problems with suexec

Discussion in 'Installation/Configuration' started by gobokster, May 6, 2009.

  1. gobokster

    gobokster New Member

    hi,
    i'm following this howto on my Centos5.3 with ISPconfig3 ..
    http://www.howtoforge.com/perfect-server-centos-5.3-x86_64-ispconfig-2-p7

    all the installation working fine, but after i uploaded my site i have problem with my suexec because i always changing the group permission with apache when i'm trying to upload data via FTP and if via browser it always notice that i've wrong permissions.

    [root@ns1]# /usr/sbin/suexec -V
    -D AP_DOC_ROOT="/var/www"
    -D AP_GID_MIN=100
    -D AP_HTTPD_USER="apache"
    -D AP_LOG_EXEC="/var/log/httpd/suexec.log"
    -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
    -D AP_UID_MIN=500
    -D AP_USERDIR_SUFFIX="public_html"
    [root@ns1#]

    1) is there anyway that i can change it follow my vhost site user ?
    2) if there no way to do it, is it safe to remove it and how?

    thank you
     
  2. till

    till Super Moderator

    You mix up several things here. I guess you use mod_php, mod_php is not affected by suexec in any kind. Suexec affects only cgi scripts.

    If you want to run your php scripts with the permissions of the web user, you will have to install suphp and enable it in the ispconfig config.inc.php file.
     
  3. gobokster

    gobokster New Member

    thanks till .. i know i've mixed up some of the configuration .. my other server is working fine without permission problems when uploading and creating folder but this one is really mess up .. and from the config.inc.php already enable the suphp

    Code:
    $go_info["server"]["apache2_php"] = 'addtype'; // 'filter' = set PHP filters, 'addtype' = Set PHP addtype or 'both' = Set Filter + Addtype, suphp = SuPHP wrapper enabled, 'addhandler' = Set PHP AddHandler (nescessary for SuSE 10.2)
     
  4. till

    till Super Moderator

    No, you have addtype enabled and not suphp.
     
  5. gobokster

    gobokster New Member

    btw how do i enable the suphp .. and will it solved the my file permission

    this happened the sample of my issues when i edited the files directly from browser in joomla admin panel
    Code:
    -rw-r--r-- 1 apache apache  1491 May  6 17:46 blank.html
    drwxr-xr-x 3 apache apache  4096 May  6 17:46 css
    drwxr-xr-x 5 apache apache  4096 May  6 17:46 images
    -rw-r--r-- 1 apache apache     0 May  6 17:46 index.html
    -rwxr-xr-x 1 apache apache  8145 May  7 18:03 index.php
    drwxr-xr-x 4 apache apache  4096 May  6 17:46 ja_menus
    -rw-r--r-- 1 apache apache 10491 May  6 17:46 ja_templatetools.php
    -rw-r--r-- 1 apache apache  2253 May  6 17:46 ja_vars.php
    -rwxr-xr-x 1 apache apache    64 May  6 17:50 params.ini
    drwxr-xr-x 2 apache apache  4096 May  6 17:46 scripts
    -rw-r--r-- 1 apache apache 11758 May  6 17:46 templateDetails.xml
    -rw-r--r-- 1 apache apache 12240 May  6 17:46 template_thumbnail.png
    
    meanwhile this is the original file permission on the root
    Code:
    drwxr-xr-x  6 apache web5    4096 Mar 28 08:37 images
    drwxr-xr-x  8 apache web5    4096 Mar 28 08:37 includes
    -rw-r--r--  1 apache web5     591 Mar 28 08:34 index2.php
    -rw-rw-r--  1 apache web5    1211 May  6 17:43 index.html
    -rw-r--r--  1 apache web5    2052 Mar 28 08:34 index.php
    drwxr-xr-x  4 apache web5    4096 Mar 28 08:36 language
    drwxr-xr-x 16 apache web5    4096 Mar 28 08:37 libraries
    -rw-r--r--  1 apache web5   17816 Mar 28 08:35 LICENSE.php
    -rw-r--r--  1 apache web5   30746 Mar 28 08:35 LICENSES.php
    drwxr-xr-x  2 apache web5    4096 Mar 28 08:36 logs
    drwxr-xr-x  3 apache web5    4096 Mar 28 08:37 media
    drwxr-xr-x 27 apache web5    4096 May  7 15:26 modules
    drwxr-xr-x 11 apache web5    4096 Mar 28 08:37 plugins
    -rw-r--r--  1 apache web5     304 Mar 28 08:36 robots.txt
    drwxr-xr-x  2 apache web5    4096 May  7 04:01 stats
    drwxr-xr-x  7 apache web5    4096 May  6 17:46 templates
    drwxr-xr-x  4 apache web5    4096 May  7 17:43 tmp
    drwxr-xr-x  4 apache web5    4096 Mar 28 08:37 xmlrpc
    
    and i have to reenable the Limit SITE_CHMOD for "FTP users can use the chmod command" or it will chown all files inside the folder to the ftp username

    i'm really screw up and don't know where to dig :eek:
     
  6. till

    till Super Moderator

    you posted this information already in the line from the config file that you quoted in #3. Please red the decription of the line. It is ...... suphp = SuPHP wrapper enabled .....
    so what do you think you have to set as parameter to enable SuPHP instead of addtype? Its suphp. So change the line:

    $go_info["server"]["apache2_php"] = 'addtype'; // 'filter' = set PHP filters, 'addtype' = Set PHP addtype or 'both' = Set Filter + Addtype, suphp = SuPHP wrapper enabled, 'addhandler' = Set PHP AddHandler (nescessary for SuSE 10.2)

    to

    $go_info["server"]["apache2_php"] = 'suphp'; // 'filter' = set PHP filters, 'addtype' = Set PHP addtype or 'both' = Set Filter + Addtype, suphp = SuPHP wrapper enabled, 'addhandler' = Set PHP AddHandler (nescessary for SuSE 10.2)

    or see the manual / tutorial for details:

    http://www.howtoforge.com/install-s...tions-for-use-with-ispconfig-2.2.20-and-above
     
  7. gobokster

    gobokster New Member

    sorry if the questions were double post .. thanks for the clear instruction how to enable it .. i hope this suphp will solved my webuser file permission .. will update it as soon i finished the test ..

    thanks again till :D

    and one more .. do i have to reboot the server to active the ispconfig.inc or will i do enough if just reboot the httpd service
     
    Last edited: May 7, 2009
  8. gobokster

    gobokster New Member

    i've done changing to suphp and reboot the server , do some testing by uploading new plugin and the result is still the same

    Code:
    [root@ns2 content]# ls -l
    total 92
    drwxr-xr-x 2 apache apache  4096 May  7 19:41 contentoptimizer
    -rw-r--r-- 1 apache apache 10283 May  7 19:41 contentoptimizer.php
    -rw-r--r-- 1 apache apache  3886 May  7 19:41 contentoptimizer.xml
    -rw-r--r-- 1 apache web5    5612 Mar 28 08:36 emailcloak.php
    -rw-r--r-- 1 apache web5     883 Mar 28 08:36 emailcloak.xml
    -rw-r--r-- 1 apache web5    4010 Mar 28 08:36 example.php
    -rw-r--r-- 1 apache web5     631 Mar 28 08:36 example.xml
    -rw-r--r-- 1 apache web5    2772 Mar 28 08:36 geshi.php
    -rw-r--r-- 1 apache web5     592 Mar 28 08:36 geshi.xml
    -rw-r--r-- 1 apache web5      44 Mar 28 08:36 index.html
    -rw-r--r-- 1 apache web5    2638 Mar 28 08:36 loadmodule.php
    -rw-r--r-- 1 apache web5    1242 Mar 28 08:36 loadmodule.xml
    -rw-r--r-- 1 apache web5    6948 Mar 28 08:36 pagebreak.php
    -rw-r--r-- 1 apache web5    1383 Mar 28 08:36 pagebreak.xml
    -rw-r--r-- 1 apache web5    5525 Mar 28 08:36 pagenavigation.php
    -rw-r--r-- 1 apache web5     876 Mar 28 08:36 pagenavigation.xml
    -rw-r--r-- 1 apache web5    2627 Mar 28 08:36 vote.php
    -rw-r--r-- 1 apache web5     638 Mar 28 08:36 vote.xml
    [root@ns2 content]#
    i guess it better and faster for me resetup and reinstall back the server than searching for the unknown error .. btw .. thanks for support given till .. will give feedback on the new server soon
     

Share This Page