Linux 부팅 시 Apache Httpd를 시작하고 싶습니다(비밀번호 제출과 같은 개입이 필요 없으며 rootApache 서비스를 시작하기 위해 루트 비밀번호를 쓰고 싶지 않습니다!!!)
나중에 Apache를 설치했습니다.
# ./configure --prefix=/usr/local/httpd ... --with-included-apr --with-included-apr-util -with-pcre=/usr/local/pcre --with-z=/usr/local/zlib
# make
# make install
httpd나는 이렇게 했습니다(그룹 이름을 딴 사용자를 만들었습니다 root).
# useradd -g root -r -c "Httpd User" -s /sbin/nologin httpd
# chown -hvR httpd:root /usr/local/httpd/
권한을 변경했습니다.
# chown -hvR httpd:root /usr/local/httpd/bin/
# ls -ARl --group-directories-first /usr/local/httpd/bin/
/usr/local/httpd/bin/:
total 2004
-rwSr-Sr-x. 1 httpd root 117511 Jul 12 01:29 ab
-rwSr-Sr-x. 1 httpd root 3461 Jul 12 01:07 apachectl
-rwSr-Sr-x. 1 httpd root 7037 Jul 12 01:26 apr-1-config
-rwSr-Sr-x. 1 httpd root 6596 Jul 12 01:27 apu-1-config
-rwSr-Sr-x. 1 httpd root 23523 Jul 12 01:07 apxs
-rwSr-Sr-x. 1 httpd root 9533 Jul 12 01:29 checkgid
-rwSr-Sr-x. 1 httpd root 8925 Jul 12 01:07 dbmmanage
-rwSr-Sr-x. 1 httpd root 1089 Jul 12 01:07 envvars
-rwSr-Sr-x. 1 httpd root 1089 Jul 12 01:07 envvars-std
-rwSr-Sr-x. 1 httpd root 16476 Jul 12 01:29 fcgistarter
-rwSr-Sr-x. 1 httpd root 60832 Jul 12 01:29 htcacheclean
-rwSr-Sr-x. 1 httpd root 33254 Jul 12 01:29 htdbm
-rwSr-Sr-x. 1 httpd root 18193 Jul 12 01:29 htdigest
-rwSr-Sr-x. 1 httpd root 33958 Jul 12 01:29 htpasswd
-rwSr-Sr-x. 1 httpd root 1606472 Jul 12 01:29 httpd
-rwSr-Sr-x. 1 httpd root 16168 Jul 12 01:29 httxt2dbm
-rwSr-Sr-x. 1 httpd root 17904 Jul 12 01:29 logresolve
-rwSr-Sr-x. 1 httpd root 29642 Jul 12 01:29 rotatelogs
# /usr/local/httpd/bin/apachectl start
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
# chmod -R u=rwx,g=rx,o=rx /usr/local/httpd/bin/
# ls -ARl --group-directories-first /usr/local/httpd/bin/
/usr/local/httpd/bin/:
total 2004
-rwxr-xr-x. 1 httpd root 117511 Jul 12 01:29 ab
-rwxr-xr-x. 1 httpd root 3461 Jul 12 01:07 apachectl
-rwxr-xr-x. 1 httpd root 7037 Jul 12 01:26 apr-1-config
-rwxr-xr-x. 1 httpd root 6596 Jul 12 01:27 apu-1-config
-rwxr-xr-x. 1 httpd root 23523 Jul 12 01:07 apxs
-rwxr-xr-x. 1 httpd root 9533 Jul 12 01:29 checkgid
-rwxr-xr-x. 1 httpd root 8925 Jul 12 01:07 dbmmanage
-rwxr-xr-x. 1 httpd root 1089 Jul 12 01:07 envvars
-rwxr-xr-x. 1 httpd root 1089 Jul 12 01:07 envvars-std
-rwxr-xr-x. 1 httpd root 16476 Jul 12 01:29 fcgistarter
-rwxr-xr-x. 1 httpd root 60832 Jul 12 01:29 htcacheclean
-rwxr-xr-x. 1 httpd root 33254 Jul 12 01:29 htdbm
-rwxr-xr-x. 1 httpd root 18193 Jul 12 01:29 htdigest
-rwxr-xr-x. 1 httpd root 33958 Jul 12 01:29 htpasswd
-rwxr-xr-x. 1 httpd root 1606472 Jul 12 01:29 httpd
-rwxr-xr-x. 1 httpd root 16168 Jul 12 01:29 httxt2dbm
-rwxr-xr-x. 1 httpd root 17904 Jul 12 01:29 logresolve
-rwxr-xr-x. 1 httpd root 29642 Jul 12 01:29 rotatelogs
#
다른
# /bin/su -p -s /bin/sh httpd /usr/local/httpd/bin/apachectl start
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
저는 이런 이유로 서비스를 만들었습니다: (짧게) 다음과 같습니다:
SERVICE_HOME=/usr/local/httpd
SERVICE_USER=httpd
SERVICE_NAME=Httpd
SHUTDOWN_WAIT=20
service_pid() {
echo `ps aux | grep "$SERVICE_USER" | grep "$SERVICE_HOME" | grep -v grep | head -1 | awk '{ print $2 }' `
}
start() {
pid=$(service_pid)
if [ -n "$pid" ]
then
echo "$SERVICE_NAME is already running (pid: $pid)"
else
# Start httpd
echo "Starting $SERVICE_NAME"
/bin/su -p -s /bin/sh $SERVICE_USER $SERVICE_HOME/bin/apachectl start
#/bin/su -p -s /bin/sh httpd authbind /usr/local/httpd/bin/apachectl start
fi
return 0
}
그러나 이것은 불가능합니다:
나는 시도했다승인 바인딩
http://ftp.debian.org/debian/pool/main/a/authbind/authbind_1.2.0.tar.gz
# tar zxvf /.../authbind_1.2.0.tar.gz -C /usr/local/
# cd /usr/local/authbind-1.2.0
# make
# make install
# ls -ARl /etc/authbind/
/etc/authbind/:
total 12
drwxr-xr-x. 2 root root 4096 Jul 12 13:34 byaddr
drwxr-xr-x. 2 root root 4096 Jul 12 13:34 byport
drwxr-xr-x. 2 root root 4096 Jul 12 13:34 byuid
/etc/authbind/byaddr:
total 0
/etc/authbind/byport:
total 0
/etc/authbind/byuid:
total 0
#
# touch /etc/authbind/byport/80
# chown httpd:root /etc/authbind/byport/80
# chmod 755 /etc/authbind/byport/80
프롬프트에서 테스트해 보세요( httpd사용자로 시작하려면 아파치가 필요합니다!!!)
# /bin/su -p -s /bin/sh httpd authbind /usr/local/httpd/bin/apachectl start
/usr/local/bin/authbind: /usr/local/bin/authbind: cannot execute binary file
# /bin/su -p -s /bin/sh httpd exec authbind /usr/local/httpd/bin/apachectl start
sh: exec: No such file or directory
# /bin/su -p -s /bin/sh httpd exec authbind --deep /usr/local/http/bin/apachectl start
/bin/su: unrecognized option '--deep'
Try `/bin/su --help' for more information.
#
질문 1:
authbind그 일 을 수행 하다RHEL/중앙 운영 체제/페도라 모자환경?
질문 2:
내 주문은 무엇이어야합니까? authbind와 함께 사용하려면 exec 또는 --deep이 필요합니까?
사용자와 함께 authbind를 테스트하는 데 root문제가 없습니다 !
# authbind /usr/local/httpd/bin/apachectl start
# authbind /usr/local/httpd/bin/apachectl stop
#
질문 3:
필요/빈/수,-피,-에스그리고/bin/shhttpd사용자 와 ?
답변1
새 버전을 사용해야 합니다.승인 바인딩지원하다IPV6:
http://ftp.debian.org/debian/pool/main/a/authbind/
또는
http://www.filewatcher.com/m/authbind_2.1.1.tar.gz.14407-0.html
ftp://ftp.debian.com/debian/pool/main/a/authbind/authbind_2.1.1.tar.gz
tar zxvf /home/.../authbind_2.1.1.tar.gz -C /your/path/
cd /your/path/authbind-2.1.1
make
make install
사용자 및 그룹과 관련하여 사용자는 반드시 다음에 속할 필요는 없습니다.뿌리그룹...
useradd -r -c "Httpd User" -s /sbin/nologin httpd
chown -hR httpd: /usr/local/httpd/
이제 저자는
touch /etc/authbind/byport/80
chown httpd: /etc/authbind/byport/80
chmod 755 /etc/authbind/byport/80
답변 1
CentOS, RHEL 및 Fedora에 대한 여러 Authbind 튜토리얼을 보았으며 어떤 이유에서인지... 작동하므로 대답은 '예'입니다.
답변 2
시작서버는 스크립트에서 다음을 시도합니다.
/bin/su -p -s /bin/sh httpd -c "/usr/local/bin/authbind /usr/local/httpd/bin/apachectl start"
또는
/bin/su -p -s /bin/sh $SERVICE_USER -c "/usr/local/bin/authbind $SERVICE_HOME/bin/apachectl start"
멈추다서버는 스크립트에서 다음을 시도합니다.
/bin/su -p -s /bin/sh httpd -c "/usr/local/bin/authbind /usr/local/httpd/bin/apachectl stop"
또는
/bin/su -p -s /bin/sh $SERVICE_USER -c "/usr/local/bin/authbind $SERVICE_HOME/bin/apachectl stop"
답변 3