|
Problem(Abstract) |
Is it possible to run IBM® HTTP Server as a non-root
process on UNIX® systems? |
|
|
|
Resolving the
problem |
It is possible to run IBM HTTP Server as a non-root
process on a UNIX system, but when doing so, use only nonstandard ports
above 1024. The following are some snippets from the
httpd.conf file showing the directives necessary to do this.
After making these changes, stop and restart the server for the changes to
take effect.
# begin example
Port 9661
ServerName servername.com
# Listen: The listen directive is required only if the server
# will be listening on more than 1 port.
Listen 9661
Listen 1445
<VirtualHost 192.168.1.100:1445>
ServerName servername.com
ErrorLog logs/servername.com-error_log
TransferLog logs/servername.com-access_log
SSLClientAuth none
SSLEnable
SSLServerCert mycert
</VirtualHost>
SSLDisable
Keyfile /path_to/key.kdb
SSLV2Timeout 100
SSLV3Timeout 1000
# end example |
|
In this instance, non-secure content is served on port 9661
through http://servername.com:9661 and secure content through
https://servername.com:1445 .
If you try running the process as non-root on ports below 1024,
you might get errors relating to the process not being able to bind the
port (makesock errors). You might also get permission
denied errors. |
|
|
|
|
|
|