[suPHP] Using suPHP with non real system users

Damien Varron diams99 at yahoo.fr
Tue May 20 02:10:00 CEST 2008 

Hi,

I come to you with the following problem : I try to run suPHP on a fresh install of Ubuntu Hardy Heron / Apache 2 / php5 as CGI (for sure),
I installed it all following the howto I found on howtoforge : http://www.howtoforge.com/apache2_suphp_php4_php5 only without installing php4,
My problem is I get to get suPHP / php files running fine with real users, but I would like to have them running with non real system users, due to a previous configuration on anoter system and in relationship with a proftpd mysql based user list.
I already read the whole "[suPHP] Best configuration for virtual users" thread from "Jorge Bastos" with no luck.
I also tried every possible mode for suPHP : paranoid, owner and force also with no luck. Always compiling it myself with or without make clean (as I read somewhere a trick about compiling twice without clean...).

I have no idea what to do next except for creating a new system user per hosted site (about 120 users ?) and therefore ask for your help.

You can see two examples :
http://black.assoces.com/info.php running fine, with no particular settings, currently paranoid mode, default vhost, file owned by dvarron:www-data
and 
http://ricarembar.assoces.com/info.php giving the 500 error, with following vhost : 

<VirtualHost *>
  ServerName ricarembar.assoces.com
        suPHP_Engine on
        suPHP_UserGroup #2135 #33
        suPHP_ConfigPath /etc/php5/cgi
        AddHandler x-httpd-php .php .php3 .php4 .php5
        DocumentRoot /home/httpd/assoces.com/listesbde/2006-2007/ricarembar/html
</VirtualHost>

and accordingly chowned by 2135:33 along with the hole directory and parent directory.

Here is my /etc/apache2/mods-available/suphp.conf :

<IfModule mod_suphp.c>
 AddType application/x-httpd-php .php .phtml .php3 .php4
 AddType application/x-httpd-php-source .phps
 AddHandler x-httpd-php .php .php3 .php4 .php5
<Location />
SuPHP_AddHandler x-httpd-php
</Location>
 suPHP_ConfigPath /etc/php5/cgi
 suPHP_Engine on
</IfModule>

and /etc/suphp/suphp.conf :

[global]
;Path to logfile
logfile=/var/log/suphp/suphp.log

;Loglevel
loglevel=info

;User Apache is running as
webserver_user=www-data

;Path all scripts have to be in
docroot=/

;Path to chroot() to before executing script
;chroot=/mychroot

; Security options
allow_file_group_writeable=true
allow_file_others_writeable=true
allow_directory_group_writeable=false
allow_directory_others_writeable=false

;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=false

;Send minor error messages to browser
errors_to_browser=true

;PATH environment variable
env_path=/bin:/usr/bin:/usr/sbin:/sbin

;Umask to set, specify in octal notation
umask=022

; Minimum UID
min_uid=33

; Minimum GID
min_gid=33


[handlers]
;Handler for php-scripts
x-httpd-php=php:/usr/bin/php5-cgi
;application/x-httpd-php=php:/usr/bin/php4-cgi
;x-httpd-php5=php:/usr/bin/php5.1-cgi

;Handler for CGI-scripts
x-suphp-cgi=execute:!self

Don't know what to add and hope for your answers.
Thanks in advance.
(and please excuse my english, I'm french, yup, no one's perfect...)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.marsching.com/pipermail/suphp/attachments/20080520/6ad43386/attachment.htm

More information about the suPHP mailing list