Hi everyone

Just like to know if apache2-mpm-itk is compatible with ispconfig.

Is it an acceptable alternative to suphp, does it work and are there any security issues that need addressing.

Its installable for ubuntu as an apt-get install apache2-mpm-itk but Im unsure as to what is any config settings need to be changed to allow it to work properly

Infact there really isnt a lot of info about it that I could find.

Thanks:)
Steve

I have not tested it with ISPConfig yet but I guess it might work. You will have to add the "AssignUserID" directive with the userid of the administrator of the website and the groupid of the website in the apache directives field manually. Please report if it workd, then we can add this functionality to the ISPConfig php configuration options.

Hi till

well not a lot of luck yet but here is what I have done for testing mpm-itk

used vmware on xp to install a test server with debian etch perfect setup
then apt-get install apache2-mpm-itk. This removed 2 apache files changed some stuff and restarted apache2.
then installed ispconfig
setup one site
placed "AssignUserID web1_steve www-data" into Apache Directives in ispconfig
used ftp and uploaded joomla files
same old problem joomla cant write so used chown -R -v -f www-data:www-data web/* to allow joomla to install but now I cant use ftp to make any changes.

Q. am I using the right user and group id

Q. How can I check to determine if mpm-itk is installed and working correctly

I have included a copy of my vhost file below

Thanks
Steve



###################################
#
# ISPConfig vHost Configuration File
# Version 1.0
#
###################################
#
NameVirtualHost 192.168.1.22:80
<VirtualHost 192.168.1.22:80>
ServerName localhost
ServerAdmin root@localhost
DocumentRoot /var/www/sharedip
</VirtualHost>
#
#
######################################
# Vhost: www.sample.com:80
######################################
#
#
<VirtualHost 192.168.1.22:80>
AssignUserID web1_steve www-data
ServerName www.sample.com:80
ServerAdmin webmaster@sample.com
DocumentRoot /var/www/web1/web
ServerAlias sample.com
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
ScriptAlias /cgi-bin/ /var/www/web1/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
ErrorLog /var/www/web1/log/error.log
AddType application/x-httpd-php .php .php3 .php4 .php5
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php3>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php4>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php5>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
php_admin_flag safe_mode Off
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Alias /error/ "/var/www/web1/web/error/"
ErrorDocument 400 /error/invalidSyntax.html
ErrorDocument 401 /error/authorizationRequired.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/fileNotFound.html
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
AliasMatch ^/~([^/]+)(/(.*))? /var/www/web1/user/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web1/user/$1/web/$3
</VirtualHost>

Q. am I using the right user and group idIf you want the Apache user to have read/write privileges, then yes. If you want the site owner to have read/write privileges, you must make him the owner of the files and his group the group of the files. If the files then have 664 privileges (directories 775), and you add www-data to the web group, Apache should be able to read/write as well.

Q. How can I check to determine if mpm-itk is installed and working correctly

Check Apache's error log for errors.

And if you want to have a solution that is tested and supported by ISPConfig, you should use SuPHP instead of mpm-itk.

Another method to allow www-data user to write into webmaster owned directories is to use setfacl/getfacl utilities. This requires your webmasters to login via SSH to change POSIX ACLs on files and/or folders. Also, option 'acl' must be used in /etc/fstab. And also set setguid (chmod g+s my/folder) on the directory where files will be created by apache. If apache creates files or folders in this directory their group fill be inherited from the parent directory and the webmaster will be able to view them.