suexec and existing cPanel server

[pitabread55]

Hello All,

We're looking at using LSWS on some existing cPanel web servers. We're running into a problem with suexec however (we kind of expected that). With mod_apache file uploads (gallery, joomla, mambo) are owned by "nobody". When we try to swtich to LSWS we get permission denied on files (such as gallery counter files) because of the ownership. I'm also afraid that we have some directories with 777 permissions that suexec won't like.

I'm just wondering how other people with with cPanel or existing servers handled this? I know we could chown/chmod all of the files/directories but it's not easy to run in parallel because of this an backing it out would be a pain also.

TIA,

Sam

 

[mistwang]

Were you using php suexec when Apache is used?
Are you using PHP suEXEC with LiteSpeed? You can configure LiteSpeed to exactly match what you used with Apache. if mod_php was used, then turn off php suexec, if phpsuexec was used, then turn it on in LiteSpeed.

With phpsuexec, you need to change the file/directory ownership to "<user>:nobody" with permission mask 0750 or 0640.

without phpsuexec, you just change the permission mask to 0770 or 0660 with the ownership stay with "<user>:nobody". You should be able to switch between this two security models easily with command
"chmod -R g+w *" and "chmod -R g-w *"

That's just standard Unix file permission issue.

 

[pitabread55]

We understand very well it's "just a *nix ownership/permissions issue", but when you have 1000's of domains it's a big issue.

I did not realize non-suexec is an option (we currently run mod_php). How do you configure LiteSpeed without suexec?

Sam

 

[mistwang]

Just set "PHP suEXEC" to "No" when you configure LiteSpeed to use Apache httpd.conf .

 

[pitabread55]

Dooh!

Sorry for missing the obvious.

Sam