/* Licensed to the Apache Software Foundation (ASF) under one or more

 * contributor license agreements.  See the NOTICE file distributed with

 * this work for additional information regarding copyright ownership.

 * The ASF licenses this file to You under the Apache License, Version 2.0

 * (the "License"); you may not use this file except in compliance with

 * the License.  You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

/**

 * @file  suexec.h

 * @brief user-definable variables for the suexec wrapper code.

 *        (See README.configure on how to customize these variables.)

 */

#ifndef _SUEXEC_H

#define _SUEXEC_H

/*

 * Include ap_config_layout so we can work out where the default htdocsdir

 * and logsdir are.

 */

#include "ap_config_layout.h"

/*

 * HTTPD_USER -- Define as the username under which Apache normally

 *               runs.  This is the only user allowed to execute

 *               this program.

 */

#ifndef AP_HTTPD_USER

#define AP_HTTPD_USER "www"

#endif

/*

 * UID_MIN -- Define this as the lowest UID allowed to be a target user

 *            for suEXEC.  For most systems, 500 or 100 is common.

 */

#ifndef AP_UID_MIN

#define AP_UID_MIN 100

#endif

/*

 * GID_MIN -- Define this as the lowest GID allowed to be a target group

 *            for suEXEC.  For most systems, 100 is common.

 */

#ifndef AP_GID_MIN

#define AP_GID_MIN 100

#endif

/*

 * USERDIR_SUFFIX -- Define to be the subdirectory under users'

 *                   home directories where suEXEC access should

 *                   be allowed.  All executables under this directory

 *                   will be executable by suEXEC as the user so

 *                   they should be "safe" programs.  If you are

 *                   using a "simple" UserDir directive (ie. one

 *                   without a "*" in it) this should be set to

 *                   the same value.  suEXEC will not work properly

 *                   in cases where the UserDir directive points to

 *                   a location that is not the same as the user's

 *                   home directory as referenced in the passwd file.

 *

 *                   If you have VirtualHosts with a different

 *                   UserDir for each, you will need to define them to

 *                   all reside in one parent directory; then name that

 *                   parent directory here.  IF THIS IS NOT DEFINED

 *                   PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK!

 *                   See the suEXEC documentation for more detailed

 *                   information.

 */

#ifndef AP_USERDIR_SUFFIX

#define AP_USERDIR_SUFFIX "public_html"

#endif

/*

 * LOG_EXEC -- Define this as a filename if you want all suEXEC

 *             transactions and errors logged for auditing and

 *             debugging purposes.

 */

#ifndef AP_LOG_EXEC

#define AP_LOG_EXEC DEFAULT_EXP_LOGFILEDIR "/suexec_log" /* Need me? */

#endif

/*

 * DOC_ROOT -- Define as the DocumentRoot set for Apache.  This

 *             will be the only hierarchy (aside from UserDirs)

 *             that can be used for suEXEC behavior.

 */

#ifndef AP_DOC_ROOT

#define AP_DOC_ROOT DEFAULT_EXP_HTDOCSDIR

#endif

/*

 * SAFE_PATH -- Define a safe PATH environment to pass to CGI executables.

 *

 */

#ifndef AP_SAFE_PATH

#define AP_SAFE_PATH "/usr/local/bin:/usr/bin:/bin"

#endif

#endif /* _SUEXEC_H */