The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Execute php permissions group owner fails.

Discussion in 'General Discussion' started by wyattbiker, Mar 25, 2011.

  1. wyattbiker

    wyattbiker Member

    Joined:
    Nov 26, 2010
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    I have a peculiar situation. I created a new group and a new user in that group from the command line. (I have root access). I need to do this for a user to connect via SSH a cpanel created database but block them from logging into cpanel itself nor any of the folders. The connection works fine and they can see the database.

    In addition I added the user and the cpaneladmin under the new group.

    I then also created a folder under public_html and gave permissions to the new group.

    I created in the folder a simple phpinfo.php file but I cant get it to execute. Even though i set execute permissions for ugo. However I can access a dummy file via http://.... a test.html file.

    Any ideas? Why cant my php code execute? Do I have to add something to the apache?

    Here is the stat privfolder

    File: `privfolder'
    Size: 4096 Blocks: 8 IO Block: 4096 directory
    Device: 803h/2051d Inode: 6457078 Links: 2
    Access: (0775/drwxrwxr-x) Uid: ( 503/ cpaneladmin) Gid: (32010/grpprivfolder)
    Access: 2011-03-25 16:06:25.000000000 -0400
    Modify: 2011-03-25 15:57:24.000000000 -0400
    Change: 2011-03-25 16:05:54.000000000 -0400
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Are you running suPHP? If so, that folder has permissions set too high. They cannot be higher than 755 for any folder under suPHP nor higher than 644 for any file.

    You can determine the PHP handler in WHM > Apache Configuration > PHP and SuExec Configuration area.
     
  3. wyattbiker

    wyattbiker Member

    Joined:
    Nov 26, 2010
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    I am running suPHP. I changed the folder to 755 and the phpi.php to 644. The group is grpfolder and the owner is cpaneladmin. Still doesnt work. However if I change the group to cpaneladmin it works fine.

    I would like to set the group to grpfolder so that I can have my user create php code and save it in this folder.

    Current Configuration

    Option Configured Value
    Default PHP Version (.php files) 5
    PHP 5 Handler suphp
    PHP 4 Handler none
    Apache suEXEC on
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    What is the exact error in the error logs for Apache or suPHP at /usr/local/apache/logs/error_log or suphp_log

    I don't think suPHP is going to allow the group to not be the same as the owner in this instance and that's the issue. I am wondering if you disable FileProtect by running /scripts/disablefileprotect if that would get it to work. It's pretty insecure to be disabling FileProtect, though, and I'm not sure if that's possible to do on a per-user basis instead.

    If you do decide to disable FileProtect, you'll need to redistill Apache, rebuild Apache and restart it:

    Code:
    cp /usr/usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.bak110325
    /usr/local/cpanel/bin/apache_conf_distiller --update
    /scripts/rebuildhttpdconf
    /etc/init.d/httpd restart
     
  5. wyattbiker

    wyattbiker Member

    Joined:
    Nov 26, 2010
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    SoftException in Application.cpp:256: File ".........../phpi.php" is writeable by group

    SoftException in Application.cpp:431: Mismatch between target GID (501) and GID (32010) of file "............./phpi.php"

    Should I create a user who has the same name as the group? Will that help?
     
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    First of all, it says the file permissions are still too high on that file, so ensure the file permissions aren't higher than 644 again.

    Can you grep the GID number in /etc/group for 501 and 32010 to ensure which users it is reporting for the group?
     
  7. pak

    pak Member

    Joined:
    Mar 26, 2011
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Pakistan
    phpi.php is very important configuration file for php to run properly, you must check its permissions are correct, as suggested above should be 644 unless you need it for specific task.
     
Loading...

Share This Page