Hi, On Tue, 25 Feb 2003, Brian Hatch wrote: > I'd argue that the error log *should* be available to exec'd CGIs > etc. That way the STDERR of a CGI is available to the programmer > for debugging purposes. Beats the hell out of printing debugging > information to the webbrowser. This has been the case for all the > Apache versions I'm familar with. file descriptors 0, 1 and 2 are not the problem. They are open and required for the script to function properly. > Now error log should be opened in append only mode, such that these > logs can only grow the error log, not overwrite or truncate. I do > not know if this is the case. If there is more than one error log > for that apache process, I'd argue that apache should close all > of them except the one associated with that program (probably > because of the VirtualHost it's associated with, for example.) Yes error messages from cgi scripts usually end up in the virtual hosts error log. That is current behaviour if I'm not mistaken. [snipp] > If the error log (the only one that is appropriate for the > exec'd program in question) is opened in append only mode, this > seems to be appropriate. the cgi has access to the error log via its stderr file descriptor 2. It does not need access to the file descriptor of the log itself. > I think an apache directive to allow > all logs to be closed would be a good one, or perhaps a flag > to define close on exec when you define your log files. the apache source code already has hooks for closing these resources. The reason it is not happening is because there is a bug. A trivial patch has been posted and is being discussed with the apache group. I hope it will get committed into their cvs as soon as possible. Greetings Christian -- CK Software GmbH Christian Kratzer, Schwarzwaldstr. 31, 71131 Jettingen Email: ckat_private Phone: +49 7452 889-135 Open Software Solutions, Network Security Fax: +49 7452 889-136 FreeBSD spoken here!
This archive was generated by hypermail 2b30 : Tue Feb 25 2003 - 15:46:41 PST