Hello, I am new to virtualmin so my apologies if you find this as stupid question! I have installed virtualmin on a Centos system.
My problem is with CMS systems such as Joomla and any files that get created by the user running the Apache server. Every file created by Joomla, instead of having the same owner as the virtual-domain admin it gets created with the user running apache. This in turn creates problems because the domain admin does not have ownership of those files and hence cannot handle them properly. For example, if I upload a template to be installed in Joomla it gets installed with apache-user ownership and the virtualmin admin user cannot edit it.
Can someone please guide me to the right configuration as its obvious that something is wrong here :( Thank you,
Helena
Howdy,
What distribution/version are you using? And how did you perform your Virtualmin install, was it with the install.sh script?
What you're seeing can happen when using mod_php -- which runs as the Apache user.
However, on typical install with the install.sh, Apache would default to using FCGID -- which runs as the Virtual Server owner.
You may also want to verify that in Server Configuration -> Website Options, that the PHP Execution mode is set to FCGID or CGI, and not mod_php.
-Eric
Response to: Eric
Hi and thank you for the reply.
I am running CentOS Linux 5.6 and Virtualmin 3.83. The installation is not new so am not 100% how I performed it although 99% I must have run the installation script since I'm a newbie. It's only now that PHP scripts are needed to run on the virtualservers and this is why I am dealing with this now.
You are correct that every new virtualserver is getting created with Apache set on FCGId however having it like this does not allow me run any PHP scripts and this is why I had to revert to mod_php, otherwise Joomla installation would not proceed. This is an example error-log of runing a simple phpinfo () script on a newly created virtualserver:
-- [warn] (104)Connection reset by peer: mod_fcgid: read data from fastcgi server error.
[error] [client x.x.x.x] Premature end of script headers: test.php
As soon as I change to mod_php everything (apart from the issue with permissions) runs well.
However I just noticed that if I try to change back to FCGId, after I click save I get the error below and the option cannot change. It remains mod_php.
Failed to save website options : The Suexec command on your system is configured to only run scripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as domain owners will not be executed.
Any ideas how to fix this?
Much appreciated Helena
If Eric's suggestion is not applicable for some reason, there is another way to possibly fix this issue.
You can set the "SGID" permission bit on the directory where the uploaded files are written to, and set its group to the "owner group" of the vserver owner. That will cause all files that get created in that directory to inherit the directory's group, no matter what the primary group of the creating process is.
Hence, while the owner of the file is still the Apache process, the group will be that of the vserver owner, thus he gets access.
Thank you Locutus.
I have a few questions: Assumptions: -Vserver Owner user = USER-A -Vserver Owner Group = 529
-Apache user = Apache -Apache group - 502
1) Are you referring to the public_html folder or the root-folder of the vserver? Which dolfer I should apply the change to? 2) As I have never done this, can you please show me an example-command that I should use, based on the assumptions above?
Many thanks Helena
EDIT:
I am using SFTP (WinSCP program) to access my server. I did a rightclick to the public_html folder and ticked SET GID and applied. The current folder owner is USER-A and the current Group USER-A-Group (not apache).
However, as soon as I made a change to Joomla (uploaded a template) the directory was created with BOTH Owner & Group > Apache
What am I doing wrong? :(
Helena
It sounds like something somehow went awry with your setup :-)
If FCGID doesn't work, my suggestion would be to use CGI. CGI is plenty fast for most setups, and will also give you a security benefit.
However, I'm not sure why you're seeing the suexec error about it using /var/www... that would typically only happen if you had a non-standard Apache version installed.
Are you by chance using any third party repositories? If so, it's possible a different Apache version was brought in through a third party repository.
-Eric
I tried to select CGI wrapper and got an error again:
Failed to save website options : The Suexec command on your system is configured to only runscripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as
domain owners will not be executed.
You are right about the 3rd party repository. Someone suggested me to use "Jason's" repository and I installed it from here -- http://www.jasonlitka.com/
Isn't there a way to change the directive about /var/www.. without removing and reinstalling software?
Current apache is: Version 2.2.17-jason.1
Helena
why some of my text is in bold and bigger fonts?!?
It's unfortunately not that easy... the version of Apache that was installed with Virtualmin had to be custom compiled in order to get suexec to work under /home.
So, having a third party repository that replaces Apache will prevent things from working right :-)
-Eric
of action do you suggest?
Yum remove httpd, Disable base repos, Enable virtualmin repos, and yum install httpd
Will that work?
You probably can't remove Apache, since a number of packages on your system rely on it.
You'd likely need to manually download the Virtualmin version of Apache, and install it from the command line using rpm.
-Eric