Some domains running as www-data and being restricted from write permissions

4 posts / 0 new
Last post
#1 Thu, 04/05/2012 - 07:21
daulex

Some domains running as www-data and being restricted from write permissions

Hi folks,

We've been running this box for 467 days now, it's got over 20 different domain names, 4gb of ram and generally cruises at around 2 gb.

It's a beauty, but recently, (either after one of my optimisation sessions or an update, or a combo of both), it's been misbehaving, where some domains that have wordpress installed have lost write permissions, I inspected and found that the chmod is still 755 and ownership stuff is still what it's supposed to be, I then looked at top (here's an example screencap 2 min after an apache restart: http://i.imgur.com/U2DTK.png , 3 min: http://i.imgur.com/sNPKs.png ), found that there's a lot more www-data users than there used to be.

So I did some googling and figured out that this could occur as a result of apache spawning a php process with www-data as a user instead of the relevant user it was supposed to be using.

I've gone through all configs and settings, all domains have "FCGId (run as virtual server owner)" selected, so I'm not sure why that's happening.

The only config setting that has www-data is the webmin/servers/apache/users and groups/ run as unix group-username, that has www-data selected instead of default, when I tried to set default, after a VERY long 'service apache2 restart', all sites timeout.

Disabling mod_php simply made apache force a download of the php files.

Can someone with a bit more knowledge than me point me in the right direction?

I don't want to chown all web facing directories to www-data, as that just sounds silly.

What can I do to ensure that apache runs php as the relevant user instead of www-data?

Thu, 04/05/2012 - 09:01
andreychek

Howdy,

What distro/version are you using there?

And if you go into System Settings -> Re-Check Config, does it notice any problems?

You shouldn't need to chown your dirs to www-data -- they really should be running as the Virtual Server owner. So something is awry -- hopefully the above two things will help us determine what that is :-)

-Eric

Thu, 04/05/2012 - 09:14
daulex

Hey,

System info:

Webmin version 1.580
Kernel and CPU Linux 2.6.35.4-rscloud on x86_64
Virtualmin version 3.90.gpl GPL
Ubuntu 10.04 LTS (Lucid)

Apt-get update/upgrade gives me nothing new, I always try to run the latest everything.

The config check is ok:

Your system has 3.92 GB of memory, which is at or above the Virtualmin recommended minimum of 256 MB.

Apache is installed.

Webalizer is installed.

Apache is configured to host SSL websites.

MySQL is installed and running.

ProFTPd is installed.

Logrotate is installed.

Plugin AWstats reporting is installed OK.

Plugin DAV Login is installed OK.

Plugin Protected web directories is installed OK.

Using network interface eth0 for virtual IPs.

IPv6 addresses are available, using interface eth0.

Default IP address for virtual servers is 46.38.163.21.

Default IP address is set to 46.38.163.21, which matches the detected external address.

Both user and group quotas are enabled for home and email directories.

All commands needed to create and restore backups are installed.

The selected package management and update systems are installed OK.

Hope this helps somehow.

Tue, 11/13/2012 - 13:16
beat

Hi daulex, Hi VirtualminPro team,

What was the resolution to this issue ?

(it was working on Ubuntu 8.04LTS, but not on new Ubuntu 12.04LTS server, backed-up sites from Ubuntu 8.04LTS installation, restored to Ubuntu 12.04LTS: and now it fails same way as described here.

Many Thanks, Beat

Topic locked