Summary: | app-backup/backuppc User Interface not accessible | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Hendrik Friedel <hen_mail> |
Component: | New packages | Assignee: | Seemant Kulleen (RETIRED) <seemant> |
Status: | VERIFIED FIXED | ||
Severity: | normal | CC: | app-backup, jakub |
Priority: | High | ||
Version: | 2006.1 | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Hendrik Friedel
2006-09-10 06:59:01 UTC
1/ Is not a mod_perl issue, you need perl compiled w/ USE="perlsuid" (caveat emptor). 2/ If you are not using suid perl, your webserver needs to run as backuppc user (i.e., you need a dedicated server/port for this, you can't share e.g. your current Apache instance for backuppc). Works just fine here (using a dedicated lighttpd on port 8080 for this). Thanks for the reply, shouldn't require the ebuild USE="perlsuid" then? The thing is, that by just emergeing you don't get backuppc running. There are no comments stateing that perlsuid is required during the emerge. What's the correct way to get it running for me as a user now? Regards, Hendrik (In reply to comment #2) > shouldn't require the ebuild USE="perlsuid" then? Uh no... perlsuid is definitely not the preferred way of running this thing, suid perl is not safe (see the use flag description). Besides, there's no way to specify such dependency. So in that case, mod_perl would be a requirement. Using this, I get an error in the Apache error log: The file Apache/Response.pm could not be found. So still something is messed up. Greets, Hendrik I've figured out a way to get backuppc running: In /etc/conf.d/backuppc And /etc/backuppc/config.pl The backuppc user must be set to apache. In this case, neither mod_perl nor setuid are required. Could someone change this in the Ebuild? Greets, Hendrik (In reply to comment #5) > I've figured out a way to get backuppc running: > > In /etc/conf.d/backuppc > And /etc/backuppc/config.pl > > The backuppc user must be set to apache. I told you in Comment #1 that webserver must run under the same account as backuppc. > Could someone change this in the Ebuild? No, because that's wrong. You should _not_ run backuppc as apache user, you should run your apache (or another webserver) as backuppc user. Please, read the documentation, this is not (and should not be) an out-of-the-box ebuild, you need to consider lots of things when setting this up. Hello, the thing is, that I *did* read the configuration intensively. I did not have a clue about this issue. There should really be some post install Remarkts stating that the webserver must run as backuppc and how to do that. Greets, Hendrik postinst added, thanks. (In reply to comment #6) > > I told you in Comment #1 that webserver must run under the same account as > backuppc. > > > Could someone change this in the Ebuild? > > No, because that's wrong. You should _not_ run backuppc as apache user, you > should run your apache (or another webserver) as backuppc user. Please, read > the documentation, this is not (and should not be) an out-of-the-box ebuild, > you need to consider lots of things when setting this up. Sorry, but I don't understand : as soon as backuppc and apache are running as the same user, why does it matter that the user is called apache or backuppc ? (In reply to comment #9) > Sorry, but I don't understand : as soon as backuppc and apache are running as > the same user, why does it matter that the user is called apache or backuppc ? Security, for starters. |