All PHP clients get 500 internal error

[cwalke32477]

All of my clients are getting 500 internal errors on PHP websites.
The only thing I changed today was to turn on register_globals for OScommerce to work.
I also copied some cpmove files into my home directory.
Now all of a sudden, all of my clients get 500 internal errors. The funny thing is, my site (which has super user access) works just fine.

I have tried nearly every fix on the cPanel forums, I could find for 500 internal errors.
resetting perms does not work, recompiling apache/php does not work, upcp --force did not work
Does anyone have any other ideas on this?

Sincerely,
Chris Walker
Desperate server noob

tail -n 500 /usr/local/apache/logs/error_log

[Tue Apr 13 03:14:28 2010] [error] [client 66.249.71.139] SoftException in Application.cpp:592: Directory /home is not owned by varyico
[Tue Apr 13 03:14:28 2010] [error] [client 66.249.71.139] Premature end of script headers: index.php
[Tue Apr 13 03:14:28 2010] [error] [client 66.249.71.139] File does not exist: /home/varyico/public_html/500.shtml
[Tue Apr 13 03:14:52 2010] [error] [client 119.63.198.40] File does not exist: /home/dranolak/public_html/robots.txt
[Tue Apr 13 03:14:52 2010] [error] [client 119.63.198.40] File does not exist: /home/dranolak/public_html/404.shtml

 

[dsampaio]

You should check the suze of /usr/local/apache/logs/suphp_log. It can't be bigger than 2 Gb.

It solved my problem a long time a go.

 

[cwalke32477]

how do I check the size?

 

[dsampaio]

Try "ll /usr/local/apache/logs/suphp_log" on SSH.

 

[cwalke32477]

Actually I just went and deleted the log, and recreated it.
then I went to a client's site, and it is still doing the same thing

Here's a small snippet of my new empty suphp_log file(starts filling up quick, eh?)

[Tue Apr 13 03:46:56 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504
[Tue Apr 13 03:46:57 2010] [warn] Directory "/home/chickena/public_html/includes" is writeable by group
[Tue Apr 13 03:47:18 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504
[Tue Apr 13 03:47:19 2010] [warn] Directory /home is not owned by rjonline
[Tue Apr 13 03:47:41 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504
[Tue Apr 13 03:48:03 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504
[Tue Apr 13 03:48:19 2010] [warn] Directory /home is not owned by paradise
[Tue Apr 13 03:48:25 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504
[Tue Apr 13 03:48:48 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504
[Tue Apr 13 03:49:10 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504
[Tue Apr 13 03:49:12 2010] [warn] Directory /home is not owned by michael1
[Tue Apr 13 03:49:30 2010] [info] Executing "/home/siterack/public_html/livezilla/image.php" as UID 507, GID 504
[Tue Apr 13 03:49:30 2010] [warn] Directory /home is not owned by chickena
[Tue Apr 13 03:49:32 2010] [info] Executing "/home/siterack/public_html/livezilla/server.php" as UID 507, GID 504

I may also add to my first statement.
To get the cpmove files, I downloaded, to the home directory I used this command.
#cd /home/xxxxuserxxxx/public_html/cpmovefiles/
#cp -ap . /home
That copied all the file to the /home directory
Then from WHM i went to backup, then restore a cpmove/backup file, and individualy restored the backups.

For some reason, it's these processes, I suspect as the culprit

 

[cwalke32477]

I got it fixed!
Ty to InstaKarma for the following:

Fix the ownership of /home:
Code:
chown root.root /home

To change the ownership of all accounts to the respective user.user :
Code:
 cd /home
    ls -al | grep root

    for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
    for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

Then after that, some sites still gave a 403 access denied error. So I was able to do the following:

/scripts/chownpublichtmls

However, in the post where InstaKarma mentioned the chown root.root /home command, another poster mentioned that his process will break other things like emails.

I felt 500 internal server errors superceded email in desperate priority, so now on to see if email works properly. If not, I imagine I can change the mail server type to devocet and then back to repair broken email accounts.

 

[cwalke32477]

as was stated I did have some issues with emails. However, they were easily fixed by running "repair mailbox permissions" within WHM's email section.

It also broke addon domain permissions. But I only had the change the addon domain's folder back to 755. Fortunately I only had a few clients running any add on domains.

All is good. A disaster recovered from in 3 hours, by me is a good thing. I'm totally new to this world with only 3 months server experience. Man! What a learning experience it has been. Especially for a Windows junkie.

 

[Spiral]

as was stated I did have some issues with emails. However, they were easily fixed by running "repair mailbox permissions" within WHM's email section.

Your email issues are related to the previous command you said you ran:

for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

This is some pretty poor code even looking at that as a quick fix, it is still very bad. Totally ignoring the security ramifications, there is also the added problem that you are blindly changing EVERYTHING in the entire account to the owner name as both owner and group for every file and folder in the account but there should be different permissions and different owners and groups for certain items within the account (mail being a good example) so running the above command is actually what caused your current problem.

When you ran /scripts/chownpublichtmls, this fixed your "public_html" folder but doesn't do anything for the other folders that you destroyed the ownerships per running the previous command.

Regarding mail, make the "etc" folder and contents inside each of your accounts have the ownership "owner:mail" where owner would be the owner login for the account.

In the sam way make the .htpasswds and public_html folders "owner:nobody"

(Incidentally "x:x" notation above is a shorthand in linux to set both the owner and the group at the same time)