Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 31st July 2012, 13:59
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
Smile Apache2 With mod_fcgid And PHP5 On Ubuntu 11.10

Hello there,

I'm trying to setup suexec in a cloud environment following this article: http://www.howtoforge.com/how-to-set...n-ubuntu-11.10
My question is simple: I don't want to use virtual domains as the author suggests but rather virtual subdomains in the form: john.superbhosting.com, alice.superbhosting.com etc.
Moreover, i don't want to reload again and again the apache2 server.
I've read the apache documentation for virtual domains and subdomains but how should apply all this to my Ubuntu 11.10 server?

Thank you in advance!
Reply With Quote
Sponsored Links
  #2  
Old 1st August 2012, 14:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

I think this is what you're looking for: http://httpd.apache.org/docs/2.2/en/vhosts/mass.html
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
centurianii (1st August 2012)
  #3  
Old 1st August 2012, 22:51
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
Default Apache mass virtual hosting and suExec

Thank you Falco for your fast answer!

I'm aware of this link from Apache documentation but I have some questions there: Apache suggests the use of httpd.conf file whereas you suggest to write files at /var/www/ directory. Which approach is better?

Apache suggest to use mod_vhost_alias or mod_rewrite. Is some method better than the other? I think the first one is simpler.

There is another think I'm wondering about after reading this article some time ago: http://jp-larocque.livejournal.com/49475.html

The writer implies that some php can run under suExec with user writes and some other "non-userdir FastCGI scripts" to NOT use suEXEC. For that reason he gives a hack, a FastCGI wrapper hack script at /usr/local/sbin/fastcgi-suexec-hack:
Code:
#!/bin/sh
# This hack exists exclusively to work around the restriction that
# FastCGI wrappers (e.g. suEXEC) are an all-or-nothing ordeal.  Thou
# shalt not enable wrappers for userdirs but not for the whole site.
# Thou shalt not configure non-userdir FastCGI scripts to use suEXEC
# or thou shall suffer my wrath of mysterious suexec policy violation
# notices for 7 generations.
a php library 
username="$1"
group="$2"
application="$3"

case "$(pwd)/" in
/home/*/public_html/*)
	exec /usr/lib/apache2/suexec "$username" "$group" "$application";;
*)
	application_abs="$(readlink -f "$application")"
	exec "$application_abs";;
esac
(my first language is not English and I need Oxford dictionary to understand "thou shall"!!)

My question is this: can I mix user php code with user permissions with a php library that has boarder permissions and runs as a www-data or even a user from the sudoers group??
(some require_once headers should import the php library but what is required is the user NOT to be able to hack that library)

Thanks again!
Reply With Quote
  #4  
Old 2nd August 2012, 13:37
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Quote:
Originally Posted by centurianii View Post
Thank you Falco for your fast answer!

I'm aware of this link from Apache documentation but I have some questions there: Apache suggests the use of httpd.conf file whereas you suggest to write files at /var/www/ directory. Which approach is better?
You're mixing things up - /var/www/ is the document root where you must upload your HTML, PHP files, images, etc. while httpd.conf (or apache2.conf) are configuration files for Apache.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 2nd August 2012, 20:18
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
Default

1)
Quote:
Originally Posted by falko View Post
You're mixing things up - /var/www/ is the document root where you must upload your HTML, PHP files, images, etc. while httpd.conf (or apache2.conf) are configuration files for Apache.
Yes, indeed!!
Correcting myself: you suggested to create files at /etc/apache2/sites-available/ in the form:
Code:
<VirtualHost *:80>
...
</VirtualHost>
whereas Apache suggests writing at httpd.conf....(?)
2)
At the wrapper script at /var/www/php-fcgi-scripts/web1/php-fcgi-starter, you wrote:
Code:
...
exec /usr/lib/cgi-bin/php
but look at my installation:
Code:
xxx@xxx:~$ ls -al /usr/lib/cgi-bin
total 7952
drwxr-xr-x  2 root root    4096 2012-06-11 22:24 .
drwxr-xr-x 56 root root   12288 2012-07-15 13:56 ..
lrwxrwxrwx  1 root root      29 2012-06-11 22:24 php -> /etc/alternatives/php-cgi-bin
-rwxr-xr-x  1 root root 8112496 2012-05-04 02:01 php5
and
Code:
xxx@xxx:~$ ls -al /usr/bin
...
-rwxr-xr-x  1 root   root    8112496 2012-05-04 02:01 php5-cgi
lrwxrwxrwx  1 root   root         25 2012-06-11 22:24 php-cgi -> /etc/alternatives/php-cgi
...
...why calling /etc/alternatives/php-cgi-bin and not:
Code:
exec /usr/lib/cgi-bin/php5
or,
Code:
exec /usr/bin/php5-cgi
instead??
Reply With Quote
  #6  
Old 8th August 2012, 18:39
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
Default (104)Connection reset by peer: mod_fcgid: error

Hi,

following Falco's tutorial I set up a new domain, I'll call it www.john.com and I tried to see the result when I hit my browser to www.john.com/info.php:
Code:
Title: 500 Internel Server Error
Message: Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster@john.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.
At my /var/log/apache2/error.log:
Code:
[Wed Aug 08 17:25:19 2012] [warn] [client xxx.xxx.xxx.xxx] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server, referer: http://www.john.com/
[Wed Aug 08 17:25:19 2012] [error] [client xxx.xxx.xxx.xxx] Premature end of script headers: info.php, referer: http://www.john.com/
From what I can see googling this error there is no simple solution or solution at all
Reply With Quote
  #7  
Old 9th August 2012, 15:00
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Can you post your FCGI starter script, your vhost configuration, and your /etc/apache2/mods-available/fcgid.conf file?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 12th August 2012, 09:41
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Sorry for my delayed reply,

here is my data:
1) <root># cat /var/www/php-fcgi-scripts/john/php-fcgi-starter
Code:
#!/bin/sh
#in case we activate a per user php.ini
#PHPRC=/var/www/john/
PHPRC=/etc/php5/cgi/
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/lib/cgi-bin/php
2) <root># apache2ctl -S
Code:
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:80                   is a NameVirtualHost
         default server superbhosting.com (/etc/apache2/sites-enabled/000-default:1)
         port 80 namevhost superbhosting.com (/etc/apache2/sites-enabled/000-default:1)
         port 80 namevhost www.alice.com (/etc/apache2/sites-enabled/alice:1)
         port 80 namevhost www.john.com (/etc/apache2/sites-enabled/john:1)
Syntax OK
Attention: my testing refers to www.john.com which in fact is another domain officially registered and activated (NS, A, CNAME records).
When I hit my browser at www.john.com I can see:
Code:
Index of /
[ICO]	Name	Last modified	Size	Description
[ ]	info.php	08-Aug-2012 09:53 	38
When I hit at www.john.com/info.php there is an error!

3) cat /etc/apache2/mods-available/fcgid.conf
Code:
<IfModule mod_fcgid.c>
  AddHandler    fcgid-script .fcgi
  FcgidConnectTimeout 20
  PHP_Fix_Pathinfo_Enable 1
</IfModule>
4) what is installed?
<root># dpkg-query -l '*apache2*'
Code:
Desired=Unknown/Install/Remove/Purge/Hold 
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend 
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) 
||/ Name                           Version                        Description 
+++-==============================-==============================-============================================================================ 
ii  apache2                        2.2.20-1ubuntu1.2              Apache HTTP Server metapackage 
un  apache2-common                 <none>                         (no description available) 
un  apache2-doc                    <none>                         (no description available) 
un  apache2-mpm                    <none>                         (no description available) 
un  apache2-mpm-event              <none>                         (no description available) 
un  apache2-mpm-itk                <none>                         (no description available) 
un  apache2-mpm-prefork            <none>                         (no description available) 
ii  apache2-mpm-worker             2.2.20-1ubuntu1.2              Apache HTTP Server - high speed threaded model 
ii  apache2-suexec                 2.2.20-1ubuntu1.2              Standard suexec program for Apache 2 mod_suexec 
un  apache2-suexec-custom          <none>                         (no description available) 
ii  apache2-utils                  2.2.20-1ubuntu1.2              utility programs for webservers 
ii  apache2.2-bin                  2.2.20-1ubuntu1.2              Apache HTTP Server common binary files 
ii  apache2.2-common               2.2.20-1ubuntu1.2              Apache HTTP Server common files 
un  libapache2-mod-apparmor        <none>                         (no description available) 
un  libapache2-mod-auth-kerb       <none>                         (no description available) 
ii  libapache2-mod-fcgid           1:2.3.6-1+squeeze1build0.11.10 an alternative module compat with mod_fastcgi
<root># dpkg-query -l '*php*'
Code:
Desired=Unknown/Install/Remove/Purge/Hold 
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend 
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) 
||/ Name                              Version                           Description 
+++-=================================-=================================-================================================================================== 
un  php-pear                          <none>                            (no description available) 
ii  php5-cgi                          5.3.6-13ubuntu3.7                 server-side, HTML-embedded scripting language (CGI binary) 
ii  php5-common                       5.3.6-13ubuntu3.7                 Common files for packages built from the php5 source 
un  php5-json                         <none>                            (no description available) 
un  php5-mhash                        <none>                            (no description available) 
un  php5-suhosin                      <none>                            (no description available) 
un  phpapi-20090626                   <none>                            (no description available)
Hope this helps!
Reply With Quote
  #9  
Old 12th August 2012, 23:04
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
Default

I believe I should give my permissions-I started with umask=0077 but I changed it to 744 permissions for user john-so, let's see it:

Code:
<root># ls -al /var/www/php-fcgi-scripts
total 16
drwxr--r-- 4 root  root  4096 2012-07-30 15:19 .
drwxr-xr-x 5 root  root  4096 2012-07-30 15:19 ..
drwxr--r-- 2 alice alice 4096 2012-07-30 15:26 alice
drwxr--r-- 2 john  john  4096 2012-07-30 15:24 john
Code:
<root># ls -al /var/www/php-fcgi-scripts/john
total 12
drwxr--r-- 2 john john 4096 2012-07-30 15:24 .
drwxr--r-- 4 root root 4096 2012-07-30 15:19 ..
-rwxr-xr-x 1 john john  200 2012-08-08 17:45 php-fcgi-starter
Code:
<root># ls -al /etc/apache2/sites-available/
total 32
drwxr-xr-x 2 root root 4096 2012-08-12 16:13 .
drwxr-xr-x 8 root root 4096 2012-08-12 13:52 ..
-rw-r--r-- 1 root root  590 2012-08-07 08:07 alice
-rw-r--r-- 1 root root  950 2012-02-14 16:35 default
-rw-r--r-- 1 root root 7469 2012-02-14 16:35 default-ssl
-rwxr--r-- 1 root root  584 2012-08-07 08:08 john
Reply With Quote
  #10  
Old 13th August 2012, 00:22
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
 
Default

I have to report another error after I installed and unistalled apache2-suexec-custom:
Code:
<root># service apache2 restart
Syntax error on line 8 of /etc/apache2/sites-enabled/john:
Invalid command 'SuexecUserGroup', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.
The Apache error log may have more information.
   ...fail!
If I disable john's site then apache can do a restart!
This error wasn't before, so what's going wrong now I wonder?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 02:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.