Follow up r1617201: Return EPERM if the uid is not root on chroot-ing. Pointed out by trawick on <CAKUrXK6EGmG1ZD4+UFZ05yznTe6twOU3n57YeO-Ney-_VV_dCQ@mail.gmail.com>

geteuid is always successful, so remove errno reference.

unixd_drop_privileges and ap_unixd_setup_child are almost the same, so let's remove the redundant code.

suexec: Support use of setgid/setuid capability bits on Linux, a weaker set of privileges than the full setuid/setgid root binary. * configure.in: Add --enable-suexec-capabilites flag. * Makefile.in: If configured, use setcap instead of chmod 7555 on installed suexec binary. * modules/arch/unix/mod_unixd.c (unixd_pre_config): Drop test for setuid bit if capability bits are used. * docs/manual/: Add docs.

Add lots of unique tags to error log messages

Only dump User/Group if DUMP_RUN_CFG is defined

Add -D DUMP_RUN_CFG option to dump some configuration items from the parsed (or default) config. This is useful for init scripts that need to setup temporary directories and permissions, for example if those temporary directories are located on a ram disk.

Cleanup effort in prep for GA push: Trim trailing whitespace... no func change

suEXEC: Add Suexec directive to disable suEXEC without renaming the binary (Suexec Off), or force startup failure if suEXEC is required but not supported (Suexec On). Change SuexecUserGroup to fail startup instead of just printing a warning if suEXEC is disabled. Additionally, ap_unixd_config.suexec_disabled_reason has a message, suitable for logging/messaging, explaining why the feature isn't available.

Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take advantage of per-module loglevels

Treat gid's identically to uid's for purposes of numeric formatting.

Bring back OS/2 support. Reverses r758929 with a little bit of conflict resolution.

Correctly set suexec_enabled when httpd is run by non-root PR 42175

Core can specify a platform-specific rewrite args hook. Use that on Unix. Windows continues to specify this in the MPM, at least until someone can separate out the MPM-specific bits.

axe unmaintained 1.3-era code to support AUX, SunOS, IRIX, Next, Tandem, MPE, LynxOS, QNX, and UnixWare

remove TPF support

remove OS/2 platform support

The rewrite-args hook isn't available to MPM DSOs. Piggy-back on the linked-in mod_unixd.c to handle that. (The set of MPMs modified is the same set for which mod_unixd is enabled, which is approximately equivalent to the set of Unix MPMs which anybody has tried to maintain in recent memory.)

axe the remaining checks of AP_MPM_WANT_foo to see what code to generate MPMs no longer provide those definitions (the signal server support is an interesting problem, since it has to be known before loading loading the MPM)

use a local module header file to store the function prototype for ap_unixd_setup_child() that is used outside this module.

name protect unixd_setup_child and restore its prototype to unixd.h If someone wants to find a better place for it, then feel free to so so only if you compile with -Werror before committing.

API Cleanup in preperation for 2.4.x, make sure all exported functions or variables contain an ap_ prefix.

Remove c99 style comment.

Note that the current mishmash is ugly... hope to find time to restart working on the cleanup I started at ACUS, but got sidetracked with confusion on where the divisions actually were...

mod_unixd: use APR_HOOK_MIDDLE for drop_privileges. We're the canonical module for that hook!

* Move code to a more conveniant place

Further unixd hacks to remove duplication between old-unixd and mod_unixd, and get it working with old MPMS[1] + mod_unixd. It's still an uneasy split, as some modules (mod_cgid, suexec)[2] also use unixd. More thinking+hacking due. [1] Should be prefork/worker/event, but only worker is tested. [2] cgid is OK, suexec is untested.

Wrap the global count of privileges handlers operating. Silence grumblers.

Switch all unix MPMs to use drop_privileges hook (mod_unixd) for startup and add a flag to prevent running without any module taking responsibility for managing system privileges!

Maintain the assumption that uids are long (as is done with other code sections), as well as be aware of signs.

Make unixd_set_user a local static function.

Change the child_init hook to a drop_privileges hook for mod_unixd.

Strip down mod_unixd to only do chroot and changing the UID.

Move mod_unixd to arch/unix.