4.0.10 suEXEC

Discussion in 'General' started by gschultz, Sep 5, 2009.

  1. gschultz

    gschultz New Member

    We were using LiteSpeed for a while. To change configuration files we used to:
    (1) edit httpd_config.xml and domain.xml files locally
    (2) upload .xml files to the server via ssh
    (3) restart the server via ssh

    This works fine for 4.0.9 and previous versions but when we do it with 4.0.10 the admin login page shows session errors though the server starts correctly.

    These are the permissions of uploaded files:
    httpd_config.xml rw-r-----
    domain.xml rw-------

    What have we add to the script in order to avoid the session errors? Should we change the ownership of sess_* files?
  2. anewday

    anewday Moderator

    Why don't you use the admin console to edit the configuration?
  3. gschultz

    gschultz New Member

    Because we have a script to create redirects and rewrite rules according to changes made locally.
  4. auser

    auser Super Moderator

    please give the output of "ls -l" of current/parent directory,should be permission issues.
  5. mistwang

    mistwang LiteSpeed Staff

    the admin console run as lsadm:lsadm for 4.0.10, no long as the user that web sever run as for better security. You should change your upload file permission accordingly.

    For PHP session error, check the permission of lsws/admin/tmp and the session file in it. should be owned by lsadm for 4.0.10.
  6. gschultz

    gschultz New Member

    cd /opt/lsws/conf
    ls -l

    drwx------ 2 lsadm lsadm 4096 Feb 4 2009 cert
    -rw-r----- 1 lsadm lsadm 1072 Sep 5 19:10 domain1-com.xml
    -rw-r----- 1 lsadm lsadm 1072 Sep 5 19:10 domain2-com.xml
    -rw------- 1 lsadm lsadm 21187 Sep 5 19:10 httpd_config.xml
    -rw------- 1 root root 256 Sep 5 19:08 license.key
    -rw------- 1 lsadm lsadm 256 Aug 29 15:13 license.key.old
    -rw------- 1 lsadm lsadm 3773 Feb 4 2009 mime.properties
    -rw-r--r-- 1 root root 20 Sep 5 19:08 serial.no
    drwx------ 2 lsadm lsadm 4096 Feb 4 2009 templates

    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    cd ..
    ls -l
    drwxr-xr-x 9 root root 4096 Sep 5 03:02 add-ons
    drwxr-xr-x 12 root root 4096 Sep 5 19:08 admin
    drwx------ 8 lsadm lsadm 4096 Sep 4 08:08 autoupdate
    drwxr-xr-x 2 root root 4096 Sep 5 19:08 bin
    drwxrwxrwx 4 root root 4096 Sep 5 2009 conf
    drwxr-xr-x 7 root root 4096 Feb 4 2009 DEFAULT
    drwxr-xr-x 2 root root 4096 Feb 4 2009 docs
    drwxr-xr-x 2 root root 4096 Apr 17 20:29 fcgi-bin
    drwxr-xr-x 2 root root 4096 Feb 4 2009 lib
    -rw-r--r-- 1 root root 6959 Sep 5 19:08 LICENSE
    -rw-r--r-- 1 root root 2214 Sep 5 19:08 LICENSE.OpenLDAP
    -rw-r--r-- 1 root root 6279 Sep 5 19:08 LICENSE.OpenSSL
    -rw-r--r-- 1 root root 3208 Sep 5 19:08 LICENSE.PHP
    drwxr-xr-x 2 root root 12288 Sep 5 22:39 logs
    drwxr-xr-x 2 root root 4096 Feb 4 2009 php
    drwx------ 2 lsadm lsadm 4096 Feb 4 2009 phpbuild
    drwxr-xr-x 3 root root 4096 Feb 4 2009 share
    -rw-r--r-- 1 root root 7 Sep 5 19:08 VERSION
  7. auser

    auser Super Moderator

    so only user/group lsadm can read httpd_config.xml.
    what user to run lshttpd?
    you can check this by "ps -ef|grep lshttpd"
  8. gschultz

    gschultz New Member

    Got it!

    Here is the solution. It could be useful for anyone else.

    After uploading .xml config files via ssh (as root), ownerships and permissions must be adjusted.

    chown lsadm:lsadm /opt/lsws/conf/*.xml
    chmod 600 /opt/lsws/conf/*.xml
    chown lsadm:lsadm /opt/lsws/conf
    chmod 700 /opt/lsws/conf
    killall -9 lshttpd
    /opt/lsws/bin/lswsctrl start

    That's all. No session errors.

Share This Page