Hi Bryan, On Thu, 28 Oct 1999 23:48:42 -0400, Bryan J. Smith wrote:

Zope-2.0.1 RPMs: Recommend permission change on /var/zope/access ...

Mine installs with 0644 on /var/zope/access. Since the "superuser" password is clear-text, I would recommend 0600 instead.

I'll take a look at that again. I looked originally and had some trouble re Zope runs as user nobody and access is owned by root. And I -think- when I tried to make access owned by nobody, other things broke. Maybe I'll try user nobody, group root or vice versa. I do see your point though.

When ZServer is installed as the publishing service, the /var/zope/zserver_wo_pcgi.sh file is commented with the following: <snip> I am looking at Zope from a performance issue. Do I installed both ZServer and PCGI RPMs to get this functionality, or which one? I couldn't find any .[p]cgi file when I installed ZServer, although I haven't check all the directories yet.

Zope v2.0.x -always- runs the ZServer portion, which is based on Medusa, a Python extension module. ZServer is a non-blocking protocol server that listens on HTTP, FTP, PCGI, Python Monitor and File I/O ports/events and then invokes the correct portions of Zope to handle requests. So when you install the Zope-pcgi RPM, you get ZServer with a configuration file set to listen to the PCGI Unix pipe, and if you install the Zope-zserver RPM, you get a configuration file to listen to the HTTP TCP/IP port. But you can alter that config file (/var/zope/zserver.sh) to listen to any mix of ports/event.

If I come through the PCGI interface, how do I tell it to use ZServer for increased performance? Or is this automatic if ZServer is running?

It automatically uses ZServer and if you should enable both the HTTP port and the PCGI pipe, then you will be able to access your site via both mechanisms, with the HTTP port being the faster method, and the PCGI pipe coming from Apache, which has already read the user's HTTP request and spawned a CGI process to handle it (/usr/bin/pcgi-wrapper), with that process then writing the request and env vars into the Unix pipe which ZServer then reads from and handles the request. It's -that- extra overhead that you eliminate by going direct to ZServer via the HTTP port, but in trade, you give up (a) the ability to serve static files from your filesystem, (b) Apache's logging facility of hits and such, and (c) any ability to run the SSL secure socket protocol for e-commerce. I hope this makes sense... <grin> -Jeff Rush

Thanx in advance ... -- Bryan "TheBS" Smith