Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Getting suEXEC to work on Apache2

Posted on 2003-03-12
7
Medium Priority
?
1,144 Views
Last Modified: 2012-05-04
I've been trying to figure out why suEXEC makes my scripts give out 500 errors. Without the suEXEC SuexecUserGroup command everything works fine.
I know its installed and configured properly cause all I had to do was load the module in the httpd.conf files and it outputs the message in the log files like its supposed to.

I have users set up for each host and they all belong the the group www.
Now for any particular host I use:
SuexecUserGroup example.com www
And when I run the script I get a 500 error. Premature end of script headers.

Well not sure why this is. Remember that it WORKS FINE when I dont use the SuexecUserGroup command.
I am running RedHat 8, Apache 2, Perl 5.8
This is how my virtualhost's looks.

<VirtualHost *>
    DocumentRoot /var/www/example.com/html
    ServerName www.example.com
    ServerAlias example.com
    ServerAdmin jeyb@rogers.com
    ScriptAlias /cgi-bin/ /var/www/example.com/cgi-bin/
    SuexecUserGroup example.com www
    ErrorLog /var/www/example.com/error_log
    CustomLog /var/www/example.com/example.com_log main
    <Directory "/var/www/example.com">
        Options +Includes
    </Directory>
    <Directory "/var/www/example.com/html">
        AllowOverride all
    </Directory>
    <Directory "/var/www/example.com/cgi-bin">
        Options +ExecCGI
    </Directory>
</VirtualHost>

Please tell me how to fix this.
Thanks,
Jey
0
Comment
Question by:jeyb
  • 4
  • 3
7 Comments
 
LVL 8

Accepted Solution

by:
heskyttberg earned 600 total points
ID: 8140004
Hi!

This logfile might be pretty helpful:
/var/log/httpd/suexec.log

What I noticed is that oyu need same permissons on the /var/www/example.com/cgi-bin dir as there is on the files. This dir and files in it also need same user/group owners as you set in the SuexecUserGroup directive.

If you make theese changes everything will work great.

Regards
/Hans - Erik Skyttberg
0
 
LVL 8

Expert Comment

by:heskyttberg
ID: 8140005
oyu = you, :)
0
 

Author Comment

by:jeyb
ID: 8177280
I tried that but I keep getting 500 errors even though the scripts perfectly fine.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 8

Expert Comment

by:heskyttberg
ID: 8177573
Hi!

Oh, and the files or dir can't be group or world readable.

Every change you do and test, check in following gile for error and change permissons accordingly:
/var/log/httpd/suexec.log

If I remember correctly it was there it's saved, any permisson errors will be in there and just go fix them and it will work.

Regards
/Hans - Erik Skyttberg
0
 

Author Comment

by:jeyb
ID: 8178127
I get these errors:
[2003-03-20 14:27:27]: user mismatch (nobody instead of apache)
[2003-03-20 14:27:29]: user mismatch (nobody instead of apache)

Aren't I supposed to run apache as user nobody and group nobody?

And where exactly do I put in the SuexecUserGroup. Like after which line.
0
 

Author Comment

by:jeyb
ID: 8178143
also I tried setting the user to apache and group to nobody and still the same 500 error.
0
 

Author Comment

by:jeyb
ID: 8185134
Thanks.
It worked I just forgot to do something also thats why it didn't work the second time.

:)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month14 days, 18 hours left to enroll

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question