Author Topic: Recompiling Apache with New Suexec Configuration - Cpanel Conversion - CENTOS7  (Read 265 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
I am spending time trying to recreate the suexec configuration to match our cpanel EasyApache4 Configuration from cpanel conversion.

The reason is I need to run server wide scripts, meaning (1) or (2) custom scripting bin directories from the location of /usr/local/apache that each and every virtual host account can access using suexec uid security the same as Cpanel.

I have narrowed it down to 2 issues.

I can run the server wide scripts only with suexec turned off, not loading the module, but with the module on I get errors.

So first issue is suexec on the Server is set for

 -D AP_DOC_ROOT="/home"
 -D AP_GID_MIN=100
 -D AP_HTTPD_USER="nobody"
 -D AP_LOG_EXEC="/usr/local/apache/logs/suexec_log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=100
 -D AP_USERDIR_SUFFIX="public_html"

And Cpanel sets AP_DOC_ROOT="/"

Here is Cpanel

 -D AP_DOC_ROOT="/"
 -D AP_GID_MIN=100
 -D AP_HTTPD_USER="nobody"
 -D AP_LOG_EXEC="/etc/apache2/logs/suexec_log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=100
 -D AP_USERDIR_SUFFIX="public_html"

I need to recompile Suexec with this similar AP_DOC_ROOT="/"


2.  Then be able to have the httpd.conf and Vhosts.conf work in the similar manner.

I tried copying the Cpanel Suexec binary over and get the same suexec result, but when I run it I get this error in the suexec_log.

[2021-07-20 13:26:42]: uid: (1000/netstore) gid: (1000/netstore) cmd: test.pl
[2021-07-20 13:26:42]: error: target uid/gid (1000/1000) mismatch with directory (0/0) or program (0/0) or trusted user (0/10)


Running the script on the Cpanel Apache provides this in the log.

[2021-07-20 13:26:36]: uid: (1001/netstore) gid: (1002/netstore) cmd: test.pl


Any help would be appreciated.