Hi, I have installed ISPConfig 3 and everything works fine, except perl scripts. My user put perl script printenv.pl (it works from command line) in cgi-bin dir under his home dir (/home/client19/web23). In /var/www there's a link to /home/client19/web23 named xxx.xxx.xxx cgi-bin dir is owned by the right user and group and is 755. In /var/log/httpd/suexec.log: [2016-01-18 16:42:22]: uid: (5018/web23) gid: (5020/client19) cmd: printenv.pl [2016-01-18 16:42:22]: command not in docroot (/home/client19/web23/cgi-bin/printenv.pl) What don't I see? A.
Seems as if you put your web document root into a wrong folder. ISPConfig installs websites always in /var/www and not /home, so you must have modified that after you installed ISPConfig and this causes your problem now as /home is not allowed for suexec in websites, the suexec docroot is compiled into the suexec Linux system binary so all sites have to be in a subfolder of /var/www like ISPConfig does it by default. You will either have to reinstall the server and correct the wrong docroot or you need a custom suexec where the docroot path is configurable.
Home dirs are nfs mounted. I configured ISPConfig to have client home in /home (/etc/passwd is written accordingly to this - web23:x:5018:5020::/home/client19/web23:/bin/false) Should I change the mount point or is it better to recompile suexec? What will happen to the other sites? A.
For some Linux distributions there are alternative suexec packages available that allow a configuration of the base path. Which Linux distribution do you use?
Hmm, that's bad. For Debian based systems there is an alternative package available but as far as I know, not for centos. You can either recompile apache: http://unix.stackexchange.com/questions/79423/changing-suexec-path-centos-6 or you reconfigure the path of the sites and remount it to /var/www, but this will affect all sites and a lot of config (e.g. sites vhost file) and /etc/passwd would have to be changed, so that's quite error prone.
I dont't have too many sites hosted at the moment, so I will try to move the mount point. I will test it on a cloned host and hope everything works... Thanx, A.
