1 /* Copyright 1999-2004 The Apache Software Foundation
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 * suexec.h -- user-definable variables for the suexec wrapper code.
18 * (See README.configure on how to customize these variables.)
26 * Include ap_config_layout so we can work out where the default htdocsdir
29 #include "ap_config_layout.h"
32 * HTTPD_USER -- Define as the username under which Apache normally
33 * runs. This is the only user allowed to execute
37 #define AP_HTTPD_USER "www"
41 * UID_MIN -- Define this as the lowest UID allowed to be a target user
42 * for suEXEC. For most systems, 500 or 100 is common.
45 #define AP_UID_MIN 100
49 * GID_MIN -- Define this as the lowest GID allowed to be a target group
50 * for suEXEC. For most systems, 100 is common.
53 #define AP_GID_MIN 100
57 * USERDIR_SUFFIX -- Define to be the subdirectory under users'
58 * home directories where suEXEC access should
59 * be allowed. All executables under this directory
60 * will be executable by suEXEC as the user so
61 * they should be "safe" programs. If you are
62 * using a "simple" UserDir directive (ie. one
63 * without a "*" in it) this should be set to
64 * the same value. suEXEC will not work properly
65 * in cases where the UserDir directive points to
66 * a location that is not the same as the user's
67 * home directory as referenced in the passwd file.
69 * If you have VirtualHosts with a different
70 * UserDir for each, you will need to define them to
71 * all reside in one parent directory; then name that
72 * parent directory here. IF THIS IS NOT DEFINED
73 * PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK!
74 * See the suEXEC documentation for more detailed
77 #ifndef AP_USERDIR_SUFFIX
78 #define AP_USERDIR_SUFFIX "public_html"
82 * LOG_EXEC -- Define this as a filename if you want all suEXEC
83 * transactions and errors logged for auditing and
87 #define AP_LOG_EXEC DEFAULT_EXP_LOGFILEDIR "/suexec_log" /* Need me? */
91 * DOC_ROOT -- Define as the DocumentRoot set for Apache. This
92 * will be the only hierarchy (aside from UserDirs)
93 * that can be used for suEXEC behavior.
96 #define AP_DOC_ROOT DEFAULT_EXP_HTDOCSDIR
100 * SAFE_PATH -- Define a safe PATH environment to pass to CGI executables.
104 #define AP_SAFE_PATH "/usr/local/bin:/usr/bin:/bin"
107 #endif /* _SUEXEC_H */