diff options
| author | Joe Orton <jorton@apache.org> | 2012-05-23 23:38:39 +0200 |
|---|---|---|
| committer | Joe Orton <jorton@apache.org> | 2012-05-23 23:38:39 +0200 |
| commit | beaee8f4e3a275badb8239bf798379e0a8ad5de0 (patch) | |
| tree | af9d06875cbd458486afdb8a67fc9320d8d026fd /configure.in | |
| parent | * docs/manual/suexec.html.en: Update for syslog logging. (diff) | |
| download | apache2-beaee8f4e3a275badb8239bf798379e0a8ad5de0.tar.xz apache2-beaee8f4e3a275badb8239bf798379e0a8ad5de0.zip | |
suexec: Support use of setgid/setuid capability bits on Linux, a
weaker set of privileges than the full setuid/setgid root binary.
* configure.in: Add --enable-suexec-capabilites flag.
* Makefile.in: If configured, use setcap instead of chmod 7555 on
installed suexec binary.
* modules/arch/unix/mod_unixd.c (unixd_pre_config): Drop test for
setuid bit if capability bits are used.
* docs/manual/: Add docs.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1342065 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'configure.in')
| -rw-r--r-- | configure.in | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/configure.in b/configure.in index e76dc640b6..19ebd887d6 100644 --- a/configure.in +++ b/configure.in @@ -738,6 +738,15 @@ AC_ARG_WITH(suexec-umask, APACHE_HELP_STRING(--with-suexec-umask,umask for suexec'd process),[ AC_DEFINE_UNQUOTED(AP_SUEXEC_UMASK, 0$withval, [umask for suexec'd process] ) ] ) +INSTALL_SUEXEC=setuid +AC_ARG_ENABLE([suexec-capabilities], +APACHE_HELP_STRING(--enable-suexec-capabilities,Use Linux capability bits not setuid root suexec), [ +INSTALL_SUEXEC=caps +AC_DEFINE(AP_SUEXEC_CAPABILITIES, 1, + [Enable if suexec is installed with Linux capabilities, not setuid]) +]) +APACHE_SUBST(INSTALL_SUEXEC) + dnl APR should go after the other libs, so the right symbols can be picked up if test x${apu_found} != xobsolete; then AP_LIBS="$AP_LIBS `$apu_config --avoid-ldap --link-libtool --libs`" |