[rsbac] Apache under RSBAC
Arkady A Drovosekov
drawa at suct.uu.ru
Fri Apr 9 05:10:59 CEST 2004
On Thu, Apr 08, 2004 at 03:45:34PM -0400, Rob See wrote:
> To get used to the way RSBAC works, I'm trying to get apache to run
> as another user id without starting it as root(using roles and
> capabilities) I've been mostly successful so far, but I've run into a
> small problem. Apache (under Gentoo) creates its pid file in /var/run
> (var/run/apache2.pid) Is there any way to set an ACL for a file that
> doesn't exist yet. Otherwise, the only way I can see to do this is to
> allow access to the entire directory, or move the pid file to another
> directory (both of which I want to avoid if at all possible)
var=/var/apache-v3
attr_set_file_dir DIR "$var" linux_dac_disable 1
acl_grant -r -s -u $init_user RW FD "$var"
--
Best regards,
Arkady
More information about the rsbac
mailing list