ananconda install.log has: Installing php-eaccelerator-0.9.5.2-2.fc9.i386 warning: user apache does not exist - using root warning: group apache does not exist - using root if this package contains files owned by the apache user or group, it needs to "Requires(pre): httpd" to ensure that the user/group are set up before the files are installed.
I agree this needs fixing, but not by requiring httpd, as eaccelerator works fine using lighttpd and PHP through fastcgi for instance. The only clean solution I can think of would be to create a shared group to which both "apache" and "lighttpd" would belong, and make the eA cache directory mode 770 root:group. How does that sound?
It sounds like a waste of gids, scare resource and all that. I don't know why lighttpd doesn't run as the apache uid anyway, it's not like anybody will use both/require security separation between them.
Changing version to '9' as part of upcoming Fedora 9 GA. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
(In reply to comment #2) > It sounds like a waste of gids, scare resource and all that. I don't know why > lighttpd doesn't run as the apache uid anyway, it's not like anybody will use > both/require security separation between them. Well, I mostly agree, but I can imagine people running both apache and lighttpd with different dynamic backends on the same server and expecting them to be "isolated" enough from a security perspective. So I do think that each web server having its own uid/gid does make sense. This doesn't solve the dilemma here, though. The only workaround I can think of is to provide some README which would explain the problem, suggesting to change the default /var/cache/php-eaccelerator directory to something else when not using apache. That and add a trigger to the package in order to chown the directory to apache:apache when httpd gets installed, for when php-eaccelerator gets installed first (this would be the fix for this particular report).
I've tried quite a few ideas, and none worked but this last one : * Wed Dec 24 2008 Matthias Saou <http://freshrpms.net/> 1:0.9.5.3-2 - Update default cache dir to be ghosted and take care of creating it and changing default ownership in the %%post scriplet (fixes #443407). Which means that the cache directory : * Defaults to apache:apache ownership even without httpd installed * Won't have its ownership reset upon rpm update if manually changed So this workaround covers every scenario I could think of.
Seems reasonable - thanks for dealing with it!