsterstr. 248
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: info@wapme-systems.de
Internet: http://www.wapme-systems.de
-------------------------------------------------------------------
wapme.net - wherever you are

Re: apache-1.3.22-4 no-detach patch

[Corinna Vinschen]

On Fri, Jan 18, 2002 at 10:35:23AM +0100, Stipe Tolj wrote:
> Corinna Vinschen wrote:
> > 
> > On Fri, Jan 18, 2002 at 12:35:13AM +0100, Stipe Tolj wrote:
> > > Corinna,
> > >
> > > could you please apply the attached patch against the last 1.3.22-3
> > > source tree. This will turn detaching of the parent process off.
> > > Please try if this makes cygrunsrv happy.
> > 
> > Didn't you test it?  Anyway, I don't have the source tree.  I'd
> > appreciate if you could give me a pointer to a binary archive.
> 
> I did test it if it stays attached and if the service itself is
> operational. I wanted to let you do the cygrunsrv magic, it's your
> thing I guess.

I'm testing running under cygrunsrv if you send me a pointer
to the binary.  I'm not going to build apache by myself.

> > Hmm, I'd vote for a command line option...  '-n' for `nodetach' or so?
> 
> -n is used for the Win32 native port as you pointed out. I'm not sure
> what the Apache officials think about this. They may claim that this
> may lead to confusion. Anyway, if we decide to have a flag, I would
> appritiate it if it is OS-wide, that means any UNIX platform may use
> it to run with no-detach. I have posted a RFC for this on the Apache
> developers list.

That's probably the better approach.  Unfortunately the `-D' is
already used.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

Re: apache-1.3.22-4 no-detach patch

[Stipe Tolj]

Corinna Vinschen wrote:
> 
> I'm testing running under cygrunsrv if you send me a pointer
> to the binary.  I'm not going to build apache by myself.

I have tested it and it works with cygrunsrv-0.94. 

Please grap 

  apache-1.3.22-3.tar.bz2
  apache-1.3.22-4-no-detach.tar.bz2 

from http://apache.dev.wapme.net/support/apache-cygwin/ and replace
the files in -4 with those of -3 for testing.

Be aware to have

  $ chown SYETEM /var/log/apache

otherwise you won't get going.

> That's probably the better approach.  Unfortunately the `-D' is
> already used.

I'll ask the Apache guys if a OS-wide flag may be introduced.
Otherwise, I will provide them a patch for the Cygwin specific flag.

Stipe

tolj@wapme-systems.de
-------------------------------------------------------------------
Wapme Systems AG

Münsterstr. 248
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: info@wapme-systems.de
Internet: http://www.wapme-systems.de
-------------------------------------------------------------------
wapme.net - wherever you are

Re: apache-1.3.22-4 no-detach patch

[Corinna Vinschen]

On Sun, Jan 20, 2002 at 05:31:40PM +0100, Stipe Tolj wrote:
> Please grap 
> 
>   apache-1.3.22-3.tar.bz2
>   apache-1.3.22-4-no-detach.tar.bz2 
> 
> from http://apache.dev.wapme.net/support/apache-cygwin/ and replace
> the files in -4 with those of -3 for testing.

That works nicely.  Just one problem left, though.

In /etc/apache/httpd.conf I've set User to `Guest' (uid 501).
The apache service is started under SYSTEM account.  When
looking into the process list you can see:

      PID    PPID    PGID     WINPID  TTY  UID    STIME COMMAND
      196       1     196        196    ?   18 10:53:42 /usr/bin/cygrunsrv
     2504     196    2504       3740    ?   18 10:53:42 /usr/sbin/httpd
     4012    2504    2504       4012    ?   18 10:53:43 /usr/sbin/httpd

It's ok that the service process is running under SYSTEM (uid 18)
account but the server process should have switched to the Guest
account (uid 501) like that:

      PID    PPID    PGID     WINPID  TTY  UID    STIME COMMAND
      196       1     196        196    ?   18 10:53:42 /usr/bin/cygrunsrv
     2504     196    2504       3740    ?   18 10:53:42 /usr/sbin/httpd
     4012    2504    2504       4012    ?  501 10:53:43 /usr/sbin/httpd

This would be the same as in Linux then, where the service is
started under root but the server runs under some nobody account.

Is the setuid() switched off in the Cygwin version???  That's
somewhat dangerous, actually.  That way it's impossible to
run the server under an account with as few rights as possible.
Example Guest account:  The machine would have to give "Start
as a service" user right to the Guest account.  Uh, wait a
minute...

*dig, dig, dig*

Ok, as far as I can see, the problem is line 4136f. in http_main.c:

    /* Only try to switch if we're running as root */
    if (!geteuid() && (

That could get changed to (just a draft):

  #ifdef CYGWIN
    /* Only try to switch if we're running as SYSTEM */
    #define SYSTEM_UID 18
    if (geteuid() == SYSTEM_UID && (
  #else
    /* Only try to switch if we're running as root */
    if (!geteuid() && (
  #endif

Or is that the stuff in line 5375f.?  I'm not quite sure.

> Be aware to have
> 
>   $ chown SYETEM /var/log/apache
> 
> otherwise you won't get going.

Could you call that `chown' in your /etc/postinstall script?

> I'll ask the Apache guys if a OS-wide flag may be introduced.
> Otherwise, I will provide them a patch for the Cygwin specific flag.

That would of course be the best solution.  However, except for the
setuid() problem  and the postinstall one-liner we can go with it as
it is for now.

Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

Re: apache-1.3.22-4 no-detach patch

[Stipe Tolj]

Corinna Vinschen wrote:
> 
> Ok, as far as I can see, the problem is line 4136f. in http_main.c:
> 
>     /* Only try to switch if we're running as root */
>     if (!geteuid() && (
> 
> That could get changed to (just a draft):
> 
>   #ifdef CYGWIN
>     /* Only try to switch if we're running as SYSTEM */
>     #define SYSTEM_UID 18
>     if (geteuid() == SYSTEM_UID && (
>   #else
>     /* Only try to switch if we're running as root */
>     if (!geteuid() && (
>   #endif

thanks for that report Corinna. I'm fixing things up this evening and
preparing -4 for distribution.

Stipe

tolj@wapme-systems.de
-------------------------------------------------------------------
Wapme Systems AG

Münsterstr. 248
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: info@wapme-systems.de
Internet: http://www.wapme-systems.de
-------------------------------------------------------------------
wapme.net - wherever you are

Re: apache-1.3.22-4 no-detach patch

[Corinna Vinschen]

On Tue, Jan 22, 2002 at 11:53:11AM +0100, Stipe Tolj wrote:
> Corinna Vinschen wrote:
> > 
> > Ok, as far as I can see, the problem is line 4136f. in http_main.c:
> > 
> >     /* Only try to switch if we're running as root */
> >     if (!geteuid() && (
> > 
> > That could get changed to (just a draft):
> > 
> >   #ifdef CYGWIN
> >     /* Only try to switch if we're running as SYSTEM */
> >     #define SYSTEM_UID 18
> >     if (geteuid() == SYSTEM_UID && (
> >   #else
> >     /* Only try to switch if we're running as root */
> >     if (!geteuid() && (
> >   #endif
> 
> thanks for that report Corinna. I'm fixing things up this evening and
> preparing -4 for distribution.
> 
> Stipe

*knock* *knock* 

Is -4 ready to go, Stipe?

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

Re: apache-1.3.22-4 no-detach patch

[Stipe Tolj]

Corinna Vinschen wrote:
> 
> *knock* *knock*
> 
> Is -4 ready to go, Stipe?

I have been glitching around with the Apache guys to get changes in
the official cvs tree before they release 1.3.23.

But anyway I'll finish -4 and we go for release state. *kraempling the
aermels* :)

Stipe

tolj@wapme-systems.de
-------------------------------------------------------------------
Wapme Systems AG

Münsterstr. 248
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: info@wapme-systems.de
Internet: http://www.wapme-systems.de
-------------------------------------------------------------------
wapme.net - wherever you are