Suexec

Discussion in 'Installation/Configuration' started by cat, Dec 18, 2008.

  1. cat

    cat New Member

    If I check the check box Suexec: what happens?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Suexec gets enabled.
     
  3. falko

    falko Super Moderator Howtoforge Staff

  4. cat

    cat New Member

    Clarification

    Thanks Falko

    The apache article states
    1. Is the Suexec feature in ISPConfig only for CGI and SSI?

    2. If the Suexec feature in ispconfig is enabled does it affect the running of web pages?

    3. If the answer to question 2 is no, and I want the web pages run as the user ID of the site administrator then do I have to install suPHP?

    4. If the answer to 3 is yes, for ubuntu 8.04 is the best way to install suPHP to follow http://www.howtoforge.com/install-suphp-on-various-linux-distributions-for-use-with-ispconfig-2.2.20-and-above or is there a better way?
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    1) Yes. The suexec feature is a feature of the apache webserver and not a ispconfig feature, so enabling it means that exactly that happens what the apache manual describes.

    2) Yes.

    3) If you want to run php scripts under the admin user you should not enable suexec and install suphp instead.

    4) Yes.
     
  6. cat

    cat New Member

    I followed the instructions in

    http://www.howtoforge.com/install-s...tions-for-use-with-ispconfig-2.2.20-and-above

    to install suphp on my Vhosts ispconfig ubuntu server. I am having several problems.
    The first is that when I run pages that send emails I receive the following error.

    line 5 reads
    PHP:
    include("Mail.php");
    Some time prior to changing to suphp I installed pear mail class and it was working well, but since installing suphp the pear mail class no longer works. Does any one have any suggestions?
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Please make sure that the file Mail.php exists in this directory: /var/www/web2/web/
    Files from outside the web root can not be included for security reasons under suphp. The pear documentation includes instructions on how to install pear in a specific local directory.
     
  8. cat

    cat New Member

    paer suphp on Vhosts

    Thanks for the quick reply, I will have a look at the pear instructions. In the mean time is there a way to install pear so that it is available to all Vhosts under suphp?
     
  9. falko

    falko Super Moderator Howtoforge Staff

    You can install pear as follows:
    Code:
    sudo apt-get install php-pear
     
  10. cat

    cat New Member

    Thanks falko for the reply

    I followed your instruction and installed php-pear but I still get

    any further suggestions?
     
  11. falko

    falko Super Moderator Howtoforge Staff

    What's the output of
    Code:
    updatedb
    locate Mail.php
    ?
     
  12. cat

    cat New Member

    /usr/share/php/Mail.php
     
  13. falko

    falko Super Moderator Howtoforge Staff

    Add /usr/share/php to your php.ini's include_path.
     
  14. cat

    cat New Member

    Hi falko

    I took a look at the php.ini and the include_path before I made any changes looked like this

    include_path = ".:/usr/share/php"

    So I removed the “.:” and tested the script again and got the same errors. I also tried putting a “/” after the php to see if that helped (both with and without “.:”) but that still produced the same errors. I even tried replacing the “.:” with “.” and “:”, with and without the “/” after the php but still got the same errors.

    I also note that there are 3 php.ini’s

    /etc/php5/apache/php.ini
    /etc/php5/cgi/php.ini
    /etc/php5/cli/php.ini

    and just to be safe I made all changes to all three but the errors persist. In case you missed it earlier or have forgotten it, we are working with suPHP.

    Thanks again for your help
     
  15. till

    till Super Moderator Staff Member ISPConfig Developer

    You can not access scripts from /usr/share/php when using suphp for security reasons. You should install a copy of pear locally inside the web directory.
     
  16. cat

    cat New Member

    Hi Till

    1) Do you mean install pear in
    A) /var/www/
    or
    B) /var/www/web2/

    If your answer is B then the problem I have with this setup is that pear has to be installed for each vhost, and updated for each vhost, each time there is an update. What a pain that will be.

    On a separate but related issue, I noticed in
    http://www.howtoforge.com/install-suphp-on-various-linux-distributions-for-use-with-ispconfig-2.2.20-and-above
    the tutorial to set up suPHP I run, the configurarion line

    particularly

    what would happen of I used

    instead?

    Also thanks guys I really appreciate all your help.
     
  17. cat

    cat New Member

    I guess I am going to answer my own question!

    For the benefit of all those who are reading this thread I found this description of the different modes.


    mode-force
    runs scripts with UID/GID specified in Apache configuration (i.e., apache:apache)

    mode-owner
    runs scripts with owner UID/GID

    mode-paranoid
    runs scripts with owner UID/GID but also checks if they match the UID/GID specified in the Apache configuration
     

Share This Page