From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/1267
Path: news.gmane.org!not-for-mail
From: Charlie Brady <charlieb-supervision@budge.apana.org.au>
Newsgroups: gmane.comp.sysutils.supervision.general
Subject: Re: apache2 run script
Date: Fri, 6 Oct 2006 11:46:29 -0400 (EDT)
Message-ID: <Pine.LNX.4.64.0610061143150.14026@e-smith.charlieb.ott.istop.com>
References: <20061001092939.GA1057@heinlein.local> <20061005235825.GB7053@home.power>
 <Pine.LNX.4.64.0610061028330.14026@e-smith.charlieb.ott.istop.com>
 <20061006153719.GC7053@home.power>
NNTP-Posting-Host: main.gmane.org
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Trace: sea.gmane.org 1160149610 17215 80.91.229.2 (6 Oct 2006 15:46:50 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Fri, 6 Oct 2006 15:46:50 +0000 (UTC)
Cc: supervision@list.skarnet.org
Original-X-From: supervision-return-1503-gcsg-supervision=m.gmane.org@list.skarnet.org Fri Oct 06 17:46:50 2006
Return-path: <supervision-return-1503-gcsg-supervision=m.gmane.org@list.skarnet.org>
Envelope-to: gcsg-supervision@gmane.org
Original-Received: from antah.skarnet.org ([212.85.147.14])
	by ciao.gmane.org with smtp (Exim 4.43)
	id 1GVruM-0005GK-7y
	for gcsg-supervision@gmane.org; Fri, 06 Oct 2006 17:46:42 +0200
Original-Received: (qmail 19424 invoked by uid 76); 6 Oct 2006 15:47:03 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Archive: <http://www.skarnet.org/lists/>
Original-Received: (qmail 19418 invoked from network); 6 Oct 2006 15:47:03 -0000
X-Spam-Status: No, hits=-1.4 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: charlieb.ott.istop.com
X-X-Sender: charlieb@e-smith.charlieb.ott.istop.com
Original-To: Alex Efros <powerman@powerman.asdfGroup.com>
In-Reply-To: <20061006153719.GC7053@home.power>
Xref: news.gmane.org gmane.comp.sysutils.supervision.general:1267
Archived-At: <http://permalink.gmane.org/gmane.comp.sysutils.supervision.general/1267>


On Fri, 6 Oct 2006, Alex Efros wrote:

> Hi!
>
> On Fri, Oct 06, 2006 at 10:30:12AM -0400, Charlie Brady wrote:
>>> exec env -i PATH=$PATH apache2 -DNO_DETACH -k start -DSSL
>>
>> As a matter of interest, why do you do "env -i PATH=$PATH"? One of the
>> things that runit gives you is a guaranteed consistent environment,
>> inherited from runsvdir.
...
> exec env -i PATH=$PATH LD_PRELOAD=libREV.so \
>    apache2 -DNO_DETACH -k start -DDOC -DSSL -DFASTCGI # -DPHP4
...
> 3) libREV.so is our trick for web development. This library able to
>   intercept all syscalls for opening files and redirect them to different
>   files if needed. Looks like rootkit. ;-) This is for working with
>   different 'revisions' of same CGI/html file at same time.
>
> So... because of LD_PRELOAD and libREV's nature I prefer to not export
> LD_PRELOAD to processes which doesn't need it. Most safe way - provide
> this variable only for apache2 process using `env` or `envdir` or `chpst -e`.

I don't see any advantage over:

export LD_PRELOAD=libREV.so
exec apache2 -DNO_DETACH -k start -DDOC -DSSL -DFASTCGI # -DPHP4

or

LD_PRELOAD=libREV.so exec apache2 -DNO_DETACH -k start \
   -DDOC -DSSL -DFASTCGI # -DPHP4