[suPHP] Best configuration for virtual users

Jorge Bastos mysql.jorge at decimal.pt
Thu May 1 17:44:29 CEST 2008 

Hey Jeremy,
But I already confirmed a few emails back that with a system users it works!
So I believe you missed that email.



> -----Original Message-----
> From: Jeremy Chadwick [mailto:suphp at jdc.parodius.com]
> Sent: quinta-feira, 1 de Maio de 2008 15:31
> To: Jorge Bastos
> Cc: 'Wouter de Jong'; 'Sebastian Marsching'; suphp at lists.marsching.biz
> Subject: Re: [suPHP] Best configuration for virtual users
> 
> Jorge, a couple things.
> 
> Wouter's patch works fine on Linux and FreeBSD.  The semantics of the
> change will work on both operating systems.
> 
> Secondly, and more importantly, what proof do you have that the problem
> is with non-system users?  All I see you doing is constantly stating
> that the errors you get from suPHP are being caused by the user of
> '#uid' and '#gid' syntax in your suPHP_UserGroup lines, but the log
> entries in suphp.log don't indicate there's necessarily anything wrong
> with those.
> 
> There has been no confirmation that you've actually tried using a local
> system user and seen it work.
> 
> Personally I think the problem is elsewhere.
> 
> --
> | Jeremy Chadwick                                jdc at parodius.com |
> | Parodius Networking                       http://www.parodius.com/ |
> | UNIX Systems Administrator                  Mountain View, CA, USA |
> | Making life hard for others since 1977.              PGP: 4BD6C0CB |
> 
> On Thu, May 01, 2008 at 01:45:11PM +0100, Jorge Bastos wrote:
> > Thanks a lot Wouter,
> >
> > Sebastian, can you do something about non-system users on linux?
> >
> > Jorge
> >
> >
> > > -----Original Message-----
> > > From: Wouter de Jong [mailto:wouter at widexs.nl]
> > > Sent: quinta-feira, 1 de Maio de 2008 12:39
> > > To: Jorge Bastos
> > > Cc: suphp at lists.marsching.biz
> > > Subject: Re: [suPHP] Best configuration for virtual users
> > >
> > > On Thu, May 01, 2008 at 12:14:31PM +0100, Jorge Bastos wrote:
> > >
> > > Jorge,
> > >
> > > The patch is in suPHP since version 0.5.2, as I mentioned in me
> > > previous
> > > reply to you. So I can't send it again :)
> > >
> > > > I searched for for mailling list and found this:
> > > >
> > > > http://lists.marsching.com/pipermail/suphp/2004-
> February/000288.html
> > >
> > > Very old ;)
> > >
> > > > but the fact is that I compiled suphp with:
> > > >
> > > > sh configure --with-apxs=/usr/bin/apxs2 --with-min-uid=5000
> > > > --with-min-gid=4901 --with-apache-user=www-data
> > > > --with-logfile=/var/log/suphp/suphp.log CPPFLAGS=-
> I/usr/include/apr-0
> > > > --sysconfdir=/etc/suphp --disable-checkuid --disable-checkgid
> > > > --with-setid-mode=paranoid --disable-checkpath
> > > >
> > > > so checkuid and checkguid is there, unless the "suPHP_UserGroup"
> has
> > > to be
> > > > inside a ifmodule tag?
> > >
> > > checkuid and checkgid are no longer used.
> > > Sebastian : --disable-check{uid,gid} are still mentioned in
> > > doc/INSTALL,
> > > but no longer used since version 0.6 ... you might want to remove
> it.
> > >
> > >
> > > So as I told you before ... the feature should work since it's
> > > built-in. However, my setup runs on FreeBSD and not on Linux.
> > > Since I see an API.cpp and API_Linux.cpp, there is a very tiny
> > > possibility it's broken on Linux but I couldn't find any reason for
> it
> > > in a glance when looking at the 0.6.3 sources.
> > >
> > > I'm not able to test it on Linux right now either (packing for a
> tiny
> > > vacation),
> > > so maybe someone else on this list could do this to see if it's
> > > something
> > > wrong on Jorge's box or it's really broken on Linux ?
> > >
> > > It's as simple as specifying an unused uid in httpd.conf for
> > > suPHP_UserGroup, like :
> > >
> > > suPHP_UserGroup #12345 users
> > >
> > > (You can ofcourse, also specify an (unused) gid)
> > >
> > > And then ofcourse set correct permissions + uid-owner on the dir's
> +
> > > script.
> > >
> > > Regards,
> > >
> > > --
> > > WideXS                          http://www.widexs.nl
> > > Wouter de Jong                  Jr. Hosting Architect
> > > Tel +31 (0)20 7570700           Fax +31 (0)20 7570799
> > > Zekeringstraat 43,		1014 BV Amsterdam, NL
> >
> >
> > _______________________________________________
> > suPHP mailing list
> > suPHP at lists.marsching.biz
> > http://lists.marsching.com/mailman/listinfo/suphp

More information about the suPHP mailing list