RT 3.1.17 / Call for comments [Rt-devel] FastCGI, SetGIDness
and Taint mode
Guillaume Perréal
perreal at lyon.cemagref.fr
Mon Jun 21 05:43:47 EDT 2004
Jesse Vincent a écrit :
>Draft updated instructions for FastCGI configuration options are on the
>Wiki at http://wiki.bestpractical.com/index.cgi?FastCGIConfiguration.
>
>I would _greatly_ appreciate commentary either on this list or on the
>Wiki as soon as folks can get to it. To my knowledge, getting this
>solved will allow an immediate release candidate of RT 3.2.
>
> Best,
> Jesse
>
>
>
Hello,
I'm running RT 3.0.10 in a Apache2 / Suexec / FastCGI config on a Fedora
Core 1 box. RT is installed in /home/rt3.
The "SuexecUserGroup" directive is required along with "-user" and
"-group" options of "FastCgiServer" for Apache 2. Here's my setup
pertaining to FastCGI :
SuexecUserGroup rt rt
FastCgiServer /var/www/rt3-bin/mason_handler.fcgi -user rt -group rt
ScriptAlias /rt/ /var/www/rt3-bin/mason_handler.fcgi/
<Directory /var/www/rt3-bin/mason_handler.fcgi/>
SetHandler fastcgi-script
order deny,allow
allow from all
</Directory>
Furthermore:
- the handler should be in a directory owned by the specified user and
group -- in fact, I could not manage to get it runnning with doing it,
- the handler should NOT be setuid/setgid.
So I set up files this way :
mkdir /var/www/rt3-bin
ln /home/rt3/bin/mason_handler.fcgi /var/www/rt3-bin/
chown rt:rt /var/www/rt3-bin /home/rt3/bin/mason_handler.fcgi
chmod 0555 /var/www/rt3-bin /home/rt3/bin/mason_handler.fcgi
Best regards,
--
Guillaume Perréal.
Responsable informatique,
Cemagref, groupement de Lyon,
France.
Tél: (+33) 4.72.20.87.87.
Fax: (+33) 4.78.47.78.75.
Site: http://www.lyon.cemagref.fr/
More information about the Rt-devel
mailing list