From: Ken Coar <coar@apache.org>
Date: Fri, 9 Mar 2001 20:20:31 +0000 (+0000)
Subject: 	Bring forward the -V option for suexec from 1.3.20-dev.  It looks
X-Git-Tag: 2.0.15~60
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c9a450c264a124cd7ef61f90729dba5fc87ceeeb;p=apache

	Bring forward the -V option for suexec from 1.3.20-dev.  It looks
	like the umask() option needs to be brought forward, as well.
	Is this still 2.0.14-dev?


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88483 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 67bf199dff..8d658beeff 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,9 @@
 Changes with Apache 2.0.14
 
+  *) Add a -V flag to suexec, which causes it to display the
+     compile-time settings with which it was built.  (Only
+     usable by root or the AP_HTTPD_USER username.)  [Ken Coar]
+
   *) Mod_include should always unset the content-length if the file is
      going to be passed through send_parsed_content.  There is no to
      determine if the content will change before actually scanning the
diff --git a/docs/man/suexec.8 b/docs/man/suexec.8
index 69cb6ed5dd..a9a94feba7 100644
--- a/docs/man/suexec.8
+++ b/docs/man/suexec.8
@@ -1,4 +1,4 @@
-.TH suexec 8 "March 1998"
+.TH suexec 8 "March 2001"
 .\" The Apache Software License, Version 1.1
 .\"
 .\" Copyright (c) 2000-2001 The Apache Software Foundation.  All rights
@@ -53,17 +53,23 @@
 .SH NAME
 suexec \- Switch User For Exec
 .SH SYNOPSIS
-No synopsis for usage, because this program
-is used internally by Apache only. 
+.B suexec -V
+.PP
+No other synopsis for usage, because this program
+is otherwise only used internally by the Apache HTTP server. 
 .PP
 .SH DESCRIPTION
 .B suexec
-is the "wrapper" support program for the suEXEC behaviour for Apache.
-It is run from within Apache automatically to switch the user when
-an external program has to be run under a different user. For more
-information about suEXEC see the document `Apache suEXEC Support'
-under http://www.apache.org/docs/suexec.html .
+is the "wrapper" support program for the suexec behaviour for the
+Apache HTTP server.  It is run from within the server automatically
+to switch the user when an external program has to be run under a
+different user. For more information about suexec, see the online
+document `Apache suexec Support' on the HTTP server project's
+Web site at  http://httpd.apache.org/docs/suexec.html .
+.SH OPTIONS
+.IP -V
+Display the list of compile-time settings used when \fBsuexec\fP
+was built.  No other action is taken.
 .PD
 .SH SEE ALSO
 .BR httpd(8)
-.
diff --git a/support/suexec.c b/support/suexec.c
index 234668dcbb..882608ca6f 100644
--- a/support/suexec.c
+++ b/support/suexec.c
@@ -265,11 +265,60 @@ int main(int argc, char *argv[])
     struct stat dir_info;	/* directory info holder     */
     struct stat prg_info;	/* program info holder       */
 
+    prog = argv[0];
+    /*
+     * Check existence/validity of the UID of the user
+     * running this program.  Error out if invalid.
+     */
+    uid = getuid();
+    if ((pw = getpwuid(uid)) == NULL) {
+	log_err("crit: invalid uid: (%ld)\n", uid);
+	exit(102);
+    }
+    /*
+     * See if this is a 'how were you compiled' request, and
+     * comply if so.
+     */
+    if ((argc > 1)
+        && (! strcmp(argv[1], "-V"))
+        && ((uid == 0)
+#ifdef _OSD_POSIX
+        /* User name comparisons are case insensitive on BS2000/OSD */
+            || (! strcasecmp(AP_HTTPD_USER, pw->pw_name)))
+#else  /* _OSD_POSIX */
+            || (! strcmp(AP_HTTPD_USER, pw->pw_name)))
+#endif /* _OSD_POSIX */
+        ) {
+#ifdef AP_DOC_ROOT
+        fprintf(stderr, " -D AP_DOC_ROOT=\"%s\"\n", AP_DOC_ROOT);
+#endif
+#ifdef AP_GID_MIN
+        fprintf(stderr, " -D AP_GID_MID=%d\n", AP_GID_MIN);
+#endif
+#ifdef AP_HTTPD_USER
+        fprintf(stderr, " -D AP_HTTPD_USER=\"%s\"\n", AP_HTTPD_USER);
+#endif
+#ifdef AP_LOG_EXEC
+        fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC);
+#endif
+#ifdef SAFE_PATH
+        fprintf(stderr, " -D SAFE_PATH=\"%s\"\n", SAFE_PATH);
+#endif
+#ifdef SUEXEC_UMASK
+        fprintf(stderr, " -D SUEXEC_UMASK=%03o\n", SUEXEC_UMASK);
+#endif
+#ifdef AP_UID_MIN
+        fprintf(stderr, " -D AP_UID_MID=%d\n", AP_UID_MIN);
+#endif
+#ifdef AP_USERDIR_SUFFIX
+        fprintf(stderr, " -D AP_USERDIR_SUFFIX=\"%s\"\n", AP_USERDIR_SUFFIX);
+#endif
+        exit(0);
+    }
     /*
      * If there are a proper number of arguments, set
      * all of them to variables.  Otherwise, error out.
      */
-    prog = argv[0];
     if (argc < 4) {
 	log_err("too few arguments\n");
 	exit(101);
@@ -278,16 +327,6 @@ int main(int argc, char *argv[])
     target_gname = argv[2];
     cmd = argv[3];
 
-    /*
-     * Check existence/validity of the UID of the user
-     * running this program.  Error out if invalid.
-     */
-    uid = getuid();
-    if ((pw = getpwuid(uid)) == NULL) {
-	log_err("invalid uid: (%ld)\n", uid);
-	exit(102);
-    }
-
     /*
      * Check to see if the user running this program
      * is the user allowed to do so as defined in