[Resolved] Bug suexec from 4.2.16 and 4.2.18

Status
Not open for further replies.
#1
Dear support,
since the upgrade on 4.2.16 (try 4.2.18 too) from 4.2.14, we have problems on write permissions for Alias entries:
Normally with suexec, write permissions are 755 with the account owner, ex:

mysite1
Root: /home/user1/www/home
permissions 755 user1:user1
the cache directory is writable for user1 and each file generated have user1:user1 owner and group
Site url: foo.com
This config is ok

For mysite2
Root: /home/user1/www/mysite2
permissions 755 user1:user1
the cache directory is not writable and each files generated have nobody:nobody owner and group
Site url: foo.com/mysite2/

Why since the update, each files created by apache are created by nobody user and not by the account user ?

Config:
OS: centOS 6.5 x86_64
PHP: 5.4.32
PHP 5 Handlerfcgi
Apache suEXEC on
Apache Ruid2 off


Vincent
 
Last edited:

mistwang

LiteSpeed Staff
#2
Which control panel you use?

It may have something to do with the way PHP handlers are configured in httpd.conf, have to check the exact configuration.
 
#3
My config:
  • CENTOS 6.5 x86_64 virtuozzo
  • WHM 11.44.1 (build 18)
  • cPanel Pro 1.0 (RC1)
Code:
    # DO NOT EDIT. AUTOMATICALLY GENERATED. IF YOU NEED TO MAKE A CHANGE PLEASE USE THE INCLUDE FILES.

    <VirtualHost XX.XX.XX.XX:80>
    ServerName mysite.eu
    ServerAlias mysite.org www.mysite.eu www.mysite.org
    DocumentRoot /home/user21/public_html/www/home
    ServerAdmin webmaster@mysite.eu
    UseCanonicalName Off
    CustomLog /usr/local/apache/domlogs/mysite.eu combined
    CustomLog /usr/local/apache/domlogs/mysite.eu-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    ## User user21 # Needed for Cpanel::ApacheConf
    UserDir disabled
    UserDir enabled user21

    # Enable backwards compatible Server Side Include expression parser for Apache versions >= 2.4.
    # To selectively use the newer Apache 2.4 expression parser, disable SSILegacyExprParser in
    # the user's .htaccess file. For more information, please read:
    # http://httpd.apache.org/docs/2.4/mod/mod_include.html#ssilegacyexprparser
    <IfModule mod_include.c>
    <Directory "/home/user21/public_html/www/home">
    SSILegacyExprParser On
    </Directory>
    </IfModule>

    <IfModule mod_suphp.c>
    suPHP_UserGroup user21 user21
    </IfModule>
    <IfModule concurrent_php.c>
    php4_admin_value open_basedir "/home/user21:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
    php5_admin_value open_basedir "/home/user21:/usr/lib/php:/usr/local/lib/php:/tmp"
    </IfModule>
    <IfModule !concurrent_php.c>
    <IfModule mod_php4.c>
    php_admin_value open_basedir "/home/user21:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
    </IfModule>
    <IfModule mod_php5.c>
    php_admin_value open_basedir "/home/user21:/usr/lib/php:/usr/local/lib/php:/tmp"
    </IfModule>
    <IfModule sapi_apache2.c>
    php_admin_value open_basedir "/home/user21:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
    </IfModule>
    </IfModule>
    <IfModule !mod_disable_suexec.c>
    <IfModule !mod_ruid2.c>
    SuexecUserGroup user21 user21
    </IfModule>
    </IfModule>
    <IfModule mod_ruid2.c>
    RMode config
    RUidGid user21 user21
    </IfModule>
    <IfModule itk.c>
    # For more information on MPM ITK, please read:
    # http://mpm-itk.sesse.net/
    AssignUserID user21 user21
    </IfModule>
    ScriptAlias /cgi-bin/ /home/user21/public_html/www/home/cgi-bin/

Include "/usr/local/apache/conf/userdata/std/2/user21/mysite.eu/*.conf"

## The include file

DocumentRoot /home/user21/public_html/www/home
AddDefaultCharset utf-8
RewriteEngine on

RewriteCond %{HTTP_HOST} !^(www\.)?mysite\.org$ [NC]
RewriteCond %{HTTP_HOST} !^(ticket\.)?mysite\.org$ [NC]
RewriteRule ^(.*) http://www.mysite.org/$1 [R=301,NE,L]




        <Directory "/home/user21/public_html/www/home">
                AllowOverride All
                Options FollowSymLinks
      
        </Directory>


        Alias /france /home/user21/public_html/www/france
        <Directory "/home/user21/public_html/www/france">
                AllowOverride All
                Options FollowSymLinks
        </Directory>

        Alias /stats /home/user21/public_html/stats
        <Directory "/home/user21/public_html/stats">
                AllowOverride All
               Options FollowSymLinks
        </Directory>

AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/json
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/json
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/x-httpd-php

# Pour les navigateurs incompatibles (Netscape et IE)
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

# les proxies ne doivent pas décompresser le contenua la place de l'internaute
Header append Vary User-Agent env=!dont-vary


SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|bmp)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:pdf|avi|mov|mp3|mp4|rm)$ no-gzip dont-vary

<IfModule mod_expires.c>

ExpiresActive On
ExpiresDefault "access plus 604800 seconds"
ExpiresByType image/jpg "access plus 604800 seconds"
ExpiresByType image/jpeg "access plus 604800 seconds"
ExpiresByType image/png "access plus 1800 seconds"
ExpiresByType image/gif "access plus 604800 seconds"
ExpiresByType image/icon "access plus 604800 seconds"
ExpiresByType application/javascript "access plus 604800 seconds"
ExpiresByType text/css "access plus 1800 seconds"
#ExpiresByType text/css "access plus 800 seconds"
ExpiresByType application/x-javascript "access plus 1800 seconds"
</IfModule>

 <FilesMatch "\\.(ico|jpe?g|png|gif|swf)$">
         Header set Cache-Control "max-age=1800, public"
 </FilesMatch>

 <FilesMatch "\\.(css)$">
         Header set Cache-Control "max-age=1800, public"
 </FilesMatch>

 <FilesMatch "\\.(js)$">
         Header set Cache-Control "max-age=3600, public"
 </FilesMatch>
 
Last edited by a moderator:
#5
Humm in suphp my app is not full compatible, i can't try online without crash websites

The php.conf:
Code:
# This file was automatically generated by the Cpanel PHP Configuration system
# If you wish to change the way PHP is being handled by Apache on your system,
# use the /usr/local/cpanel/bin/rebuild_phpconf script or the WHM interface.
#
# Manual edits of this file will be lost when Apache is updated.


# Fastcgi configuration for PHP5
LoadModule fcgid_module modules/mod_fcgid.so
MaxRequestsPerProcess 500
AddHandler fcgid-script .php5 .php4 .php .php3 .php2 .phtml
FcgidWrapper /usr/local/cpanel/cgi-sys/php5 .php5
FcgidWrapper /usr/local/cpanel/cgi-sys/php5 .php4
FcgidWrapper /usr/local/cpanel/cgi-sys/php5 .php
FcgidWrapper /usr/local/cpanel/cgi-sys/php5 .php3
FcgidWrapper /usr/local/cpanel/cgi-sys/php5 .php2
FcgidWrapper /usr/local/cpanel/cgi-sys/php5 .phtml

# End of autogenerated PHP configuration.
 
Last edited by a moderator:

mistwang

LiteSpeed Staff
#6
Please force reinstall 4.2.18, should have been taken care of.
Code:
/usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.18
 
Last edited by a moderator:
Status
Not open for further replies.
Top