打印

只要大于或等于1024端口号的就可以用非root用户来启动IHS

只要大于或等于1024端口号的就可以用非root用户来启动IHS

只要大于或等于1024端口号的就可以用非root用户来启动IHS
一、创建用户 wasadmin,密码也是 wasadmin,如果有或用其它用户省略之
useradd wasadmin
passwd wasadmin

二、将IHS目录赋予 wasadmin 用户
chown -R wasadmin /usr/IBM/HTTPServer/

三、修改 httpd.conf 端口为1024或大于这个号
vi /usr/IBM/HTTPServer/conf/httpd.conf
将 Listen 80 改为 1024如下

#Listen 12.34.56.78:80
Listen 1024

四、验证
$ cd /usr/IBM/HTTPServer/bin

$ id
uid=208(wasadmin) gid=1(staff)

$ pwd
/usr/IBM/HTTPServer/bin

$ ./apachectl start

$ netstat -an|grep 1024
tcp        0      0  *.1024                 *.*                    LISTEN

用浏览器访问测试是否正常即可,或者用telnet直接进行文本验证,wget也行。

$ telnet localhost 1024
Trying...
Connected to loopback.
Escape character is '^]'.
telnet>
GET / HTTP/1.0

HTTP/1.1 200 OK
Date: Thu, 15 Apr 2010 06:12:26 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 18 Jun 2009 05:17:12 GMT
ETag: "3bab0-c6f-852d2600"
Accept-Ranges: bytes
Content-Length: 3183
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4//EN">
<!-- (C) COPYRIGHT International Business Machines Corporation 1999 -->
<!-- All Rights Reserved -->
<!-- Licensed Materials - Property of IBM -->
<!-- -->
<!-- US Government Users Restricted Rights - Use, duplication or  -->
<!-- disclosure restricted by GSA ADP Schedule Contract with IBM Corp.-->
<!-- -->
<html>
<HEAD>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>IBM HTTP Server</title>
<script language="JavaScript">

      document.write('<link rel="stylesheet" href="http_server_styles.css">');

   </script>
</head>

<body  width="778" height="556" background="images/background.gif" resize="no" scroll="no">

<tr>

        <td><img src="images/odot.gif" width="1" height="155"><br>

            <table cellspacing="0" cellpadding="0" border="0" background="images/foreground.gif" height="252" width="639" align="center">

                <tr valign="top">
                    <td><img src="images/odot.gif" width="1" height="60"></td>
                </tr>

                <tr align="left" valign="top">
                    <td><img src="images/odot.jpg" width="46" height="1"></td>

                    <td>
                    <img src="images/administration.gif" width="23" height="18" border="0">
                    <a href="http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.ihs.doc/info/ihs/ihs/tihs_startadmserv.html">
                    Administration</a></td>

                    <td>  |  </td>

                    <td>
                    <img src="images/help.gif" width="22" height="20" border="0">
                    <a href="http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.ihs.doc/info/welcome_ihs.html">
                    Information center</a></td>

                    <td>  |  </td>

                    <td>
                    <img src="images/support.gif" width="19" height="20" border="0">
                    <a href="http://www-306.ibm.com/software/webservers/httpservers/support/">
                    Support</a></td>

                    <td>  |  </td>

                    <td>
                    <img src="images/notes.gif" width="19" height="20" border="0">
                    <a href="http://www-1.ibm.com/support/search.wss?rs=180&tc=SSEQTP&q=V61RNotes">
                    Release notes</a></td>

                    <td><img src="images/odot.jpg" width="49" height="1"></td>
                </tr>
                <!--<tr valign="top">
                    <td> </td>
                    <td colspan="7" width="525" class="descriptive_text" valign="top" align="left">Descriptive text area to be used for
                    additional reference information. Two lines maximum. Information here changes as user rolls-over each link above.<br></td>
                    <td> </td>
                </tr>
                                -->



             </table>

     </td>
</tr>


</body>
</html>
Connection closed.

结论:只要大于或等于1024端口号的就可以用非root用户来启动IHS

如果用非root且端口小于1024的话,就会因为权限的问题导致无法绑定端口也无法正常启动,如下:
$ ./apachectl start
httpd: Could not determine the server's fully qualified domain name, using 192.168.1.164 for ServerName
(13)Permission denied: make_sock: could not bind to address [::]:1023
no listening sockets available, shutting down
Unable to open logs
$ id
uid=208(wasadmin) gid=1(staff)
$ ./apachectl start
httpd: Could not determine the server's fully qualified domain name, using 192.168.1.164 for ServerName
(13)Permission denied: make_sock: could not bind to address [::]:80
no listening sockets available, shutting down
Unable to open logs

error_log
[Thu Apr 15 13:53:56 2010] [warn] pid file /usr/IBM/HTTPServer/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Thu Apr 15 13:53:56 2010] [notice] IBM_HTTP_Server/6.1.0.25 Apache/2.0.47 configured -- resuming normal operations
[Thu Apr 15 13:53:56 2010] [notice] CoreDumpDirectory not set; core dumps may not be written for child process crashes
[Thu Apr 15 13:54:24 2010] [notice] caught SIGTERM, shutting down
拥抱智慧地球!地球守护使者!

TOP