Apache port

[Niclov]

Having some problems starting up my apache server recently. I used to always execute the process while logged in as root, but I've been setting up some low level administrative accounts to maintain the webserver. I've given them permissions to all the needed files in apache, but apache fails to start. In the error log, there's an entry Permission denied: make_sock: could not bind to port 80. How do I remedy this?

(using Caldera Openlinux 2.2)

 

[marsd]

visudo; add aliases for a command privileged group;
give it members; add cmnd_aliases for all apache _
add permissions: voila you are the parent of baby root users.
man sudo ; man sudoers.
good luck.

 

[ifincham]

Hi,



Normally a running apache system consists of a parent process owned by root and a number of child listener processes running under a non-root account. For example, on redhat, if you do 'ps -aux | grep httpd' you would see a parent process owned by root and a number (default 8) of listeners with owner 'apache'.



In general, the security of apache would be set up for the 'apache' (or equivalent) user and not as root. However, the 'gotcha' is that binding a port < 1024 (i.e. a priviledged port) is only permitted by root to give some credibility to the 'authenticity' of such servers - otherwise any old user could start such services which far from desirable if you are running a live server.



So, its really as marsd says - if you want non-root users to start/restart the server on port 80 (vs maintain content etc ) you would have to use the 'sudo' mechanism -->

http://www.courtesan.com/sudo/

.



Regards

 

[Niclov]

Ah, thanks both of you. Changed the port # and it works fine now. I'll read up on that sudo stuff though, will likely prove usefull in the future.