Bug#151422: apache2-common: suexec does not work well
Package: apache2-common
Severity: normal
Version: 2.0.37-2
apache2's suexec cannot work well, it always returns 501.
This is because suexec configuration is not sufficient.
First, permission of /usr/sbin/suexec2 is just 755, but it should be 4755.
Next, when just running suexec2 only, the result is as follows,
# /usr/sbin/suexec2
failed to open log file
fopen: No such file or directory
# strace /usr/sbin/apache2
execve("/usr/sbin/suexec2", ["/usr/sbin/suexec2"], [/* 35 vars */]) = 0
uname({sys="Linux", node="dita.omt.local-network", ...}) = 0
brk(0) = 0x804b5f4
(snip)
open("/usr/local/apache/logs/cgi.log", O_WRONLY|O_APPEND|O_CREAT, 0666) = -1 ENOENT (No such file or directory)
write(2, "failed to open log file\n", 24failed to open log file) = 24
write(2, "fopen: No such file or directory"..., 33fopen: No such file or directory) = 33
_exit(1) = ?
suexec log's location is not satisfy FHS, this file should be
in /var/log/apache2.
Because the suexec rules are stricted in apache2, it needs suexec optioning
properly in configure.
And I think, suexec2 should not be in /usr/sbin but be
/usr/lib/apache2/suexec2 like apache-common.
So I suggest debian/rules be as follows,
AP2_CONFARGS = --enable-layout=Debian --enable-so \
(snip)
--enable-cgi=shared \
--with-suexec-caller=www-data --with-suexec-bin=/usr/lib/apache2/suexec2 \
--with-suexec-docroot=/var/www/apache2-default \
--with-suexec-userdir=public_html \
--with-suexec-logfile=/var/log/apache2/suexec.log
(snip)
mv debian/apache2-mpm-worker/usr/sbin/suexec debian/apache2-common/usr/lib/apache2/suexec2
chmod 4755 debian/apache2-common/usr/lib/apache2/suexec2
...
It works well in my environment by this change.
thanks
--
Masahito Omote(omote@debian.org)
--
To UNSUBSCRIBE, email to debian-apache-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: