This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Apache threads not running under users (suexec?)

4 posts / 0 new

Topic locked

Last post

#1 Fri, 05/22/2009 - 21:35

soundbite

Apache threads not running under users (suexec?)

I installed the apache2 packages from Virtualmin's repositories. Everything looks good as far as suexec is concerned (I think):

:~# /usr/lib/apache2/suexec -V -D AP_DOC_ROOT="/home" -D AP_GID_MIN=100 -D AP_HTTPD_USER="www-data" -D AP_LOG_EXEC="/var/log/apache2/suexec.log" -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin" -D AP_UID_MIN=100 -D AP_USERDIR_SUFFIX="public_html"

My virtualmin server template is set to "add the appropriate SuEXEC directive", and my virtual host has the correct SuexecUserGroup settings applied.

However! :) ...the processes are running under www-data, according to top, and files created are created under the www-data user and group instead of the virtual server's user and group.

Can anyone offer any ideas on how I can get Apache to execute the scripts as the website users instead of www-data?

Thanks!

#2 Fri, 05/22/2009 - 23:07

Joe

CGI scripts in cgi-bin should just work. But, PHP requires a bit of work.

Check out this stickied thread for coverage of the best way to run PHP scripts as the user (while still being fast):

http://www.virtualmin.com/forums/virtualmin/convert-php-sites-to-use-mod...

--

Check out the forum guidelines!

#3 Sat, 05/23/2009 - 12:14 (Reply to #2)

soundbite

So I need to run FastCGI in order to run PHP scripts as a given user and avoid the problems above? I'm not sure I'm running FastCGI now...I certainly didn't go through all those steps in the referenced thread, so I'm guessing I'm not.

...uh...what would I be running instead, then? I'm a little out of my depth here, I think.

#4 Sat, 05/23/2009 - 14:12 (Reply to #3)

Joe

You could run CGI or FastCGI. FastCGI is...faster.

And, you can't use mod_php to run your PHP applications if you want to run them as the user that owns the domain. So, yes. You need to go through those steps. (It's automatic in Virtualmin Professional, but it's part of the Install Scripts feature, so isn't easy to merge down into GPL.)

I think you're making it out to be way more complicated than it really is. It only takes a few minutes to setup. The thread is a little bit convoluted as we talked through the problem, and there will be better documentation for it soon, but it's not a super-complicated topic or process. You're just adding a few lines to the Apache configuration in the VirtualHost sections, and creating a couple of files in the users home directory (an FCGI wrapper script, and a php.ini, which can be a copy of the system-wide php.ini).

--

Check out the forum guidelines!

Topic locked