... and this can cause a lot of pain together with mod_auth_ldap or mod_python. Python will then try to write to /root/.python-eggs for it's egg-cache/-store and mod_auth_ldap will use /root/.ldaprc together with the manual configuration in the apache's configuration-files. Combined with the strange OpenSSL-behaviour to re-start the TLS-session on configuration-changes it will give a nice failure when trying to connect to a LDAP-Server using SSL or TLS and causes a lot of debugging hours since Apache doesn't output enough LDAP error-messages even with "Loglevel debug".
neither mod_authnz_ldap nor mod_python use HOME in their code, and i'm using both modules without any problems for a long time... sounds like a config error to me
Nope, it isn't. The problem is not that those modules use HOME, but the libraries they depend on.
... and the same problem applies to lighttpd. Even if home is set to /var/www in passwd, executing phpinfo() gives me: "HOME /root" ... and even: "USER root" but checking all the processes shows that neither lighttpd nor php-cgi are running as root.
please use the SetEnv directive to specify an egg-cache (e.g. SetEnv PYTHON_EGG_CACHE /var/www)
*argh* HOME is set to /root, which should not be the case It should be the same thing /etc/passwd for the apache-user.
well, HOME is not even set here in phpinfo(); and i'm not sure we need/want that... *shrug*
this is not easily fixable since the environment is inherited from the init script, which is called as root. we could fix this by using --user with start-stop-daemon, but then apache could not bind to anything < 1024 otoh, mod_authnz_ldap works perfectly fine here without a correct HOME, so does the python egg cache if set with SetEnv. if it really bothers you please customize the init script yourself