[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

[mv] OpenBSD/nosuid drive issue

To: <minivend-users@minivend.com>
Subject: [mv] OpenBSD/nosuid drive issue
From: "Steve Fairhead" <steve@sfdesign.co.uk>
Date: Sat, 8 Apr 2000 15:47:10 +0100
Importance: Normal
In-reply-to: <000d01bfa0fe$d1133ee0$1500a8c0@oak>
Reply-To: minivend-users@minivend.com
Sender: owner-minivend-users@minivend.com

****** message to minivend-users from "Steve Fairhead" <steve@sfdesign.co.uk> ******

Hi folks,

Newbie here. I'm slowly teaching myself MiniVend under OpenBSD 2.6 (motto:
"secure by default") by osmosis. I've been lurking since 3.14, reading the
docs/FAQs, soaking up the discussions here, taking my time. I keep running
into one particular problem. The good part is that I might be starting to
understand what's happening. Or not :).

>From the FAQ:
>> We're sorry, the MiniVend server is unavailable...
This is the most common problem on UNIX systems. It almost always means that
permissions are not properly set up, or that the VLINK program is not
setuid. Try temporarily changing the permission of the
MINIVEND_ROOT/etc/socket file to be read/write to all groups ( chmod 666
etc/socket). <<

I'm stuck here. Everything apparently works ok with the chmod 666 etc/socket
trick, but I can't seem to close it down further, e.g. to groups. I think it
may have to do with the fact that most of my drives are marked "nosuid" (in
/etc/fstab). But even so...

My setup places each user in their own group first. The minivend server is
running under user "minivend", group "mvusers". The catalog belongs to
"steve", who is a member of the "mvusers" group. I've been similarly
specific about the the minivend root file permissions and the cgi-bin file
permission. I tried adding the Apache owner "www" (distinct from "nobody" in
OBSD) to mvusers with no effect. Umask is 022. The error logs just show the
server starting up & shutting down, in both UNIX and INET mode. I'm trying
to stay within the ethic of uncompromised security.

I'm afraid I may have read the docs so often that it's woods/trees time...
Any suggestions gratefully received; hygienic and anatomically possible
preferred. (More detail available if required; this message intentionally
concise.)

Steve

------------------------------------------
Steve Fairhead - SFD - Solutions by Design
www: http://www.sfdesign.co.uk
------------------------------------------

-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list

Follow-Ups:
- Re: [mv] OpenBSD/nosuid drive issue
  - From: Hans-Joachim Leidinger <jojo@buchonline.net>

References:
- RE: [mv] My images will not work.
  - From: "Christopher Thompson" <ct@arborinternet.com>

Prev by Date: Re: [mv] Setting MV session ID from outside of Minivend.]]
Next by Date: Re: [mv] Setting MV session ID from outside of Minivend.]]
Prev by thread: RE: [mv] My images will not work.
Next by thread: Re: [mv] OpenBSD/nosuid drive issue
Index(es):
- Date
- Thread