LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 09-01-2010, 07:10 AM   #1
timmywo
Member
 
Registered: Nov 2003
Location: London UK
Distribution: CentOS 5
Posts: 68

Rep: Reputation: 15
suexec + backuppc fun


Apache/2.2.3
CentOS release 5.4 (Final)
BackupPC-3.1.0-6.el5

Hey,

So im setting up backuppc but do not want Apache to run as the backuppc user. To get round this I need to setup suEXEC so that CGI scripts are ran as the backuppc user.

This seems fine and I do have the module loaded, so...
1. I have configured my config files as said here
2. I have read that DOC_ROOT for suEXEC is set to /var/www I need to change this to /home/www - as a quick fix i have a symbolic link from /var/www to /home/www
3. To confirm what DOC_ROOT is and check where the log file will be as suggested on many sites I run "/usr/sbin/suexec -V" but I get nothing back, it does not list any config
4. Group and Owner for "/usr/share/BackupPC" is backuppc

After all the above I get this error in my Apache logs...
Quote:
Premature end of script headers: BackupPC_Admin
Im a little lost at what to do next, im guessing suEXEC is not working due to the fact its pointing to the wrong home directory for websites - but why is "suexec -V" coming back empty so I cannot check the location of its log file - is this a larger issue?

Some direction would be apreshated.

BackupPC.conf
Code:
<Directory       /usr/share/BackupPC/sbin/>
# BackupPC requires valid authentication in order for the web interface to
# function properly.  One can view the web interface without authentication
# though all functionality is disabled.
# 
# htpasswd -c /etc/BackupPC/apache.users yourusername
# 
Options +ExecCGI
order deny,allow
allow from all
AuthType Basic
AuthUserFile /etc/BackupPC/apache.users
AuthName "BackupPC

require valid-user

</Directory>

Alias           /BackupPC/images        /usr/share/BackupPC/html/
ScriptAlias     /BackupPC               /usr/share/BackupPC/sbin/BackupPC_Admin
httpd.conf - VirtualHost
Code:
<VirtualHost *:80>
   ServerName <myserver>
   DocumentRoot /usr/share/BackupPC/sbin
   # run scripts in this vhost as this user/group
   SuexecUserGroup backuppc backuppc
   ScriptAlias /backuppc/cgi-bin/ /usr/share/BackupPC/bin
   Alias /backuppc /usr/share/BackupPC/sbin

   ErrorLog /home/www/logs/<myserver>.err
   CustomLog /home/www/logs/<myserver>.log common
</VirtualHost>

Last edited by timmywo; 09-03-2010 at 03:16 AM.
 
Old 09-05-2010, 11:53 AM   #2
timmywo
Member
 
Registered: Nov 2003
Location: London UK
Distribution: CentOS 5
Posts: 68

Original Poster
Rep: Reputation: 15
After a long day, I believe I stumbled across the solution... so here it is before I forget for anyone else...

Read everywhere to check permissions, but not what they should be, run the following...
Code:
chown -R backuppc.backuppc /var/log/BackupPC/   <-sets the user and group
chmod u+s BackupPC_Admin    <- set user id on executing (setuid)
chmod a+x BackupPC_Admin    <- make the file executable (i believe)
Next get rid of Suexec in httpd.conf as perl can do the suid part when running the file
Code:
#SuexecUserGroup backuppc backuppc
use groupmod and usermod to make sure the group and user IDs are above 500 so that Suexec does not get upset (I don't think this is needed, but its a step I did before things starter working)
Code:
groupmod -g 3000 backuppc
usermod -u 3000 backuppc
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
httpd-2.2.3 | error - suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) jmahto Linux - Enterprise 3 07-14-2010 01:53 AM
Installing BackupPC : The requested URL /backuppc was not found on this server jonaskellens Linux - Newbie 7 12-17-2009 02:24 AM
BackupPC help tsaravan Linux - Networking 1 12-20-2007 05:46 PM
<fun> The Windows Crash </fun> Simon Bridge General 6 08-26-2007 07:46 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration