Giving Apache sudo access
Jared
jared at hatwhite.com
Tue Mar 20 16:15:58 CDT 2007
>> Does anyone have another idea for giving an apache module
>> the ability to have root access to /dev/ttyS0, without
>> compromising the box?
>
> Have you looked at apache suEXEC support? More info at:
>
> http://httpd.apache.org/docs/1.3/suexec.html
>
> Not sure if this is what you want, but using /etc/sudoers strikes
> me as odd. :)
Odd, yes, but it works. I was unaware of suEXEC. Ouch! It
requires recompiling Apache. I should have clarified that
I eventually want to market this application to people who
are not able to recompile Apache.
A little more research just revealed that the '*' flag at
the end of the sudoers line will allow me to pass variables
on the command line. Thus I do not need the /tmp file.
This is the simplicity I'm looking for. Now it's down to two
scripts and an entry in sudoers. Eliminating the /tmp file
has eased my headache, although I still need to filter the
variables coming in.
Thanks, Kyle. suEXEC will be useful for a server with multiple
users needing this capability, but that is a little ways
down the line yet.
-Jared
More information about the Kclug
mailing list