Running IBM HTTP Server as non-root on UNIX
 Technote (troubleshooting)
 
Problem(Abstract)
Is it possible to run IBM® HTTP Server as a non-root process on UNIX® systems?
 
Resolving the problem
It is possible to run IBM HTTP Server as a non-root process on a UNIX system, but when doing so, use only nonstandard ports above 1024. The following are some snippets from the httpd.conf file showing the directives necessary to do this. After making these changes, stop and restart the server for the changes to take effect.

# begin example
Port 9661
ServerName servername.com

# Listen: The listen directive is required only if the server
# will be listening on more than 1 port.
Listen 9661

Listen 1445

<VirtualHost 192.168.1.100:1445>
ServerName servername.com
ErrorLog logs/servername.com-error_log
TransferLog logs/servername.com-access_log
SSLClientAuth none
SSLEnable
SSLServerCert mycert
</VirtualHost>

SSLDisable
Keyfile /path_to/key.kdb
SSLV2Timeout 100
SSLV3Timeout 1000

# end example

In this instance, non-secure content is served on port 9661 through http://servername.com:9661 and secure content through https://servername.com:1445.

If you try running the process as non-root on ports below 1024, you might get errors relating to the process not being able to bind the port (makesock errors). You might also get permission denied errors.
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > IBM HTTP Server > Install
Operating system(s): Sun Solaris
Software version: 6.1
Software edition:
Reference #: 1054553
IBM Group: Software Group
Modified date: Sep 16, 2004