Suexec on cPanel

Discussion in 'Apache Migration/Compatibility' started by slimak, Aug 15, 2006.

  1. slimak

    slimak New Member

    Hello,
    I have a bit problem with cPanel suexec. cPanel stores suexec settings in virtualhost in httpd.conf as:
    Code:
    <virtualhost ...>
    ...
    User x
    Group x
    ...
    </virutalhost>
    When lsws automatically import the config from httpd.conf, the suexec isn't working. All CGI scripts are execute as nobody. Is there possible to change that?


    Regards,
    Maciej Tomaszewski
  2. mistwang

    mistwang LiteSpeed Staff

    You can fix it by changing "CGI Set UID Mode" to "document root" for the imported vhost.
    Or do not import httpd.conf during installation, let LSWS read httpd.conf directly with "Using Apache Configuration File" feature under "server"->"general" tab.
  3. slimak

    slimak New Member

    Answer

    I'm using option "Using Apache Configuration File" - LSWS is reading httpd.conf directly.
  4. mistwang

    mistwang LiteSpeed Staff

    I see. For PHP will be executed under user "nobody" as PHP is handled by the global phpLsapi running as "nobody".
    For other plain CGI, should be executed as the UID specified.
    The PHP suExec will be addressed soon in new LSWS release, please stay tuned. :)
  5. slimak

    slimak New Member

    Answer

    1. Plain CGI is also executed as nobody.
    2. Ok, I will wait for new version.
  6. pizzaman

    pizzaman New Member

    This is probably the last bit of features that I may need before
    deploying lsws in cpanel servers. Will be waiting too... :)

    1. install lsws
    2. build php with litespeed
    3. config lsws to read httpd.conf directly
    4. remove httpd from default runlevel & disable httpd from chkservd
    5. enjoy lower load & memory consumtion on your cPanel box!
  7. xing

    xing LiteSpeed Staff

    LiteSpeed Web Server 2.2 has been released with the suEXEC feature and more. :)
  8. pizzaman

    pizzaman New Member

    Awesome! Very well done, guys. THANK YOU!
  9. slimak

    slimak New Member

    PHP5 suExec

    Now it works very good. PHP and CGI files are executing as they should (as user), but I have problem with PHP5. I installed second php (PHP 5.1.6) as lsapi. Files .php, .php3, .php4, .phtml are executing by php4; files .php5 are executing by php5. PHP4 scripts are running as user, but PHP5 as nobody. Could you check that? I have the same configuration in lsws for php4lsapi and php5lsapi.
  10. mistwang

    mistwang LiteSpeed Staff

    I knew the PHP4+PHP5 setup will cause problem. :)
    We will address that in 2.2.1 .
  11. mistwang

    mistwang LiteSpeed Staff

    PHP4 & PHP5 should be started in suEXEC mode with 2.2.1 release.
  12. shanx24

    shanx24 New Member

    Is there a step by step guide for cpanel users with ROOT access, but also to make this work under all other domains registered under WHM?

    I want to make sure PHP5 works for PHP extensions, that mod_security etc type stuff works (or has an LSWS equivalent in terms of security), that PHP executes with SUEXEC as normal without too much effort (or pls let me know what to do), and finally, to make sure Apache is out and LSWS does my serving for the website.

    Many thanks!
  13. shanx24

    shanx24 New Member

    And how do you do that? Many thanks,
  14. mistwang

    mistwang LiteSpeed Staff

    mod_security equivalent is under development, will be available in 3.0 release.

    You can try LiteSpeed now without interrupt Apache service if you want to, either run LiteSpeed on different port with "Port offset" configuration, or on a different IP with "IP offset" configuration. If there is any compatibility issue with Apache, please let use know, we will work on that.

    After mod_security is ready, we will add a Wiki entry for Apache->LSWS migration guide for Cpanel server. :)
  15. shanx24

    shanx24 New Member

    Thanks. Roughly when might this be?
  16. mistwang

    mistwang LiteSpeed Staff

    You need to your own lsphp5 executable for PHP5 by following our Wiki, then add an external app for lsphp5 and script handler configuration for '*.php5' files at server level. Just duplicate our existing configuration for lsphp and 'php' script handler.

    All virutal hosts configured through Apache httpd.conf will use similar configuration to handle php and php5 files.
    Play around with the web admin interface and read the document, you will get an idea how things were configured. If you messed it up, just do a reinstallation. ;)

Share This Page