Apache recompiled with PHPsuexec support

[Bdzzld]

Hello,

Next week I'd like to recompile Apache on all our servers with PHPsuexec support.
Each server, however, already contains over a hundred active accounts...

Do I have to do something special to the installed PHP scripts or will they work regardless? I've read something about PHPsuexec being very picky about the file and directory permissions...

Any help is greatly appreciated.
Thanks.

 

[shashank]

Here is some information about phpsuexec. You might want to check it out before doing it. It says world rightable scripts will not execute.

http://www.cablan.net/cablan/What_is_PHPSuexec_.449.0.html

I guess this will cause problems to some previously installed CMSs.

 

[Bdzzld]

Hi,

Thanks for the suggestion, but I've already checked out that site myself
Actually, I'm looking for a (3rd party?) script that would set permissions correct (or just advise the correct settings) for "incompatible" scripts. Manual checking is too time-consuming for 100+ account per server...

Thanks.

 

[Bdzzld]

I've read that suPHP is more stable.
Any one experience in migrating from normal mode to CGI mode with suPHP support?

Thanks.

 

[shashank]

Question really should be what kind of scripts do you run on the server ?

 

[bman]

just to be sure when i run
/scripts/easyapache and then select option number 5
that will build apache with PHPsuexec ? or just php

 

[Bdzzld]

All kinds of scripts are run on the server - whatever a customer has in his account....

I guess I'll need a script which checks the permissions of a file/directory and changes it accordingly if it does not have "compatible" permissions. I just want to avoid tons of support questions because clients are receiving "Internal server" messages after recompiling.
Is such a script somewhere out there?

 

[Kurieuo]

Old post, but... if you're still around... did you manage to come across something like what you were after?

I hate the 'nobody' user being created. I found nifty code here which allows easy chowning of users to their own user name, which I thought was great, however I have since realised this actually breaks some installed CMS' and the like which then attempt to rewrite as nobody the same files = invalid permissions = more support needed.

So, I really, really desire to go suexec, but need a step-by-step migration plan that is successful which will reduce the impact upon my 350+ hosted clients.

I found a file/folder changing permissions. But then there is the conversions of .htaccess commands I believe into php.ini that would likely be required... and anything else I am not aware of which could break peoples scripts.

Still doing my searching, so hopefully I will come across something. But in the event I don't, does anyone know if something like this is around? I can't express how much I'd appreciate it.

 

[cPanelDavidG]

Old post, but... if you're still around... did you manage to come across something like what you were after?

I hate the 'nobody' user being created. I found nifty code here which allows easy chowning of users to their own user name, which I thought was great, however I have since realised this actually breaks some installed CMS' and the like which then attempt to rewrite as nobody the same files = invalid permissions = more support needed.

So, I really, really desire to go suexec, but need a step-by-step migration plan that is successful which will reduce the impact upon my 350+ hosted clients.

I found a file/folder changing permissions. But then there is the conversions of .htaccess commands I believe into php.ini that would likely be required... and anything else I am not aware of which could break peoples scripts.

Still doing my searching, so hopefully I will come across something. But in the event I don't, does anyone know if something like this is around? I can't express how much I'd appreciate it.

This is an incredibly old thread.

You may want to simply check the boxes labeled "SuPHP" and "SuExec" in EasyApache 3 to enable SuPHP and SuExec support. phpSuExec is no longer supported (replaced with SuPHP).

 

[Infopro]

Old post, but... if you're still around... did you manage to come across something like what you were after?

I hate the 'nobody' user being created. I found nifty code here which allows easy chowning of users to their own user name, which I thought was great, however I have since realised this actually breaks some installed CMS' and the like which then attempt to rewrite as nobody the same files = invalid permissions = more support needed.

So, I really, really desire to go suexec, but need a step-by-step migration plan that is successful which will reduce the impact upon my 350+ hosted clients.

I found a file/folder changing permissions. But then there is the conversions of .htaccess commands I believe into php.ini that would likely be required... and anything else I am not aware of which could break peoples scripts.

Still doing my searching, so hopefully I will come across something. But in the event I don't, does anyone know if something like this is around? I can't express how much I'd appreciate it.

Unless you have a lot of customizing going on, you'll probably be fine. The EA3 script has come a long way and takes many things into concideration when run.


These may be helpful to you to make sure all goes well.

Set owner of all user files

Also you can run the following to ensure all users files are correctly owned.

You can do this running the following commands in shell as root;

for CPAccess in `ls -A /var/cpanel/users`; do chown -R $CPAccess:$CPAccess /home/$CPAccess; done

for CPAccess in `ls -A /var/cpanel/users`; do chown -R $CPAccess:mail /home/$CPAccess/etc /home/$CPAccess/mail; done

for CPAccess in `ls -A /var/cpanel/users`; do chown -R $CPAccess:nobody /home/$CPAccess/public_html; done

Set permissions of all user files

find /home*/*/public_html -type d -perm 0777 -exec chmod 755 {} \;
find /home*/*/public_html -type f -perm 0666 -exec chmod 644 {} \;

Find htaccess file with php_flags in them.

find /home -name '.htaccess' -exec grep -i 'php_' {} \; -print


find /home -name '.htaccess' -exec grep -i '' {} \; -print

 

[Kurieuo]

Infopro - thanks for summarising everything in one post. Your steps were just what I was after as well as confirmation that this should resolve everything.

Any issues that come up after enabling suphp (hopefully none) I will just deal with as they come in. Can't wait to be free from nobody!

 

[Infopro]

I know the feeling and was concerned as well before jumping in.

The water is warm though. Have fun!. :p

 

[cPanelKenneth]

I know the feeling and was concerned as well before jumping in.

The water is warm though. Have fun!. :p

I hope that's not the kiddie pool you are in :p

 

[Infopro]

Some days it sure feels like it. :D

 

[Kurieuo]

Haven't done this yet, as I am in the process of a server move and going to wait until that settles before making the switch.

Just wondering, has anyone developed a script (or know of one existing) which translates .htaccess commands into the php.ini file? That would be extremely helpful! I haven't been able to come across one yet.

 

[Parcye]

In a few hours time I am going to do this.

The big question is, where do i place the custom php.ini files?

In public_html or in the root of the user folder?

 

[Kurieuo]

Don't take my word for it, but I read you just place them in the folder where you want the changes to take effect.

 

[mtindor]

In a few hours time I am going to do this.

The big question is, where do i place the custom php.ini files?

In public_html or in the root of the user folder?

In public_html _and_ any subdirectories or nested subdirectories beneath public_html if you have php applications or parts of php applications in those directories that need to inherit those settings.

Unfortunately it is not as easy as just putting php.ini in a single folder for it to recursively work by default when using SuPHP.

mike

 

[Bdzzld]

Correct. Just place the php.ini file in the paths that require the alternate configuration...

 

[rhm.geerts]

I just read this and the other thread and I'm curious.

I've upgraded our cpanel server last night. There are lots of .htaccess files around with php value's in them.
When I change them to .php.ini the sites are working fine.

But is there a way to just get the .htaccess files back working like they did before the easyapache upgrade (I upgrade php and mysql)?