FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


SuExec, source compile? Custom Doc_Root?





cr3ativ3
Hello,

I am working on configuring my own server management software, I have been fooling around for the last little while and got one working really well. However, I am going to start using SuExec or SuPHP for permissions and security reasons, as well as for the control panel.

I can setup the server just fine with the users located under /var/www (default doc-root for SuExec/Apache2), however thats not how I am going to be doing things my current setup is for the users to be located under /home.

So the problem arises when I do a default setup with suexec, as the default docroot for suexec is /var/www which means that know scripts or atleast cgi scripts can be executed outside of this. So I need to some how set a custom docroot before installation of apache with the suexec wrapper. From what I have read I need to do this from source, however I have not yet had a successful bout with compiling something on linux from source.

So if anyone can point me in the right direction of a good tutorial, I have been looking for awhile with no resolve. I found a srpm tutorial for exactly what I want to do, but I am using Debian Linux as the OS, so that wont work.

http://forums.fedoraforum.org/archive/index.php/t-2014.html

Please Help!
mOrpheuS
http://blog.chty.org/post/2007/10/28/Apache2-mod_fastcgi-suexec-on-debian-etch

Should be helpful -
Quote:
#/usr/lib/apache2/suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="www-data"
-D AP_LOG_EXEC="/var/log/apache2/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=100
-D AP_USERDIR_SUFFIX="public_html"
cr3ativ3
Yes, that works but I would like to throw the users under /home instead of /var/www (just my preferrence). Is their any good tutorials or information on compiling apache/suexec from source with the doc_root set to /home.

I was looking at the apache/suexec official docs but official documentation is more of a list of configuration options not a tutorial on how to compile from source, so its not that helpful in my case.

If I come to no resolve with putting users in /home I guess I will have to move them to /var/www Confused
mOrpheuS
cr3ativ3 wrote:
Yes, that works but I would like to throw the users under /home instead of /var/www (just my preferrence). Is their any good tutorials or information on compiling apache/suexec from source with the doc_root set to /home.

http://blog.chty.org/post/2008/08/12/Changing-suexec-root-directory

Quote:
replace the option --with-suexec-docroot with the correct path you want.
cr3ativ3
mOrpheuS wrote:
cr3ativ3 wrote:
Yes, that works but I would like to throw the users under /home instead of /var/www (just my preferrence). Is their any good tutorials or information on compiling apache/suexec from source with the doc_root set to /home.

http://blog.chty.org/post/2008/08/12/Changing-suexec-root-directory

Quote:
replace the option --with-suexec-docroot with the correct path you want.


Woot, after fiddling around with the tutorial (its not step-by-step), I think I got it to work.

Quote:

katrina:/tmp/apache2# /usr/lib/apache2/suexec -V
-D AP_DOC_ROOT="/home"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="www-data"
-D AP_LOG_EXEC="/var/log/apache2/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=100
-D AP_USERDIR_SUFFIX="public_html"


Later on I will post my exact steps to success!

In the meen time, mOrpheuS you are my saviour!
cr3ativ3
Ok, so here is my next problem everything was going pretty good until...

So my server setup allows me to access the accounts, without using a unique domain name/ip address/port number. Instead I call the accounts via: 192.168.0.111/~username

So to accomplish this I have to use some regex within the httpd.conf.

httpd.conf wrote:

<VirtualHost _default_>
DirectoryIndex index.htm index.html index.php index.phtml
RewriteEngine On
RewriteRule ^/~([a-z]+)/(.*)$ /home/$1/public_html/$2
RewriteRule ^/~([a-z]+)$ /home/$1/public_html/
_____<Directory /home/web1/>
_________ SuexecUserGroup web1 web1
_________ PHP_Fix_Pathinfo_Enable 1
_________ Options +ExecCGI
_________ Options Indexes FollowSymLinks MultiViews
_________AllowOverride All
_________Order allow,deny
_________Allow from all
_________AddHandler fcgid-script .php
_________ FCGIWrapper /home/php-fcgi-scripts/web1/php-fcgi-starter .php
_________ php_admin_value open_basedir /home/web1/
_____</Directory>
_____<Directory /home/web2/>
_________ SuexecUserGroup web2 web2
_________ PHP_Fix_Pathinfo_Enable 1
_________ Options +ExecCGI
_________ Options Indexes FollowSymLinks MultiViews
_________ AllowOverride All
_________ Order allow,deny
_________ Allow from all
_________ AddHandler fcgid-script .php
_________ FCGIWrapper /home/php-fcgi-scripts/web2/php-fcgi-starter .php
_________ php_admin_value open_basedir /home/web2/
_____</Directory>
#WriteNextUserHere
</VirtualHost>


Now the error I get when I try reloading apache, with these changes to httpd.conf file.

Apache Reload Error wrote:

Forcing reload of web server (apache2)... waiting Syntax error on line 7 of /etc/apache2/httpd.conf:
SuexecUserGroup not allowed here
failed!



I understand the what the problem is, and I should be using vHosts. However I dont exactly see how I can solve this problem any other way...so any ideas? I know cPanel allows you to access your sites from a url such as server-domain.com/~username. I assume that the cPanel servers that have suexec/suphp setup on them successfully apply the suexec perms to everyones account that is being called this way.

Maybe, if mOrpheuS here or if you could get Bondings, can check server1's host/httpd.conf file, and see how it lets people access their sites from server-domain.com/~username.

Let me know! Thanks for your help so far!
Related topics
Intel forms internal open-source group
Creating a new Operating System
My greatest custom made avatars (open-source :D)
Knowing Source Code
Power PC / Intel Mac Users - Code Compiling Required
Ubuntu Linux 6.06 LTS source code
A confusion with C# and VB.NET...
Perl CGI 500 Internal Server Error
dual boot
COnstructing an OS from nothing...
About pascal programming language
Which Linux distro allows easiest installation of add-on?
Compile this game and get 800 Frih$
Reply to topic    Frihost Forum Index -> Computers -> Operating Systems

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.