Installed OpenSSL as non-root user...

Garet Jax

Diamond Member
Feb 21, 2000
6,369
0
71
Hello all,

I have been trying to figure out unix a little better. As a result I removed the OpenSSL and Apache installs on my Red Hat 9.0 linux box and tried to re-compile/re-install them with a non-root user (in that user's home directory).

Once I removed them and used root to install them in /usr/local/, everything worked fine again.

Can someone point me to the common gotchas that occur when trying to compile/install software as a non-root user?

Thanks.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
Basically you don't want to, compiling as non-root is a good idea but installing the final binaries should be done as root so they can be put in system places like /usr/lib/ or /usr/local/lib/. All you'll end up doing is causing yourself headaches, well compiling from scratch at all is a pain compared to using pre-built packages but for some unknown reason some people swear by it.
 

Garet Jax

Diamond Member
Feb 21, 2000
6,369
0
71
Originally posted by: Nothinman
Basically you don't want to, compiling as non-root is a good idea but installing the final binaries should be done as root so they can be put in system places like /usr/lib/ or /usr/local/lib/. All you'll end up doing is causing yourself headaches, well compiling from scratch at all is a pain compared to using pre-built packages but for some unknown reason some people swear by it.

OK. This makes sense for OpenSSL, but what about Apache. If I am running a development box with a few developers, I would want each one to have a separate instance of Apache installed (so they could muddle with it and not affect each other).

I am going to try that tonight...
 

Fuzznuts

Senior member
Nov 7, 2002
449
0
0
Originally posted by: Garet Jax
Originally posted by: Nothinman
Basically you don't want to, compiling as non-root is a good idea but installing the final binaries should be done as root so they can be put in system places like /usr/lib/ or /usr/local/lib/. All you'll end up doing is causing yourself headaches, well compiling from scratch at all is a pain compared to using pre-built packages but for some unknown reason some people swear by it.

OK. This makes sense for OpenSSL, but what about Apache. If I am running a development box with a few developers, I would want each one to have a separate instance of Apache installed (so they could muddle with it and not affect each other).

I am going to try that tonight...

wouldnt one install with virtual hosts on different ports and assign a dev user to each port be easier?
 

Garet Jax

Diamond Member
Feb 21, 2000
6,369
0
71
Originally posted by: Fuzznuts
wouldnt one install with virtual hosts on different ports and assign a dev user to each port be easier?

Yes and no. It would be easier, but it wouldn't give us what we need. There are lots of time where one developer will need to change one or more settings and/or drop and restart the server. Sharing one server means that those changes or restarts will affect everyone else. Having independant servers will insulate each developer from one another.
 

Fuzznuts

Senior member
Nov 7, 2002
449
0
0
Originally posted by: Garet Jax
Originally posted by: Fuzznuts
wouldnt one install with virtual hosts on different ports and assign a dev user to each port be easier?

Yes and no. It would be easier, but it wouldn't give us what we need. There are lots of time where one developer will need to change one or more settings and/or drop and restart the server. Sharing one server means that those changes or restarts will affect everyone else. Having independant servers will insulate each developer from one another.

ah cool just remember to change the default port for each of them :)
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
You could still use packages, I can't remember how exactly but I'm 99% sure you can specify a new package root when you install one. But setting up multiple instances of Apache from source would probably be easiest even though I don't see why you'd need to do that for OpenSSL each Apache instance would just use the same libraries and it wouldn't cause any problems.