Suexec with Apache 1.3.29
Peter Risdon
peter at circlesquared.com
Thu Apr 29 00:36:50 PDT 2004
Mikkel Christensen wrote:
>This is about Perl scripts only.
>
>
>
> This isn't about php at all. I know that mod_php will never run as
> suexec and I'm not trying to do so either. Neither am I trying to get
> php to run under suexec as CGI.
Ah... I qualified my first post to you in terms of php only. I certainly
didn't get this impression from your reply.
>>I might have missed this in an earlier post, but when apache starts do
>>you get lines in your /var/log/httpd-error.log like this:
>>
>>[notice] suEXEC mechanism enabled (wrapper: /usr/local/sbin/suexec)
>>
>>
>>
>
>It don't output the line above. But everything seems to be right.
>Apache tells me suexec is there and that it is properly configured to. The suEXEC log-line is not comming but still it's loaded in some way.
>
>
From the apache manual. The wording is identical for versions 1.3 and 2:
<quote>
Upon startup of Apache, it looks for the file |suexec| in the directory
defined by the |--sbindir| option (default is
"/usr/local/apache/sbin/suexec"). If Apache finds a properly configured
suEXEC wrapper, it will print the following message to the error log:
| [notice] suEXEC mechanism enabled (wrapper: //path/to/suexec/) |
If you don't see this message at server startup, the server is most
likely not finding the wrapper program where it expects it, or the
executable is not installed /setuid root/.
If you want to enable the suEXEC mechanism for the first time and an
Apache server is already running you must kill and restart Apache.
Restarting it with a simple HUP or USR1 signal will not be enough.
If you want to disable suEXEC you should kill and restart Apache after
you have removed the |suexec| file.
</quote>
I have found this the only valid test for successful installation of
apache suexec. The above quote also offers some tests - is the suexec
wrapper there? Is it setuid root? Did you already have a running apache
when you installed this and if so have you killed it properly prior to a
restart?
PWR.
More information about the freebsd-questions
mailing list