SUexec works fine for PHP-FPM but Fast-CGI suddenly runs under www-data only, suexec.log empty

I hoped I could avoid writing here but after a day I honestly feel stupid.
The original issue is very-very similar to this thread, I have the same

• ISPConfig 3.2.2 (latest at the time of this post)
• Ubuntu Server 20.04.2 LTS
• PHP 7.4.15
  • 7.4.15-3+ubuntu20.04.1+deb.sury.org+1 « here the possible update issue.
    
  • Set manually to 7.4 (update-alternatives --config php) since it will install bits of PHP8.0
• Apache 2
  • Apache/2.4.41 (Ubuntu)
  • http2 using mpm_event

Code:

##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Ubuntu 20.04.2 LTS
 
[INFO] uptime:  08:17:14 up 20 days,  5:51,  2 users,  load average: 0.32, 0.35, 0.35
 
[INFO] memory:
              total        used        free      shared  buff/cache   available
Mem:          7.8Gi       3.8Gi       289Mi       195Mi       3.7Gi       3.5Gi
Swap:         4.0Gi       107Mi       3.9Gi
 
[INFO] systemd failed services status:
  UNIT                      LOAD   ACTIVE SUB    DESCRIPTION                             
● certbot.service           loaded failed failed Certbot                                 
● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

2 loaded units listed.

[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.2.2


##### VERSION CHECK #####

[INFO] php (cli) version is 7.4.15

##### PORT CHECK #####


##### MAIL SERVER CHECK #####


##### RUNNING SERVER PROCESSES #####

[INFO] I found the following web server(s):
    Apache 2 (PID 929169)
[INFO] I found the following mail server(s):
    Postfix (PID 845247)
[INFO] I found the following pop3 server(s):
    Dovecot (PID 845941)
[INFO] I found the following imap server(s):
    Dovecot (PID 845941)
[INFO] I found the following ftp server(s):
    PureFTP (PID 846011)

##### LISTENING PORTS #####
(only        ()
Local        (Address)
[anywhere]:993        (845941/dovecot)
[anywhere]:995        (845941/dovecot)
[localhost]:10023        (891/postgrey)
[localhost]:10024        (845801/amavisd-new)
[localhost]:10025        (845247/master)
[localhost]:10026        (845801/amavisd-new)
[localhost]:10027        (845247/master)
[anywhere]:587        (845247/master)
[localhost]:11211        (621/memcached)
[anywhere]:110        (845941/dovecot)
[anywhere]:143        (845941/dovecot)
[anywhere]:465        (845247/master)
[anywhere]:625        (845247/master)
***.***.***.***:53        (846148/named)
[localhost]:53        (846148/named)
[anywhere]:21        (846011/pure-ftpd)
***.***.***.***:53        (582/systemd-resolve)
[anywhere]:22        (706/sshd:)
[localhost]:953        (846148/named)
[anywhere]:25        (845247/master)
*:*:*:*::*:993        (845941/dovecot)
*:*:*:*::*:995        (845941/dovecot)
*:*:*:*::*:10024        (845801/amavisd-new)
*:*:*:*::*:10026        (845801/amavisd-new)
*:*:*:*::*:3306        (844329/mysqld)
*:*:*:*::*:587        (845247/master)
[localhost]10        (845941/dovecot)
[localhost]43        (845941/dovecot)
*:*:*:*::*:8080        (929169/apache2)
*:*:*:*::*:80        (929169/apache2)
*:*:*:*::*:8081        (929169/apache2)
*:*:*:*::*:465        (845247/master)
*:*:*:*::*:625        (845247/master)
*:*:*:*::*4050:38ff:fe9d:53        (846148/named)
*:*:*:*::*:53        (846148/named)
*:*:*:*::*:21        (846011/pure-ftpd)
*:*:*:*::*:22        (706/sshd:)
*:*:*:*::*:25        (845247/master)
*:*:*:*::*:953        (846148/named)
*:*:*:*::*:443        (929169/apache2)




##### IPTABLES #####
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
f2b-postfix  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
f2b-dovecot-pop3imap  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993
f2b-pure-ftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
f2b-apache-mycustombots  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 80,443
f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain f2b-apache-mycustombots (1 references)
target     prot opt source               destination         
REJECT     all  --  ***.***.***.***      [anywhere]/0            reject-with icmp-port-unreachable
REJECT     all  --  ***.***.***.***      [anywhere]/0            reject-with icmp-port-unreachable
REJECT     all  --  ***.***.***.***       [anywhere]/0            reject-with icmp-port-unreachable
... and so on

Everything was working fine, both Fast-CGI and PHP-FPM sites running without any problems using SUexec, I think all I did was a regular security update (also the Sury PHP packages). Some websites (most notably Opencart) started giving Permission denied errors, ISPConfig showed a white screen. I managed to revive ISPConfig by changing some permissions and as a workaround, setting all sites to PHP-FPM, they work, but I am very concerned what might have happened and do not understand it at all.
Just like Ark74 in the other post, I tried everything he did (I thought the problem was the same and maybe it is):

• I do not have Apparmor
• tried switching back to prefork, but it did not solve anything;
• update-alternatives --config php and update-alternatives --config php-cgi are both properly set to 7.4
• I do not have the package php8.0-fpm installed

As of this moment, if I choose PHP-FPM in ISPConfig, all sites operate without any problems whatsoever, SUexec works just fine. However, if I choose Fast-CGI, Apache runs with the default www-data user, causing all kinds of trouble. Nothing is written to suexec.log.

Apache error.log shows no particularly weird errors (this block keeps repeating):

Code:

root@singuuriq:/var/log/apache2# tail -n25 error.log
[Thu Feb 18 07:43:12.353083 2021] [:notice] [pid 928237:tid 140574126214208] mod_python: using mutex_directory /tmp
[Thu Feb 18 07:43:12.368676 2021] [mpm_event:notice] [pid 928237:tid 140574126214208] AH00489: Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1j mod_python/3.3.1 Python/2.7.18 mod_perl/2.0.11 Perl/v5.30.0 configured -- resuming normal operations
[Thu Feb 18 07:43:12.368728 2021] [core:notice] [pid 928237:tid 140574126214208] AH00094: Command line: '/usr/sbin/apache2'
[Thu Feb 18 07:52:13.914346 2021] [mpm_event:notice] [pid 928237:tid 140574126214208] AH00491: caught SIGTERM, shutting down
[Thu Feb 18 07:52:14.143226 2021] [suexec:notice] [pid 929161:tid 139751493798976] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)
[Thu Feb 18 07:52:14.277305 2021] [:error] [pid 929169:tid 139751493798976] python_init: Python version mismatch, expected '2.7.17', found '2.7.18'.
[Thu Feb 18 07:52:14.277431 2021] [:error] [pid 929169:tid 139751493798976] python_init: Python executable found ''.
[Thu Feb 18 07:52:14.277437 2021] [:error] [pid 929169:tid 139751493798976] python_init: Python path being used '/lib/python2.7:/lib/python2.7/plat-x86_64-linux-gnu:/lib/python2.7/lib-tk:/lib/python2.7/lib-old:/lib/python2.7/lib-dynload'.
[Thu Feb 18 07:52:14.277462 2021] [:notice] [pid 929169:tid 139751493798976] mod_python: Creating 8 session mutexes based on 6 max processes and 25 max threads.
[Thu Feb 18 07:52:14.277469 2021] [:notice] [pid 929169:tid 139751493798976] mod_python: using mutex_directory /tmp

Individual vhost files seem to be just fine, and anyway, the issue is not at the vhost level, because ISPConfig itself is now running under www-data, I think. I followed The Perfect Setup to the letter, I don't think there are many weird modules enabled:

Code:

root@singuuriq:/var/log/apache2# apache2ctl -M
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.vhost:7
Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 auth_digest_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgi_module (shared)
 cgid_module (shared)
 dav_module (shared)
 dav_fs_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 expires_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 headers_module (shared)
 http2_module (shared)
 include_module (shared)
 mime_module (shared)
 mpm_event_module (shared)
 negotiation_module (shared)
 perl_module (shared)
 proxy_module (shared)
 proxy_fcgi_module (shared)
 python_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)
 suexec_module (shared)

Please help me what else to check, I'll be most grateful.

 

Actually, the security update was much earlier (5:32 in the morning) than when the issues started (16:55), and unfortunately, a ton of small stuff:

Code:

Start-Date: 2021-02-17  05:32:55
Commandline: apt-get upgrade
Upgrade: php7.4-bz2:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-gd:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-cgi:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-cli:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-tidy:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php8.0-mbstring:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), php8.0-readline:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), gnupg-utils:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), friendly-recovery:amd64 (0.2.41, 0.2.41ubuntu0.20.04.1), php7.4-fpm:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), gpg-wks-client:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), python3-software-properties:amd64 (0.98.9.3, 0.98.9.4), openssl:amd64 (1.1.1i-1+ubuntu20.04.1+deb.sury.org+4, 1.1.1j-1+ubuntu20.04.1+deb.sury.org+3), php5.6-xmlrpc:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), gnupg-l10n:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), php7.4-json:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php8.0-bz2:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), php5.6:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php8.0-cli:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), php8.0-soap:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), php7.4-curl:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-xml:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php7.4:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-xsl:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-zip:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-pspell:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), gpg-wks-server:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), gpg:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), php5.6-recode:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php7.4-imap:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-tidy:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php7.4-intl:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-sqlite3:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-xmlrpc:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php-pear:amd64 (1:1.10.12+submodules+notgz-1+ubuntu20.04.1+deb.sury.org+1, 1:1.10.12+submodules+notgz+20210212-1+ubuntu20.04.1+deb.sury.org+1), php5.6-json:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-readline:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), dirmngr:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), php7.4-opcache:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-soap:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-xml:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-xsl:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-curl:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php7.4-zip:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-common:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php7.4-pspell:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-imap:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php7.4-mysql:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-intl:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-gd:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), libpcre2-8-0:amd64 (10.35-5+ubuntu20.04.1+deb.sury.org+1, 10.36-2+ubuntu20.04.1+deb.sury.org+2), gpgv:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), php7.4-mbstring:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php7.4-readline:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php5.6-mbstring:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php8.0-opcache:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), php8.0-xml:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), php5.6-mysql:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-mcrypt:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-soap:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-cgi:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php5.6-cli:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), php7.4-common:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php8.0-common:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), libssl1.1:amd64 (1.1.1i-1+ubuntu20.04.1+deb.sury.org+4, 1.1.1j-1+ubuntu20.04.1+deb.sury.org+3), php5.6-fpm:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), gnupg:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), php5.6-sqlite3:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), gpg-agent:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), libapache2-mod-php7.4:amd64 (7.4.14-1+ubuntu20.04.1+deb.sury.org+1, 7.4.15-3+ubuntu20.04.1+deb.sury.org+1), php8.0-mysql:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), php5.6-opcache:amd64 (5.6.40-39+ubuntu20.04.1+deb.sury.org+1, 5.6.40-43+ubuntu20.04.1+deb.sury.org+1), libapache2-mod-php8.0:amd64 (8.0.1-1+ubuntu20.04.1+deb.sury.org+1, 8.0.2-3+ubuntu20.04.1+deb.sury.org+1), gpgconf:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), gpgsm:amd64 (2.2.19-3ubuntu2, 2.2.19-3ubuntu2.1), software-properties-common:amd64 (0.98.9.3, 0.98.9.4)
End-Date: 2021-02-17  05:35:15

I was working on a particular Opencart 3 site, and here is the vhost error.log to show that something weird happened just before 16:55:

Code:

[Wed Feb 17 16:18:20.422626 2021] [fcgid:warn] [pid 470188:tid 139686311859968] (104)Connection reset by peer: [client 185.185.217.76:50457] mod_fcgid: ap_pass_brigade failed in handle_request_ipc function
[Wed Feb 17 16:18:20.793111 2021] [fcgid:warn] [pid 470122:tid 139686496433920] (104)Connection reset by peer: [client 185.185.217.76:50461] mod_fcgid: ap_pass_brigade failed in handle_request_ipc function
[Wed Feb 17 16:55:19.329934 2021] [proxy_fcgi:error] [pid 636992:tid 139686613866240] [client 207.46.13.51:24790] AH01071: Got error 'PHP message: PHP Warning:  fopen(/var/www/clients/client1/web123/private/storage/logs/error.log): failed to open stream: Permission denied in /var/www/clients/client1/web123/web/system/library/log.php on line 22PHP message: PHP Warning:  fwrite() expects parameter 1 to be resource, bool given in /var/www/clients/client1/web123/web/system/library/log.php on line 31'
[Wed Feb 17 16:55:19.337975 2021] [proxy_fcgi:error] [pid 636992:tid 139686613866240] [client 207.46.13.51:24790] AH01071: Got error 'PHP message: PHP Warning:  fwrite() expects parameter 1 to be resource, bool given in /var/www/clients/client1/web123/web/system/library/log.php on line 31PHP message: PHP Warning:  fwrite() expects parameter 1 to be resource, bool given in /var/www/clients/client1/web123/web/system/library/log.php on line 31'

All I could find was this around that time in the syslog:

Code:

Feb 17 16:53:01 singuuriq CRON[636943]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Feb 17 16:53:01 singuuriq CRON[636944]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Feb 17 16:53:01 singuuriq systemd[1]: var-www-clients-client1-web1-log.mount: Succeeded.
Feb 17 16:53:01 singuuriq systemd[263510]: var-www-clients-client1-web1-log.mount: Succeeded.
Feb 17 16:53:04 singuuriq postfix/smtpd[635214]: warning: unknown[212.70.149.54]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 17 16:53:04 singuuriq systemd[1]: Reloading The Apache HTTP Server.
Feb 17 16:53:04 singuuriq apachectl[636987]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.vhost:7
Feb 17 16:53:04 singuuriq systemd[1]: Reloaded The Apache HTTP Server.

client1 is the owner of the given site, and it looks as if I changed something for that client in ISPConfig and then everything went haywire.... the problem is that I do not remember having changed anything in IPSConfig. I was only fighting with a module in Opencart, having cleared its cache 3 or 4 times and trying to reinstall an export/import module (in other words, application/site-specific, not server-specific).

The big question is, could it really have been the early morning update that caused the issue? It is possible that I have not changed anything in ISPConfig, forcing Apache to reload... but would the updates not have done that?

 

Code:

update-alternatives: error: no alternatives for php-fpm

 

What does "broken" mean here? php7.4-cgi seems to be working fine, Apache serves the pages without any problems (actually, I haven't realized for some time that all sites were affected, because the Wordpress sites worked just fine)... except for the permissions which were set up by ISPConfig. Out of curiousity, I did an apt remove php7.4-cgi and then back, even checked dpkg-reconfigure, but nobody complains of anything and all I could restore was the current situation. What baffles me is that literally nothing is written into suexec.log, it's as if for some reason mod_suexec would become invalid when using Fast-CGI (but working fine when using PHP-FPM).

 

No, I don't. I only followed the Perfect Setup and then the Howtoforge article to install multiple PHP versions (I also needed 5.6 for a few old sites beside the default 7.4).

 

I also have problems after upgrading php packages from deb.sury. Several sites doesn't work, complaining about permissions on files or directories. Disregarding of which php version was specified in Ispconfig, sites ran on default PHP7.2. Most sites was specified to run php7.4 (FPM).

Server: Ubuntu 18.04 LTS
Default php version: 7.2
Installed versions (deb.sury): 5.6, several 7.X up to 7.4
Latest Ispconfig version.

Temporary solution for me is this (mentioned on other threads)

Code:

sudo a2dismod mpm_event http2
sudo a2enmod mpm_prefork php7.2
sudo systemctl restart apache2

On the downside: http2 protocol is gone. Sites are served with http1.1

 

Code:

lrwxrwxrwx 1 root root 16 Feb 18 16:56 /etc/alternatives/phar -> /usr/bin/phar7.4
lrwxrwxrwx 1 root root 32 Feb 18 16:56 /etc/alternatives/phar.1.gz -> /usr/share/man/man1/phar7.4.1.gz
lrwxrwxrwx 1 root root 21 Feb 18 16:56 /etc/alternatives/phar.phar -> /usr/bin/phar.phar7.4
lrwxrwxrwx 1 root root 37 Feb 18 16:56 /etc/alternatives/phar.phar.1.gz -> /usr/share/man/man1/phar.phar7.4.1.gz
lrwxrwxrwx 1 root root 15 Oct 29  2019 /etc/alternatives/php -> /usr/bin/php7.2
lrwxrwxrwx 1 root root 31 Oct 29  2019 /etc/alternatives/php.1.gz -> /usr/share/man/man1/php7.2.1.gz
lrwxrwxrwx 1 root root 19 Feb 18 16:58 /etc/alternatives/php-cgi -> /usr/bin/php-cgi7.2
lrwxrwxrwx 1 root root 35 Feb 18 16:58 /etc/alternatives/php-cgi.1.gz -> /usr/share/man/man1/php-cgi7.2.1.gz
lrwxrwxrwx 1 root root 23 Dec 20  2019 /etc/alternatives/php-cgi-bin -> /usr/lib/cgi-bin/php7.4
lrwxrwxrwx 1 root root 24 Jan 29 00:44 /etc/alternatives/php-fpm.sock -> /run/php/php7.4-fpm.sock

Yes, I tried turning off mpm_prefork and enable mpm_event http2.
Symptoms reappeared. Including 500 error on Ispconfig login page (I forget to mention that previously)

Code:

[proxy_fcgi:error] [pid 10513:tid 139698022373120] [client xxx.xxx.xxx.xxx] AH01071: Got error 'PHP message: PHP Warning:  require_once(/usr/local/ispconfig/interface/lib/config.inc.php): failed to open stream: Permission denied in /usr/local/ispconfig/interface/web/index.php on line 31\nPHP message: PHP Fatal error:  require_once(): Failed opening required '../lib/config.inc.php' (include_path='.:/usr/share/php') in /usr/local/ispconfig/interface/web/index.php on line 31\n'

 

Nope. It doesn't help.
I don't see any warnings either. Previously there was warning in Apache error.log

Code:

[http2:warn] [pid 25472] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.