[suPHP] Best configuration for virtual users

Jeremy Chadwick suphp at jdc.parodius.com
Thu May 1 18:47:25 CEST 2008 

Being as I'm not familiar with C++, I can't really help track down
what's going on.  But the exception error sounds like a good
confirmation of a problem.  :-)

-- 
| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |

On Thu, May 01, 2008 at 05:41:43PM +0100, Jorge Bastos wrote:
> No problem,
> I just wanted this to work :(
> 
> 
> 
> 
> > -----Original Message-----
> > From: Jeremy Chadwick [mailto:suphp at jdc.parodius.com]
> > Sent: quinta-feira, 1 de Maio de 2008 17:14
> > To: Jorge Bastos
> > Subject: Re: [suPHP] Best configuration for virtual users
> > 
> > My apologies then.  Yes, I did miss that mail.
> > 
> > --
> > | Jeremy Chadwick                                jdc at parodius.com |
> > | Parodius Networking                       http://www.parodius.com/ |
> > | UNIX Systems Administrator                  Mountain View, CA, USA |
> > | Making life hard for others since 1977.              PGP: 4BD6C0CB |
> > 
> > On Thu, May 01, 2008 at 04:44:29PM +0100, Jorge Bastos wrote:
> > > Hey Jeremy,
> > > But I already confirmed a few emails back that with a system users it
> > works!
> > > So I believe you missed that email.
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: Jeremy Chadwick [mailto:suphp at jdc.parodius.com]
> > > > Sent: quinta-feira, 1 de Maio de 2008 15:31
> > > > To: Jorge Bastos
> > > > Cc: 'Wouter de Jong'; 'Sebastian Marsching';
> > suphp at lists.marsching.biz
> > > > Subject: Re: [suPHP] Best configuration for virtual users
> > > >
> > > > Jorge, a couple things.
> > > >
> > > > Wouter's patch works fine on Linux and FreeBSD.  The semantics of
> > the
> > > > change will work on both operating systems.
> > > >
> > > > Secondly, and more importantly, what proof do you have that the
> > problem
> > > > is with non-system users?  All I see you doing is constantly
> > stating
> > > > that the errors you get from suPHP are being caused by the user of
> > > > '#uid' and '#gid' syntax in your suPHP_UserGroup lines, but the log
> > > > entries in suphp.log don't indicate there's necessarily anything
> > wrong
> > > > with those.
> > > >
> > > > There has been no confirmation that you've actually tried using a
> > local
> > > > system user and seen it work.
> > > >
> > > > Personally I think the problem is elsewhere.
> > > >
> > > > --
> > > > | Jeremy Chadwick                                jdc at
> > parodius.com |
> > > > | Parodius Networking
> > http://www.parodius.com/ |
> > > > | UNIX Systems Administrator                  Mountain View, CA,
> > USA |
> > > > | Making life hard for others since 1977.              PGP:
> > 4BD6C0CB |
> > > >
> > > > On Thu, May 01, 2008 at 01:45:11PM +0100, Jorge Bastos wrote:
> > > > > Thanks a lot Wouter,
> > > > >
> > > > > Sebastian, can you do something about non-system users on linux?
> > > > >
> > > > > Jorge
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Wouter de Jong [mailto:wouter at widexs.nl]
> > > > > > Sent: quinta-feira, 1 de Maio de 2008 12:39
> > > > > > To: Jorge Bastos
> > > > > > Cc: suphp at lists.marsching.biz
> > > > > > Subject: Re: [suPHP] Best configuration for virtual users
> > > > > >
> > > > > > On Thu, May 01, 2008 at 12:14:31PM +0100, Jorge Bastos wrote:
> > > > > >
> > > > > > Jorge,
> > > > > >
> > > > > > The patch is in suPHP since version 0.5.2, as I mentioned in me
> > > > > > previous
> > > > > > reply to you. So I can't send it again :)
> > > > > >
> > > > > > > I searched for for mailling list and found this:
> > > > > > >
> > > > > > > http://lists.marsching.com/pipermail/suphp/2004-
> > > > February/000288.html
> > > > > >
> > > > > > Very old ;)
> > > > > >
> > > > > > > but the fact is that I compiled suphp with:
> > > > > > >
> > > > > > > sh configure --with-apxs=/usr/bin/apxs2 --with-min-uid=5000
> > > > > > > --with-min-gid=4901 --with-apache-user=www-data
> > > > > > > --with-logfile=/var/log/suphp/suphp.log CPPFLAGS=-
> > > > I/usr/include/apr-0
> > > > > > > --sysconfdir=/etc/suphp --disable-checkuid --disable-checkgid
> > > > > > > --with-setid-mode=paranoid --disable-checkpath
> > > > > > >
> > > > > > > so checkuid and checkguid is there, unless the
> > "suPHP_UserGroup"
> > > > has
> > > > > > to be
> > > > > > > inside a ifmodule tag?
> > > > > >
> > > > > > checkuid and checkgid are no longer used.
> > > > > > Sebastian : --disable-check{uid,gid} are still mentioned in
> > > > > > doc/INSTALL,
> > > > > > but no longer used since version 0.6 ... you might want to
> > remove
> > > > it.
> > > > > >
> > > > > >
> > > > > > So as I told you before ... the feature should work since it's
> > > > > > built-in. However, my setup runs on FreeBSD and not on Linux.
> > > > > > Since I see an API.cpp and API_Linux.cpp, there is a very tiny
> > > > > > possibility it's broken on Linux but I couldn't find any reason
> > for
> > > > it
> > > > > > in a glance when looking at the 0.6.3 sources.
> > > > > >
> > > > > > I'm not able to test it on Linux right now either (packing for
> > a
> > > > tiny
> > > > > > vacation),
> > > > > > so maybe someone else on this list could do this to see if it's
> > > > > > something
> > > > > > wrong on Jorge's box or it's really broken on Linux ?
> > > > > >
> > > > > > It's as simple as specifying an unused uid in httpd.conf for
> > > > > > suPHP_UserGroup, like :
> > > > > >
> > > > > > suPHP_UserGroup #12345 users
> > > > > >
> > > > > > (You can ofcourse, also specify an (unused) gid)
> > > > > >
> > > > > > And then ofcourse set correct permissions + uid-owner on the
> > dir's
> > > > +
> > > > > > script.
> > > > > >
> > > > > > Regards,
> > > > > >
> > > > > > --
> > > > > > WideXS                          http://www.widexs.nl
> > > > > > Wouter de Jong                  Jr. Hosting Architect
> > > > > > Tel +31 (0)20 7570700           Fax +31 (0)20 7570799
> > > > > > Zekeringstraat 43,		1014 BV Amsterdam, NL
> > > > >
> > > > >
> > > > > _______________________________________________
> > > > > suPHP mailing list
> > > > > suPHP at lists.marsching.biz
> > > > > http://lists.marsching.com/mailman/listinfo/suphp

More information about the suPHP mailing list