|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Running Apache CGI scripts as root?
|
Hi
Does anybody in the group have luck solving this with "capabilities"
and capabilities wrapers?
With regards
Antony
Mike Sheinberg wrote:
> So, I'm trying to solve an issue at my work where I need particular
> CGI scripts to have root access to a number of binaries. I have been
> messing with the sudoers file to try to grant this access to the
> particular binaries in question without requiring a password but since
> the 'apache' account has no shell
> (apache:x:48:48:Apache:/var/www:/sbin/nologin) I get the following error:
>
> [error] [client xxx.xxx.xxx.xxx] sorry, you must have a tty to run
> sudo, referer: https://xxxx.xxx.xxx/xxx.py.
>
> After some searching some people seemed to recommend trying the apache
> module 'suexec' but it seemed a bit fishy to me so I thought I'd ask
> good ol' PLUG for some best practices advice on solving this issue.
> I'd also like to keep the
> Defaults requiretty
>
> setting in the /etc/sudoers file if possible (due to security concerns).
>
> Thanks!
> Mike
>
>
>
> ------------------------------------------------------------------------
>
> ___________________________________________________________________________
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
>
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|