HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=25)
-   -   A question about www-data (http://www.howtoforge.com/forums/showthread.php?t=55458)

kelyiu3000 19th December 2011 19:27

A question about www-data
 
Here is the problem that php application create a folder or file with www-data privilege. In general, it can be edit, remove or add new operation in this folder within this application. As I upgraded to 3.0.4.1, I find that the php application cannot remove the folder.

How to solve this problem?

Thank you very much.

till 19th December 2011 20:11

change php mode to php-fcgi and enable the suexec checkbox in website settings.

kelyiu3000 19th December 2011 20:42

Quote:

Originally Posted by till (Post 269919)
change php mode to php-fcgi and enable the suexec checkbox in website settings.

I am already in FAST-CGI mode......and I need to run some cgi application outside the cgi-bin folder.....so I need to disable the suexec to run it.

Any other solution?
Or some alternative way to enable to run some cgi application outside the cgi-bin folder?

BTW, Thank you.

till 19th December 2011 21:14

Therea are 2 options:

a) enable susxec and your scripts run under the web user and client group.
b) disable suexec and the scripts run as www-data

There is no third option, so you have to decide what you want.

kelyiu3000 20th December 2011 04:12

Quote:

Originally Posted by till (Post 269926)
Therea are 2 options:

a) enable susxec and your scripts run under the web user and client group.
b) disable suexec and the scripts run as www-data

There is no third option, so you have to decide what you want.

Thank you very much.
One more question please. How to enable CGI application can outside the cgi-bin folder? I don't understand why cannot run it outside the cgi-bin folder with susxec enabled?

BTW, your answer is very useful.

till 20th December 2011 08:22

Do you mean a cgi application with ending .cgi or .pl or do you talk about .php files? The most common problem are permissions and file ownership. You should make sure that the files and folders inside the "web" folder are owned by the web user and client group of this website. Then you might want to check if the security level is set to high under System > server config > web as thats the recommended level.

kelyiu3000 20th December 2011 15:31

2 Attachment(s)
Quote:

Originally Posted by till (Post 269952)
Do you mean a cgi application with ending .cgi or .pl or do you talk about .php files? The most common problem are permissions and file ownership. You should make sure that the files and folders inside the "web" folder are owned by the web user and client group of this website. Then you might want to check if the security level is set to high under System > server config > web as thats the recommended level.

Thank you.
Yes. It is a serious conflict for me. First, I need to run CGI applications with ending .cgi or .pl outside the cgi-bin folder so I disabled the SuEXEC in installation but I get the problem about php application cannot remove the folder because of www-data premission. That is the problem I need to solve.

P.S. run in FAST-CGI mode and all files and folders inside the "web" folder owned by the web user and client group and Medium Security level

Situation:
Enable susxec-->CGI got 500 Internal Server Error, PHP run as web user and client group
disable suexec-->CGI run fine, PHP run as www-data and happen cannot remove problem

Can I set to low Security level to allow 777 to files with suexec?
This is very a stressed problem for me.

Please help.....
Thank you very much.

till 20th December 2011 15:49

Quote:

Enable susxec-->CGI got 500 Internal Server Error, PHP run as web user and client group
Plaese post the exact error message that you find in the error.log of the website.

kelyiu3000 20th December 2011 18:55

Quote:

Originally Posted by till (Post 270005)
Plaese post the exact error message that you find in the error.log of the website.

error.log
[Wed Dec 21 01:39:10 2011] [error] [client 192.168.1.1] suexec policy violation: see suexec log for more details, referer:
[Wed Dec 21 01:39:10 2011] [error] [client 192.168.1.1] Premature end of script headers: action.cgi, referer:
[Wed Dec 21 01:40:33 2011] [error] [client 192.168.1.1] suexec policy violation: see suexec log for more details, referer:
[Wed Dec 21 01:40:33 2011] [error] [client 192.168.1.1] Premature end of script headers: action.cgi, referer:


suexec.log
[2011-12-21 01:39:04]: uid: (5004/web1) gid: (5005/client1) cmd: .php-fcgi-starter
[2011-12-21 01:39:10]: uid: (5004/web1) gid: (5005/client1) cmd: action.cgi
[2011-12-21 01:39:10]: directory is writable by others: (/var/www/clients/client1/web1/web/game/watlas)
[2011-12-21 01:40:22]: uid: (5004/web1) gid: (5005/client1) cmd: .php-fcgi-starter
[2011-12-21 01:40:33]: uid: (5004/web1) gid: (5005/client1) cmd: action.cgi
[2011-12-21 01:40:33]: directory is writable by others: (/var/www/clients/client1/web1/web/game/watlas)

Thank you very much.

falko 21st December 2011 11:50

Quote:

[2011-12-21 01:39:10]: directory is writable by others: (/var/www/clients/client1/web1/web/game/watlas)
Try
Code:

chmod 775 /var/www/clients/client1/web1/web/game/watlas


All times are GMT +2. The time now is 22:47.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.