/* Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /** * @file suexec.h * @brief user-definable variables for the suexec wrapper code. * (See README.configure on how to customize these variables.) */ #ifndef _SUEXEC_H #define _SUEXEC_H /* * Include ap_config_layout so we can work out where the default htdocsdir * and logsdir are. */ #include "ap_config_layout.h" /* * HTTPD_USER -- Define as the username under which Apache normally * runs. This is the only user allowed to execute * this program. */ #ifndef AP_HTTPD_USER #define AP_HTTPD_USER "www" #endif /* * UID_MIN -- Define this as the lowest UID allowed to be a target user * for suEXEC. For most systems, 500 or 100 is common. */ #ifndef AP_UID_MIN #define AP_UID_MIN 100 #endif /* * GID_MIN -- Define this as the lowest GID allowed to be a target group * for suEXEC. For most systems, 100 is common. */ #ifndef AP_GID_MIN #define AP_GID_MIN 100 #endif /* * USERDIR_SUFFIX -- Define to be the subdirectory under users' * home directories where suEXEC access should * be allowed. All executables under this directory * will be executable by suEXEC as the user so * they should be "safe" programs. If you are * using a "simple" UserDir directive (ie. one * without a "*" in it) this should be set to * the same value. suEXEC will not work properly * in cases where the UserDir directive points to * a location that is not the same as the user's * home directory as referenced in the passwd file. * * If you have VirtualHosts with a different * UserDir for each, you will need to define them to * all reside in one parent directory; then name that * parent directory here. IF THIS IS NOT DEFINED * PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK! * See the suEXEC documentation for more detailed * information. */ #ifndef AP_USERDIR_SUFFIX #define AP_USERDIR_SUFFIX "public_html" #endif /* * LOG_EXEC -- Define this as a filename if you want all suEXEC * transactions and errors logged for auditing and * debugging purposes. */ #ifndef AP_LOG_EXEC #define AP_LOG_EXEC DEFAULT_EXP_LOGFILEDIR "/suexec_log" /* Need me? */ #endif /* * DOC_ROOT -- Define as the DocumentRoot set for Apache. This * will be the only hierarchy (aside from UserDirs) * that can be used for suEXEC behavior. */ #ifndef AP_DOC_ROOT #define AP_DOC_ROOT DEFAULT_EXP_HTDOCSDIR #endif /* * SAFE_PATH -- Define a safe PATH environment to pass to CGI executables. * */ #ifndef AP_SAFE_PATH #define AP_SAFE_PATH "/usr/local/bin:/usr/bin:/bin" #endif #endif /* _SUEXEC_H */