[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: suexec permissions

Blair Strang wrote:

nodata wrote:

Good morning,

I'm having a some permissions trouble with suexec running on Sarge.

I have a virtualhost for a user called Bob which specifies User Bob and
Group Bob in the /etc/apache/conf.d/bob.conf file.


If I switch user to bob, and run ls -la on /, /var, /var/www, /var/www/bob I can see all of the files, so why is apache running as this user not able


You'll probably find that all your Apache processes are running as www-data based on the User directive in your main httpd.conf -- and they can't read bob's files. Only CGI scripts will be affected by the "User" directive in a

From: http://httpd.apache.org/docs/mod/core.html#user

"Special note: Use of this directive in <VirtualHost> requires a properly
configured suEXEC wrapper. When used inside a <VirtualHost> in this manner, only the user that CGIs are run as is affected. Non-CGI requests are still
processed with the user specified in the main User directive."

Therefore, if you have a user called bob, and a group called bob, make the files group readable, and make the user www-data a member of that group. That should do it. Forget suexec, it is far more complicated than what it sounds like you need.

Regards, Upayavira

Reply to: