perl suexec command not in docroot

Discussion in 'Installation/Configuration' started by Arianna, Jan 19, 2016.

  1. Arianna

    Arianna Member

    I have installed ISPConfig 3 and everything works fine, except perl scripts.
    My user put perl script (it works from command line) in cgi-bin dir under his home dir (/home/client19/web23).
    In /var/www there's a link to /home/client19/web23 named
    cgi-bin dir is owned by the right user and group and is 755.

    In /var/log/httpd/suexec.log:
    [2016-01-18 16:42:22]: uid: (5018/web23) gid: (5020/client19) cmd:
    [2016-01-18 16:42:22]: command not in docroot (/home/client19/web23/cgi-bin/

    What don't I see?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems as if you put your web document root into a wrong folder. ISPConfig installs websites always in /var/www and not /home, so you must have modified that after you installed ISPConfig and this causes your problem now as /home is not allowed for suexec in websites, the suexec docroot is compiled into the suexec Linux system binary so all sites have to be in a subfolder of /var/www like ISPConfig does it by default.

    You will either have to reinstall the server and correct the wrong docroot or you need a custom suexec where the docroot path is configurable.
  3. Arianna

    Arianna Member

    Home dirs are nfs mounted. I configured ISPConfig to have client home in /home (/etc/passwd is written accordingly to this - web23:x:5018:5020::/home/client19/web23:/bin/false)
    Should I change the mount point or is it better to recompile suexec? What will happen to the other sites?

  4. till

    till Super Moderator Staff Member ISPConfig Developer

    For some Linux distributions there are alternative suexec packages available that allow a configuration of the base path. Which Linux distribution do you use?
  5. Arianna

    Arianna Member

    centos 6
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Hmm, that's bad. For Debian based systems there is an alternative package available but as far as I know, not for centos.

    You can either recompile apache:

    or you reconfigure the path of the sites and remount it to /var/www, but this will affect all sites and a lot of config (e.g. sites vhost file) and /etc/passwd would have to be changed, so that's quite error prone.
  7. Arianna

    Arianna Member

    I dont't have too many sites hosted at the moment, so I will try to move the mount point. I will test it on a cloned host and hope everything works...

Share This Page