By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
454,719 Members | 1,466 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 454,719 IT Pros & Developers. It's quick & easy.

Making Apache to 'reload' its configuration

P: n/a
Hi,

I am having problems making Apache reload itself.

I have tried a PHP exec calling a bash shell script that does a KILL -HUP on
Apache to attempt to make it reload its configuration.

The signal in the shell script works fine from root but will not work when
called from PHP.

Is there anyway to make Apache reload itself from PHP without having to
doing a signal ?

I am trying to do a configuration reload without requiring root.

Many thanks in advance,

Aaron
Jan 18 '07 #1
Share this Question
Share on Google+
7 Replies


P: n/a
Aaron Gray wrote:
Hi,

I am having problems making Apache reload itself.

I have tried a PHP exec calling a bash shell script that does a KILL -HUP on
Apache to attempt to make it reload its configuration.

The signal in the shell script works fine from root but will not work when
called from PHP.

Is there anyway to make Apache reload itself from PHP without having to
doing a signal ?

I am trying to do a configuration reload without requiring root.

Many thanks in advance,

Aaron

Your Apache user probably doesn't have the authority to do a kill. root
does (of course).

But you don't want to give the Apache user the kill authority, either.
It's a huge security risk.

Let's look at it another way. What problem are you trying to fix?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jan 18 '07 #2

P: n/a
Aaron Gray wrote:
The signal in the shell script works fine from root but will not work when
called from PHP.
As Jerry indicated, you are probably trying to fix the wrong problem. If
we knew *why* you were trying to do this, then we might be able to tell
you an alternative to reloading Apache in the first place.

That having been said, look at "sudo".

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact

Jan 18 '07 #3

P: n/a
"Toby Inkster" <us**********@tobyinkster.co.ukwrote in message
news:bs************@ophelia.g5n.co.uk...
Aaron Gray wrote:
>The signal in the shell script works fine from root but will not work
when
called from PHP.

As Jerry indicated, you are probably trying to fix the wrong problem. If
we knew *why* you were trying to do this, then we might be able to tell
you an alternative to reloading Apache in the first place.
Okay, I am working on putting to gether a server administration program
thats written in PHP and runs in Apache. It needs to reload the
configuration after adding, removing, or modifying the virtual web sites
Apache is serving.

The only simple way I can think of is to do a reload every 10 minutes or
every hour, as a cron job, or so.
That having been said, look at "sudo".
No that requires a password to be entered.

Aaron
Jan 18 '07 #4

P: n/a
Aaron Gray wrote:
"Toby Inkster" <us**********@tobyinkster.co.ukwrote in message
news:bs************@ophelia.g5n.co.uk...
>Aaron Gray wrote:
>>The signal in the shell script works fine from root but will not work
when
called from PHP.
As Jerry indicated, you are probably trying to fix the wrong problem. If
we knew *why* you were trying to do this, then we might be able to tell
you an alternative to reloading Apache in the first place.

Okay, I am working on putting to gether a server administration program
thats written in PHP and runs in Apache. It needs to reload the
configuration after adding, removing, or modifying the virtual web sites
Apache is serving.

The only simple way I can think of is to do a reload every 10 minutes or
every hour, as a cron job, or so.
>That having been said, look at "sudo".

No that requires a password to be entered.

Aaron

You mean like WebMin?

You can change the user (although I don't recommend it). Check out
posix_setgid() and posix_getuid().

And if you do change the user/group id, I recommend you first spawn
another process to do it, rather than trying to change it for the Apache
server itself.

Or, rather than killing Apache, why not execute a batch job which
gracefully brings it down and restarts it?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jan 18 '07 #5

P: n/a
Aaron Gray wrote:
"Toby Inkster" <us**********@tobyinkster.co.ukwrote in message
news:bs************@ophelia.g5n.co.uk...
>Aaron Gray wrote:
>>The signal in the shell script works fine from root but will not work
when
called from PHP.

As Jerry indicated, you are probably trying to fix the wrong problem. If
we knew *why* you were trying to do this, then we might be able to tell
you an alternative to reloading Apache in the first place.

Okay, I am working on putting to gether a server administration program
thats written in PHP and runs in Apache. It needs to reload the
configuration after adding, removing, or modifying the virtual web sites
Apache is serving.

The only simple way I can think of is to do a reload every 10 minutes or
every hour, as a cron job, or so.
You are writing a server administration program but you don't know how
permissions work. Am I the only one to feel a bit worried at this point?

You need to read up on privilege separation. Certainly use sudo - but there
are other ways. Try Google or read the relevant parts of the Rute.
>
No that requires a password to be entered.
Aaaaarrrgghhhhh!!!!!!

Read the sudo manual. Thouroughly, please.

C.

Jan 18 '07 #6

P: n/a
Aaron Gray wrote:
"Toby Inkster" <us**********@tobyinkster.co.ukwrote in message
news:bs************@ophelia.g5n.co.uk...
>That having been said, look at "sudo".

No that requires a password to be entered.
You seem to be getting confused with "su". "sudo" can be set up for
regular users to run stuff as root *without* passwords. Indeed, that's
kind of the point of it.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact

Jan 19 '07 #7

P: n/a
Toby Inkster wrote:
Aaron Gray wrote:
>"Toby Inkster" <us**********@tobyinkster.co.ukwrote in message
news:bs************@ophelia.g5n.co.uk...
>>That having been said, look at "sudo".

No that requires a password to be entered.

You seem to be getting confused with "su". "sudo" can be set up for
regular users to run stuff as root *without* passwords. Indeed, that's
kind of the point of it.
But still... you do not want to give apache sudo rights. I would LOVE to add
a few PHP scripts of my own to that server. No, not really because I am a
good guy. :P

But maybe, if the server is totally dedicated to this job, and no others can
use that apache, it is doable. But not really recommended.
I would say: don't.

Regards,
Erwin Moller

Jan 19 '07 #8

This discussion thread is closed

Replies have been disabled for this discussion.