[SOLVED] Issue with suexec (permission denied)

11 posts / 0 new
Last post
#1 Mon, 08/03/2015 - 14:14
hyper3xpl0iter
hyper3xpl0iter's picture

[SOLVED] Issue with suexec (permission denied)

Hey guys, I have another issue now. no matter what I do suexec shows permission denied, and throws a 500 error when trying to access a newly created website.

ubuntu 14.04 virtualmin 4.18.gpl php 5.5.9

$ tail /var/log/apache2/error.log

suexec policy violation: see suexec log for more details
$ tail /var/log/apache2/suexec.log

uid: (1014/user) gid: (1005/user) cmd: php5.fcgi
(13)Permission denied: exec failed (php5.fcgi)

all file folder and permissions in the home directory is 755. I have homes on an NFS share which allows exec, and I use LDAP for users and groups, can anyone please help me be able to access my sites with FCGI?

*** EDIT *** Just thought I'd add the log from /home/user/logs/error_log

[fcgid:warn] [pid 5831] (104)Connection reset by peer: [client 76.10.157.174:51410] mod_fcgid: error reading data from FastCGI server
[core:error] [pid 5831] [client 76.10.157.174:51410] End of script output before headers: index.php

Thanks Again, Any help would be greatly appreciated!!

Mon, 08/03/2015 - 14:17
tpnsolutions
tpnsolutions's picture

Hi,

For a small fee, I'd be happy to look into this for you over a screen sharing session.

Drop me a line if you're interested.

Best Regards,
Peter Knowles
TPN Solutions

Email: pknowles@tpnsolutions.com
Phone: 604-782-9342
Skype: tpnsupport
Website: http://www.tpnsolutions.com

Ask me about my new support plans which include a FREE copy of Virtualmin Pro!!!

Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Mon, 08/03/2015 - 19:54
andreychek

Howdy,

Hmm, what do you see if you go into $HOME/fcgi-bin, and run ls -la in there?

-Eric

Mon, 08/03/2015 - 20:07
hyper3xpl0iter
hyper3xpl0iter's picture
total 12
drwxr-xr-x  2 introsec introsec 4096 Aug  3 18:42 .
drwxr-xr-x 12 introsec introsec 4096 Aug  3 20:43 ..
-rwxr-xr-x  1 introsec introsec  219 Aug  3 18:42 php5.fcgi

Andre Mattie email: hyper3xpl0iter@gmail.com website: https://www.th3c1inic.org GPG: 9B5E 079D A91E 74AC 333C D3C3 6398 151B BFE5 FB4C bitcoin: 3Nfs74EJcdHB3ewnvW6ynF2EexkMDfCexd

Services: Virtualmin Pro, Cloudmin Pro, Webmin OS: Ubuntu 16.04.2

Mon, 08/03/2015 - 22:08
andreychek

Hmm, that part looks good... what if you run that file (with "./php5.fcgid" from within that directory), does that work properly?

Also, is this just an issue with this one user, or with all users?

-Eric

Mon, 08/03/2015 - 22:10
hyper3xpl0iter
hyper3xpl0iter's picture
-bash: ./php5.fcgi: Permission denied

I really have no clue whats wrong

Andre Mattie email: hyper3xpl0iter@gmail.com website: https://www.th3c1inic.org GPG: 9B5E 079D A91E 74AC 333C D3C3 6398 151B BFE5 FB4C bitcoin: 3Nfs74EJcdHB3ewnvW6ynF2EexkMDfCexd

Services: Virtualmin Pro, Cloudmin Pro, Webmin OS: Ubuntu 16.04.2

Mon, 08/03/2015 - 22:55 (Reply to #6)
hyper3xpl0iter
hyper3xpl0iter's picture

And I only have 1 user/site right now.

Andre Mattie email: hyper3xpl0iter@gmail.com website: https://www.th3c1inic.org GPG: 9B5E 079D A91E 74AC 333C D3C3 6398 151B BFE5 FB4C bitcoin: 3Nfs74EJcdHB3ewnvW6ynF2EexkMDfCexd

Services: Virtualmin Pro, Cloudmin Pro, Webmin OS: Ubuntu 16.04.2

Tue, 08/04/2015 - 09:16
andreychek

What happens if you go into your home directory, and create a simple bash script?

Name it perhaps "test.sh", and give it the following contents:

#!/bin/bash

echo "Hello World"

And make it executable:

chmod +x test.sh

Are you able to run that with "./test.sh"?

-Eric

Tue, 08/04/2015 - 11:13
hyper3xpl0iter
hyper3xpl0iter's picture

doesn't matter weither I run it as root or the user I still get permission denied

sh: 3: ./test.sh: Permission denied

I wonder whats causing the permissions problem :(

Andre Mattie email: hyper3xpl0iter@gmail.com website: https://www.th3c1inic.org GPG: 9B5E 079D A91E 74AC 333C D3C3 6398 151B BFE5 FB4C bitcoin: 3Nfs74EJcdHB3ewnvW6ynF2EexkMDfCexd

Services: Virtualmin Pro, Cloudmin Pro, Webmin OS: Ubuntu 16.04.2

Tue, 08/04/2015 - 11:30
hyper3xpl0iter
hyper3xpl0iter's picture

Found the problem! is was in my NFS mount config I had. I have these settings

Disallow execution of binaries = no
Allow users to mount this filesystem = yes
Disallow device files = no
Disallow setuid programs = no

After changing them to the default, everything is working fine. Thanks again for your help!

Andre Mattie email: hyper3xpl0iter@gmail.com website: https://www.th3c1inic.org GPG: 9B5E 079D A91E 74AC 333C D3C3 6398 151B BFE5 FB4C bitcoin: 3Nfs74EJcdHB3ewnvW6ynF2EexkMDfCexd

Services: Virtualmin Pro, Cloudmin Pro, Webmin OS: Ubuntu 16.04.2

Tue, 08/04/2015 - 12:03
andreychek

Great, glad you got it working!

Topic locked