Bug#227653: suexec is on by default, breaks user cgi scripts if UserDir has changed

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#227653: suexec is on by default, breaks user cgi scripts if UserDir has changed
From: Joey Hess <joeyh@debian.org>
Date: Wed, 14 Jan 2004 00:34:06 -0500
Message-id: <[🔎] 20040114053406.GA3912@kitenet.net>
Reply-to: Joey Hess <joeyh@debian.org>, 227653@bugs.debian.org

Package: apache2-common
Version: 2.0.48-4
Severity: normal

Read this strace and weep:

stat64("/home/joey/html/blog/index.cgi", {st_mode=S_IFREG|0755, st_size=1538, ...}) = 0
..
fork(Process 3822 attached
..
[pid  3822] execve("/usr/lib/apache2/suexec2", ["/usr/lib/apache2/suexec2", "~1000", "1000", "index.cgi"], [/* 22 vars*/]) = 0
..
[pid  3822] getcwd("/home/joey/html/blog", 4096) = 21
[pid  3822] chdir("/home/joey")         = 0
[pid  3822] chdir("public_html")        = -1 ENOENT (No such file or directory)
[pid  3822] time([1074057876])          = 1074057876
[pid  3822] write(3, "[2004-01-14 00:24:36]: cannot ge"..., 67) = 67

Note that I have my web server configured as follows:

root@dragon:/etc/apache2>grep UserDir -r .
./mods-enabled/userdir.conf:    UserDir html
./mods-available/userdir.conf:  UserDir html
./apache2.conf:UserDir html
root@dragon:/etc/apache2>grep -i suexec -r .
./mods-available/suexec.load:LoadModule suexec_module /usr/lib/apache2/modules/mod_suexec.so
root@dragon:/etc/apache2>ls mods-enabled/suexec*
zsh: no matches found: mods-enabled/suexec*

Why is suexec loaded even though it is not linked to mods-enabled?
Why does suexec ignore my UserDir setting and try to use a non-existant
"public_html" directory?

The workaround, as with every suexec problem I have ever filed a bug
on (and there have been many):

root@dragon:/usr/lib/apache2>dpkg-divert --add `pwd`/suexec2 --rename

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux dragon 2.4.24 #1 Thu Jan 8 15:48:32 EST 2004 i686
Locale: LANG=en_US, LC_CTYPE=en_US

Versions of packages apache2-common depends on:
ii  debconf                     1.4.3        Debian configuration management sy
ii  debianutils                 2.6.1        Miscellaneous utilities specific t
ii  libapr0                     2.0.48-4     The Apache Portable Runtime
ii  libc6                       2.3.2.ds1-10 GNU C Library: Shared libraries an
ii  libdb4.1                    4.1.25-10    Berkeley v4.1 Database Libraries [
ii  libexpat1                   1.95.6-6     XML parsing C library - runtime li
ii  libldap2                    2.1.23-1     OpenLDAP libraries
ii  libssl0.9.7                 0.9.7c-5     SSL shared libraries
ii  mime-support                3.23-1       MIME files 'mime.types' & 'mailcap
ii  net-tools                   1.60-8       The NET-3 networking toolkit
ii  openssl                     0.9.7c-5     Secure Socket Layer (SSL) binary a
ii  ssl-cert                    1.0-6        Simple debconf wrapper for openssl
ii  zlib1g                      1:1.2.1-3    compression library - runtime

-- no debconf information

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Re: Apache module Loading problem
Next by Date: Bug#227589: apache: segmentation fault on start (not Perl's fault)
Previous by thread: Re: Re: apache reload and child fault
Next by thread: Bug#227653: apache2-common: More like half-enabled
Index(es):
- Date
- Thread