How to use Suexec with Apache2 ?


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers How to use Suexec with Apache2 ?
# 1  
Old 01-27-2008
How to use Suexec with Apache2 ?

Hello guys

I'm trying to use Suexec in my computer. I've installed apache with default settings (so Suexec is installed with my emerge Apache , Gentoo) .

My settings on /etc/conf.d/apache2
Code:
# SUEXEC Enables running CGI scripts (in USERDIR) through suexec.
# USERDIR Enables /~username mapping to /home/username/public_html
#
APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D PHP5 -D USERDIR "

When I'm restarting my apache, I've the correct line on my log who indicate Suexec is running well :
Code:
[Sat Jan 26 15:33:39 2008] [notice] Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7i PHP/5.2.5-pl0-gentoo configur$
[Sat Jan 26 15:41:44 2008] [notice] caught SIGTERM, shutting down
[Sat Jan 26 15:41:46 2008] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Jan 26 15:41:47 2008] [notice] Digest: generating secret for digest authentication ...
[Sat Jan 26 15:41:47 2008] [notice] Digest: done

I create an user
/usr/sbin/useradd evolv -m -s /bin/bash

In /var/www/evolv/public_html folder, I create php file with :
"<?php echo "user: ".exec('whoami');?>"

My vhost below :
Code:
<VirtualHost *:80>
ServerAdmin webmaster@evolv.com
DocumentRoot /var/www/evolv/public_html
ServerName www.evolv.com
ServerAlias evolv.com
SuexecUserGroup evolv evolv
CustomLog /var/log/apache2/evolv-web-access_log combined
ErrorLog /var/log/apache2/evolv-web-error_log
<Directory />
AllowOverride All
Options FollowSymLinks -Indexes Includes ExecCGI
</Directory>
</VirtualHost>

Code:
# suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/apache2/suexec_log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_SUEXEC_UMASK=077
-D AP_UID_MIN=1000
-D AP_USERDIR_SUFFIX="public_html"

SuexecUserGroup is well using because, if I changed anything in this line, I have an error when I'm restarting apache. So, no error on apache restart, but always : "user: apache"! What's wrong ?

Sorry for my poor english Smilie , I'm french!

Thanks all
Bye
# 2  
Old 03-10-2008
Hi,

suexec only works together with a cgi or fcgi wrapper. That means you have to install php so that it can be run under cgi/fcgi.

Exactly what to do depends on your os/configuration.

Harry
 
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

SUEXEC with passwordless option

Hi, I am using the below command in suexec -u webuser /local/Tomcat7//0/tc7u/tomcat7.sh status But it prompts for the password of executing user. Let me know if any options available for passwordless or supplying password in script. (0 Replies)
Discussion started by: pravinbtech
0 Replies

2. Web Development

Apache2 Crashes

The Apache server suddenly stops. I am running Debian Jessie Here are some diagnostics: root@meow:/var/www# apachectl configtest AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress... (4 Replies)
Discussion started by: Meow613
4 Replies

3. Ubuntu

can't enable ssl in apache2 "Apache2 + openssl"

I have running apache2 and I want to enable ssl in my server for that I compile openssl without errorshttp://ubuntuforums.org/images/smilies/icon_lol.gif But when i start Apache it gives following error,,,,,,,http://ubuntuforums.org/images/smilies/confused.gif Code: ... (1 Reply)
Discussion started by: charith
1 Replies

4. IP Networking

Using SSL in Apache2

I am running apache2 in my local network and I am learning about the ssl. I found this document. It tell me to run the following command (down) in order to generate SSL certificate: apache2-ssl-certificate However when I run the command I get the message that there is no such command. I... (6 Replies)
Discussion started by: programAngel
6 Replies

5. UNIX for Advanced & Expert Users

suexec problem

Hi all, I am trying to setup apache w/ suexec to avoid permission problems w/ apache user and website user and also to be able to run a second (test) domain on the same server. So far I got fcgi w/o suexec running perfectly (logs confirm that). But as soon as I enable the suexec statement in the... (0 Replies)
Discussion started by: harrstar
0 Replies

6. SuSE

apache2 ldap

I am using apache2-2.0.49-27.8 supply with suse Enterprise 9 CD, the installation went fine. But am tring to configure apache2 to authenticate to LDAP, so added "ldap" to /etc/sysconfig/apache2 APACHE_MODULE="ldap" and the to /etc/apache2/httpd.conf LDAPSharedCacheSize 200000 ... (0 Replies)
Discussion started by: hassan1
0 Replies

7. UNIX for Advanced & Expert Users

apache suexec

I compiled apache 1.3.33 with suexec support like ./configure \ "--with-layout=Apache" \ "--prefix=/usr/local/apache" \ "--enable-module=ssl" \ "--activate-module=src/modules/php4/libphp4.a" \ "--activate-module=src/modules/perl/libperl.a" \ "--enable-module=perl" \ "--enable-module=most"... (0 Replies)
Discussion started by: hassan1
0 Replies

8. UNIX for Dummies Questions & Answers

Suexec solution

guys here's a section of my program written in perl. This part is used to create directories with 777 mode. Now i know about 777 being a security hole. Could anyone provide me a possible solution to this using suexec????????? Segment system mkdir ".$file_folder", 0777 or die "Can't make... (13 Replies)
Discussion started by: the_last_rites
13 Replies
Login or Register to Ask a Question