Making Apache to 'reload' its configuration
This is a discussion on Making Apache to 'reload' its configuration within the Apache Web Server forums, part of the Web Server and Related Forums category; Hi, I am having problems making Apache reload itself. I have tried a PHP exec calling a bash shell script ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-18-2007
|
|||
|
|||
Making Apache to 'reload' its configuration
Hi,
I am having problems making Apache reload itself. I have tried a PHP exec calling a bash shell script that does a KILL -HUP on Apache to attempt to make it reload its configuration. The signal in the shell script works fine from root but will not work when called from PHP. Is there anyway to make Apache reload itself from PHP without having to doing a signal ? I am trying to do a configuration reload without requiring root. Many thanks in advance, Aaron |
|
01-18-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
Aaron Gray wrote:
> Hi, > > I am having problems making Apache reload itself. > > I have tried a PHP exec calling a bash shell script that does a KILL -HUP on > Apache to attempt to make it reload its configuration. > > The signal in the shell script works fine from root but will not work when > called from PHP. > > Is there anyway to make Apache reload itself from PHP without having to > doing a signal ? > > I am trying to do a configuration reload without requiring root. > > Many thanks in advance, > > Aaron > > Your Apache user probably doesn't have the authority to do a kill. root does (of course). But you don't want to give the Apache user the kill authority, either. It's a huge security risk. Let's look at it another way. What problem are you trying to fix? -- ================== Remove the "x" from my email address Jerry Stuckle JDS Computer Training Corp. jstucklex@attglobal.net ================== |
|
01-18-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
Aaron Gray wrote:
> The signal in the shell script works fine from root but will not work when > called from PHP. As Jerry indicated, you are probably trying to fix the wrong problem. If we knew *why* you were trying to do this, then we might be able to tell you an alternative to reloading Apache in the first place. That having been said, look at "sudo". -- Toby A Inkster BSc (Hons) ARCS Contact Me ~ http://tobyinkster.co.uk/contact |
|
01-18-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
"Toby Inkster" <usenet200701@tobyinkster.co.uk> wrote in message
news:bs7484-dcj.ln1@ophelia.g5n.co.uk... > Aaron Gray wrote: > >> The signal in the shell script works fine from root but will not work >> when >> called from PHP. > > As Jerry indicated, you are probably trying to fix the wrong problem. If > we knew *why* you were trying to do this, then we might be able to tell > you an alternative to reloading Apache in the first place. Okay, I am working on putting to gether a server administration program thats written in PHP and runs in Apache. It needs to reload the configuration after adding, removing, or modifying the virtual web sites Apache is serving. The only simple way I can think of is to do a reload every 10 minutes or every hour, as a cron job, or so. > That having been said, look at "sudo". No that requires a password to be entered. Aaron |
|
01-18-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
Aaron Gray wrote:
> "Toby Inkster" <usenet200701@tobyinkster.co.uk> wrote in message > news:bs7484-dcj.ln1@ophelia.g5n.co.uk... >> Aaron Gray wrote: >> >>> The signal in the shell script works fine from root but will not work >>> when >>> called from PHP. >> As Jerry indicated, you are probably trying to fix the wrong problem. If >> we knew *why* you were trying to do this, then we might be able to tell >> you an alternative to reloading Apache in the first place. > > Okay, I am working on putting to gether a server administration program > thats written in PHP and runs in Apache. It needs to reload the > configuration after adding, removing, or modifying the virtual web sites > Apache is serving. > > The only simple way I can think of is to do a reload every 10 minutes or > every hour, as a cron job, or so. > >> That having been said, look at "sudo". > > No that requires a password to be entered. > > Aaron > > You mean like WebMin? You can change the user (although I don't recommend it). Check out posix_setgid() and posix_getuid(). And if you do change the user/group id, I recommend you first spawn another process to do it, rather than trying to change it for the Apache server itself. Or, rather than killing Apache, why not execute a batch job which gracefully brings it down and restarts it? -- ================== Remove the "x" from my email address Jerry Stuckle JDS Computer Training Corp. jstucklex@attglobal.net ================== |
|
01-18-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
Aaron Gray wrote:
> "Toby Inkster" <usenet200701@tobyinkster.co.uk> wrote in message > news:bs7484-dcj.ln1@ophelia.g5n.co.uk... >> Aaron Gray wrote: >> >>> The signal in the shell script works fine from root but will not work >>> when >>> called from PHP. >> >> As Jerry indicated, you are probably trying to fix the wrong problem. If >> we knew *why* you were trying to do this, then we might be able to tell >> you an alternative to reloading Apache in the first place. > > Okay, I am working on putting to gether a server administration program > thats written in PHP and runs in Apache. It needs to reload the > configuration after adding, removing, or modifying the virtual web sites > Apache is serving. > > The only simple way I can think of is to do a reload every 10 minutes or > every hour, as a cron job, or so. You are writing a server administration program but you don't know how permissions work. Am I the only one to feel a bit worried at this point? You need to read up on privilege separation. Certainly use sudo - but there are other ways. Try Google or read the relevant parts of the Rute. > > No that requires a password to be entered. > Aaaaarrrgghhhhh!!!!!! Read the sudo manual. Thouroughly, please. C. |
|
01-19-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
"Colin McKinnon"
<colin.thisisnotmysurname@ntlworld.deletemeunlessU RaBot.com> wrote in message news:UjRrh.87910$493.59796@newsfe4-gui.ntli.net... > Aaron Gray wrote: > >> "Toby Inkster" <usenet200701@tobyinkster.co.uk> wrote in message >> news:bs7484-dcj.ln1@ophelia.g5n.co.uk... >>> Aaron Gray wrote: >>> >>>> The signal in the shell script works fine from root but will not work >>>> when >>>> called from PHP. >>> >>> As Jerry indicated, you are probably trying to fix the wrong problem. If >>> we knew *why* you were trying to do this, then we might be able to tell >>> you an alternative to reloading Apache in the first place. >> >> Okay, I am working on putting to gether a server administration program >> thats written in PHP and runs in Apache. It needs to reload the >> configuration after adding, removing, or modifying the virtual web sites >> Apache is serving. >> >> The only simple way I can think of is to do a reload every 10 minutes or >> every hour, as a cron job, or so. > > You are writing a server administration program but you don't know how > permissions work. Am I the only one to feel a bit worried at this point? > > You need to read up on privilege separation. Certainly use sudo - but > there > are other ways. Try Google or read the relevant parts of the Rute. > >> >> No that requires a password to be entered. >> > > Aaaaarrrgghhhhh!!!!!! > > Read the sudo manual. Thouroughly, please. Okay. Aaron |
|
01-19-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
"Colin McKinnon"
<colin.thisisnotmysurname@ntlworld.deletemeunlessU RaBot.com> wrote in message news:UjRrh.87910$493.59796@newsfe4-gui.ntli.net... > Aaron Gray wrote: > >> "Toby Inkster" <usenet200701@tobyinkster.co.uk> wrote in message >> news:bs7484-dcj.ln1@ophelia.g5n.co.uk... >>> Aaron Gray wrote: >>> >>>> The signal in the shell script works fine from root but will not work >>>> when >>>> called from PHP. >>> >>> As Jerry indicated, you are probably trying to fix the wrong problem. If >>> we knew *why* you were trying to do this, then we might be able to tell >>> you an alternative to reloading Apache in the first place. >> >> Okay, I am working on putting to gether a server administration program >> thats written in PHP and runs in Apache. It needs to reload the >> configuration after adding, removing, or modifying the virtual web sites >> Apache is serving. >> >> The only simple way I can think of is to do a reload every 10 minutes or >> every hour, as a cron job, or so. > > You are writing a server administration program but you don't know how > permissions work. Am I the only one to feel a bit worried at this point? > > You need to read up on privilege separation. Certainly use sudo - but > there > are other ways. Try Google or read the relevant parts of the Rute. > >> >> No that requires a password to be entered. >> > > Aaaaarrrgghhhhh!!!!!! > > Read the sudo manual. Thouroughly, please. Great. I am now able to do reload on Apache via a SIGHUP from Apache/PHP. Nice, many thanks for pointing me in the right direction. Aaron |
|
01-19-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
Aaron Gray wrote:
> "Toby Inkster" <usenet200701@tobyinkster.co.uk> wrote in message > news:bs7484-dcj.ln1@ophelia.g5n.co.uk... > >> That having been said, look at "sudo". > > No that requires a password to be entered. You seem to be getting confused with "su". "sudo" can be set up for regular users to run stuff as root *without* passwords. Indeed, that's kind of the point of it. -- Toby A Inkster BSc (Hons) ARCS Contact Me ~ http://tobyinkster.co.uk/contact |
|
01-19-2007
|
|||
|
|||
|
Re: Making Apache to 'reload' its configuration
Colin McKinnon wrote:
> Aaron Gray wrote: > >> "Toby Inkster" <usenet200701@tobyinkster.co.uk> wrote in message >> news:bs7484-dcj.ln1@ophelia.g5n.co.uk... >>> Aaron Gray wrote: >>> >>>> The signal in the shell script works fine from root but will not work >>>> when >>>> called from PHP. >>> >>> As Jerry indicated, you are probably trying to fix the wrong problem. If >>> we knew *why* you were trying to do this, then we might be able to tell >>> you an alternative to reloading Apache in the first place. >> >> Okay, I am working on putting to gether a server administration program >> thats written in PHP and runs in Apache. It needs to reload the >> configuration after adding, removing, or modifying the virtual web sites >> Apache is serving. >> >> The only simple way I can think of is to do a reload every 10 minutes or >> every hour, as a cron job, or so. > > You are writing a server administration program but you don't know how > permissions work. Am I the only one to feel a bit worried at this point? No Colin, you are not alone. ;-) I think a security audit may be in place after the project is delivered. Erwin Moller > > You need to read up on privilege separation. Certainly use sudo - but > there are other ways. Try Google or read the relevant parts of the Rute. > >> >> No that requires a password to be entered. >> > > Aaaaarrrgghhhhh!!!!!! > > Read the sudo manual. Thouroughly, please. > > C. |
Linear Mode
