Does apache have to run as the site owner?

Adrian Teasdale ateasdale@portalroom.com
Wed Jan 23 12:25:02 2002


Hi

we have a problem that with PHP we can't see the keys in our virtual hosting
accounts.  This is what our programmer sent to me (as I'm a non-tech).  Does
this make sense? ....


This is what we have found in httpd.conf:

# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
#  . On HPUX you may not be able to use shared memory as nobody, and the
#    suggested workaround is to create a user www and use that user.
#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
#  when the value of (unsigned)Group is above 60000;
#  don't use Group nobody on these systems!
#
--------------------------------------------------------------------------

So apache runs as nobody:nobody. This is Ok until we need to
communicate with PGP tools. In order to do this we need apache to run
under right user ID. For example site directmail.co.uk should run as
dmail:dmail. Only then we are able to get right pgp keys and work with
them.
So can you help us to configure apache in this way
1. We need to know if apache runs as root and so it is possible to
switch user ID for it.
2. Can we use cpanel to change user/group for every site?
3. If we cannot then can we manually edit httpd.conf to add
user.group for that sites.


Thanks in advance

Ade