The user is insulated from everyone else on the machine. Blogs Recent Entries Best Entries Best Blogs Blog List Search Blogs Home Forums HCL Reviews Tutorials Articles Register Search Search Forums Advanced Search Search Tags Search LQ Wiki Search Tutorials/Articles Search Having a problem logging in? line. http://knowaretech.com/apache-cannot/apache-cannot-connect-to-127-0-0-1.html
I've created a virtual host and logged into its account using SFTP, then created a php file with phpinfo() in it. andrew111 View Public Profile View LQ Blog View Review Entries View HCL Entries Find More Posts by andrew111 05-29-2011, 03:14 PM #12 Nominal Animal Senior Member Registered: Dec 2010 What our modifications add? Hi Nominal Animal Thank you so much for your advise. http://www.gossamer-threads.com/lists/apache/users/297517
I've used SUEXEC extensively on Centos 4 and 5 and various Ubuntu variants and versions, and it's worked beautifully for me. I recommend explicitly redirecting user URLs (that end in a slash or do not contain a dot in the final component): Code: RedirectMatch ^/+~([^./][^/]*)/*$ /~$1/index.html RedirectMatch ^/+~([^./][^/]*)((/+[^./][^/]+)*/+[^./]+)/*$ /~$1$2/index.html If you are The main difference with FastCGI and mod_cgi/mod_cgid is that FastCGI uses the same CGI script instance to serve multiple requests. I tried all of that but it didn't make a difference :( This is the result of lsattr php5.cgi: ----i------------e- php5.fcgi /var/log/apache2/suexec.log still shows this: [2012-01-28 10:09:12]: uid: (1000/plastikwrap) gid: (1000/plastikwrap)
It's not something I would use. Note that registered members see fewer ads, and ContentLink is completely disabled once you log in. Oh, and I had that docroot error before too, and to fix it I had to comment-out the SuexecUserGroup line in a virtual host conf file (say for host myvirtualhost): /etc/apache2/sites-available/myvirtualhost.conf http://www.linuxquestions.org/questions/linux-software-2/suexec-setup-with-userdir-882723/ Everything is completely vanilla - the only thing I've done after logged into the clean system is to run install.sh and enable the userdir Apache module.
Free is all good though am getting frustrated after 2 days of trying things (am a newbie - and this hair pulling adventure is making me bald). So now before every execution, suexec logs it, but after that, it logs the resources used by the process. Login | Register For Free | Help Search this list this category for: (Advanced) Mailing List Archive: Apache: Users apache suexec - cannot get docroot information Index Not sure if my permissions are correct so just in case, andrew1 owner and group is andrew1, as is public_html, uploads and version.php.
If apache2-suexec-custom package is used instead of apache2-suexec, the second line in /etc/apache2/suexec/www-data must be public_html (Otherwise you need to adjust the configuration below accordingly.) Only allow this for specific users, click for more info Obviously the problem is with suexec, but I've been playing about with this server for a few days trying to get the config right (and having little success) and this time I originally shied from this with all the warnings about php not being threadsafe but most the online articles seem to point towards it being safe to run php under worker Log in or register to post comments #7 Fri, 01/27/2012 - 14:00 (Reply to #6) laurenced Thanks for the reply.
Posts meant to offend or hurt any other member in a manner which is offensive or inflammatory are not permitted. 3. have a peek at these guys For PHP CGI scripts, use suffix .php and start the script file with Code: #!/usr/bin/php5-cgi For all other script interpreters, including non-CGI PHP, use suffix .cgi, and start the script file Hopefully not but the error seems to stem from calling the php bin up outside of /home/~andrew1. You must be very, very vigilant about file access modes.
Note: I edited this message 2011-05-27 to reflect a tested configuration using Debian apache2 and apache2-suexec or apache2-suexec-custom packages. Join Us! Assuming something in my setup forcing association of .php with /usr/bin/php-cgi Apache or mod_fcgid is trying to execute the script interpreter (/usr/bin/php-cgi) instead of the actual script, thorough SUEXEC. check over here Am still using mpm prefork and suspect worker might give even better performance?
Part of my issue could be lack of understanding of creating user accounts as I have not needed to do this before. If you'd like to contribute content, let us know. If suEXEC was used, the real error is in suexec.log.) Since I haven't been able to reproduce this particular problem here in a few minutes of testing, I started to examine
Log in or register to post comments #4 Fri, 01/27/2012 - 12:42 andreychek Okay, what if you go into System Settings -> Re-Check Config, does it notice anything unusual? So I think I am back to suexec setup however now know that the config you gave for userdir seems great, and have the file permission directory structure all good and andrew111 View Public Profile View LQ Blog View Review Entries View HCL Entries Find More Posts by andrew111 05-27-2011, 04:50 AM #6 andrew111 LQ Newbie Registered: May 2011 Posts: Quote: Originally Posted by andrew111 I have had a friend with a bit more knowledge than me take a look and he has got it working so everything is all go.
If you used the default SUEXEC package in your distribution, all you'd need is a little bit of Apache configuration. Ah, it's probably similar to Code: #!/bin/bash export SCRIPT_FILENAME=$PATH_TRANSLATED export PHP_FCGI_CHILDREN=4 export PHP_FCGI_MAX_REQUESTS=500 exec /usr/bin/php-cgi When using mod_fcgid, this wrapper enables SUEXEC for the user owning the script. Please visit this page to clear all LQ-related cookies. this content The above configuration makes sure its set only for PHP files; it is specifically unset for all other CGI script types.
dials by itself !! By executing the script directly with mod_cgi Executing the script through mod_cgi but using a wrapper application - SuExec So SuExec was developed to address one of the main security issues Then of course Apply apache changes. ...jack Log in or register to post comments #10 Sat, 01/28/2012 - 03:15 (Reply to #9) laurenced Thanks for your reply. the suexec.log shows this error message : "cannot get docroot information (/home/weixi)" does anybody have any suggestion what's wrong with it?
Double checked. ||Look at the suexec docs at what it goes through to before it will run a ||user's script. It is considered safe, but it is extremely fragile. Last edited by Hlingler; 26th August 2009 at 11:54 PM. It is permitted, however, for the VirtualHost DocumentRoot to be a symlink to a directory that appears under the real DocumentRoot.
Configuration Our SuExec offers configuration for the limits it imposes for every process. More about the chroot structure and mechanism can be found here. Contact Gossamer Threads Web Applications & Managed Hosting Powered by Gossamer Threads Inc. I use Fedora 11.