Hi there,
I'm having trouble with suexec on a CentOS machine that was entirely setup using the Virtualmin install script. Description of the problem : despite being (apparently) configured ok and no error showing in the logs, suexec seems not to work at all on a standard Virtualmin install.
How I tested : Install, create a virtual server, make sure suexecUserGroup directive is ok in the vhost config, create a small PHP script that does fopen(w), fwrite and fclose, then check that file in the terminal, and it's owned by Apache, not by the user.
Tech info : I'm willing to post anything, but here are some config files already :
Code:
# /usr/sbin/suexec -V
-D AP_DOC_ROOT="/home"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/httpd/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=500
-D AP_USERDIR_SUFFIX="public_html"
And yes, my vhost docroot is in /home/xxxx/public_html/
And the default docroot of Apache is even /home...
var/log/httpd/suexec.log is empty.
Sample vhost config:
Code:
<VirtualHost x.x.x.x:80>
SuexecUserGroup "#501" "#501"
ServerName blah.tld
ServerAlias webmail. blah.tld
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail. blah.tld
RewriteRule ^(.*) <a href="http://blah2.tld/webmail/" title="http://blah2.tld/webmail/">http://blah2.tld/webmail/</a> [R]
DocumentRoot "/home/blah/publig_html"
DirectoryIndex index.html index.htm index.php
Alias /webmail /usr/share/squirrelmail/
</VirtualHost>
suexec module is loaded in Apache, and php should run as fcgi script (though I find it a little difficult to troubleshoot this one...)
Code:
# cat /etc/httpd/conf.d/php.conf
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
LoadModule php5_module modules/libphp5.so
#
# Cause the PHP interpreter to handle files with a .php extension.
#
AddHandler php5-script .php
AddType text/html .php
#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php
#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps
Code:
# cat /etc/httpd/conf.d/fcgid.conf
# This is the Apache server configuration file for providing FastCGI support
# through mod_fcgid
#
# Documentation is available at http://fastcgi.coremail.cn/doc.htm
LoadModule fcgid_module modules/mod_fcgid.so
# Use FastCGI to process .fcg .fcgi & .fpl scripts
# Don't do this if mod_fastcgi is present, as it will try to do the same thing
<IfModule !mod_fastcgi.c>
AddHandler fcgid-script fcg fcgi fpl
</IfModule>
# Sane place to put sockets and shared memory file
SocketPath run/mod_fcgid
SharememPath run/fcgid_shm
I tried to follow some directives here :
http://www.fastcgi.com/drupal/node/5?q=node/10 but it did not work at all. Best result was to download the PHP source (which of course is not really what I need!).
Here is the full thread at Virtualmin forums :
https://www.virtualmin.com/node/14102
Any help appreciated. Development is stopped on the machine if I cannot get the script to really execute as the user that is setup in the vhost settings !
Thanks in advance...