gsexec.h
Go to the documentation of this file.
00001 /* Copyright 1999-2004 The Apache Software Foundation
00002  *
00003  * Licensed under the Apache License, Version 2.0 (the "License");
00004  * you may not use this file except in compliance with the License.
00005  * You may obtain a copy of the License at
00006  *
00007  *     http://www.apache.org/licenses/LICENSE-2.0
00008  *
00009  * Unless required by applicable law or agreed to in writing, software
00010  * distributed under the License is distributed on an "AS IS" BASIS,
00011  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00012  * See the License for the specific language governing permissions and
00013  * limitations under the License.
00014  */
00015 
00016 /*
00017  * suexec.h -- user-definable variables for the suexec wrapper code.
00018  *             (See README.configure on how to customize these variables.)
00019  */
00020 
00021 
00022 #ifndef _SUEXEC_H
00023 #define _SUEXEC_H
00024 
00025 /*
00026  * Include ap_config_layout so we can work out where the default htdocsdir
00027  * and logsdir are.
00028  */
00029 #include "ap_config_layout.h"
00030 
00031 /*
00032  * HTTPD_USER -- Define as the username under which Apache normally
00033  *               runs.  This is the only user allowed to execute
00034  *               this program.
00035  */
00036 #ifndef AP_HTTPD_USER
00037 #define AP_HTTPD_USER "apache"
00038 #endif
00039 
00040 /*
00041  * HTTPD_GROUP -- Define as the group under which Apache normally
00042  *                runs.  This is the only user allowed to execute
00043  *                this program.
00044  */
00045 #ifndef AP_HTTPD_GROUP
00046 #define AP_HTTPD_GROUP "apache"
00047 #endif
00048 
00049 /*
00050  * UID_MIN -- Define this as the lowest UID allowed to be a target user
00051  *            for suEXEC.  For most systems, 500 or 100 is common, but
00052  *            99 will include user nobody on RedHat Linux systems.
00053  */
00054 #ifdef AP_UID_MIN
00055 #undef AP_UID_MIN
00056 #endif
00057 #define AP_UID_MIN 99
00058 
00059 /*
00060  * GID_MIN -- Define this as the lowest GID allowed to be a target group
00061  *            for suEXEC.  For most systems, 100 is common, but 99 will
00062  *            include group nobody on RedHat Linux systems.
00063  */
00064 #ifdef AP_GID_MIN
00065 #undef AP_GID_MIN
00066 #endif
00067 #define AP_GID_MIN 99
00068 
00069 /*
00070  * USERDIR_SUFFIX -- Define to be the subdirectory under users' 
00071  *                   home directories where suEXEC access should
00072  *                   be allowed.  All executables under this directory
00073  *                   will be executable by suEXEC as the user so 
00074  *                   they should be "safe" programs.  If you are 
00075  *                   using a "simple" UserDir directive (ie. one 
00076  *                   without a "*" in it) this should be set to 
00077  *                   the same value.  suEXEC will not work properly
00078  *                   in cases where the UserDir directive points to 
00079  *                   a location that is not the same as the user's
00080  *                   home directory as referenced in the passwd file.
00081  *
00082  *                   If you have VirtualHosts with a different
00083  *                   UserDir for each, you will need to define them to
00084  *                   all reside in one parent directory; then name that
00085  *                   parent directory here.  IF THIS IS NOT DEFINED
00086  *                   PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK!
00087  *                   See the suEXEC documentation for more detailed
00088  *                   information.
00089  */
00090 #ifndef AP_USERDIR_SUFFIX
00091 #define AP_USERDIR_SUFFIX "public_html"
00092 #endif
00093 
00094 /*
00095  * LOG_EXEC -- Define this as a filename if you want all suEXEC
00096  *             transactions and errors logged for auditing and
00097  *             debugging purposes.
00098  */
00099 #ifndef AP_LOG_EXEC
00100 #define AP_LOG_EXEC DEFAULT_EXP_LOGFILEDIR "/suexec_log" /* Need me? */
00101 #endif
00102 
00103 /*
00104  * DOC_ROOT -- Define as the DocumentRoot set for Apache.  This
00105  *             will be the only hierarchy (aside from UserDirs)
00106  *             that can be used for suEXEC behavior.
00107  */
00108 #ifndef AP_DOC_ROOT
00109 #define AP_DOC_ROOT DEFAULT_EXP_HTDOCSDIR
00110 #endif
00111 
00112 /*
00113  * SAFE_PATH -- Define a safe PATH environment to pass to CGI executables.
00114  *
00115  */
00116 #ifndef AP_SAFE_PATH
00117 #define AP_SAFE_PATH "/usr/local/bin:/usr/bin:/bin"
00118 #endif
00119 
00120 /*
00121  * GRST_EXECMAPDIR -- Location of the gridmapdir-style directory of lock files
00122  *
00123  */
00124 #define GRST_EXECMAPDIR "/var/www/execmapdir"
00125 
00126 #endif /* _SUEXEC_H */