The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_ruid2 and suPHP

Discussion in 'Security' started by jeremys_ppc, Oct 26, 2014.

  1. jeremys_ppc

    jeremys_ppc Member

    Joined:
    May 7, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I know that there are various topics on this but all the posts I've ran across are pretty dated and don't correspond to the current cPanel build structure. In any case there is a profile in EasyApache that is for mod ruid2 and it states in the description "We recommend that you select this profile if you use either the CGI, DSO, or the suPHP PHP handler." With this being said, I selected this profile and am using suPHP as the PHP Handler however I keep getting an Internal 500 error.

    I've seen earlier posts that say to use DSO, which I know runs well. However, since this requires to have the php value overrides in the .htaccess instead of custom php.ini this won't work for my setup. I have also seen elsewhere that mod ruid2 doesn't work with suPHP however if that was the case I find it strange that the description gives the impression that it could be used.

    Any help in getting mod_ruid2 working with suPHP would be appreciated.
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    942
    Likes Received:
    57
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Can you check your apache error log for the specific 500 error?
     
  3. Shavaun

    Shavaun Well-Known Member

    Joined:
    Aug 15, 2013
    Messages:
    106
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    You might also want to check through these two docs:

    https://documentation.cpanel.net/display/EA/Apache+Module:+ModRuid2
    https://documentation.cpanel.net/display/EA/Apache+Module:+SuPHP

    To see if there are any incompatible settings. In particular this warning:

    Do not select suPHP as your PHP handler if you use ModRuid2 with the "EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell." option in the Security tab of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings).

    Basically you can use Mod Ruid2 with suPHP, as long as you don't ALSO select that option in your Tweak Settings in WHM.
     
  4. jeremys_ppc

    jeremys_ppc Member

    Joined:
    May 7, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    The error I get is

    [Mon Oct 27 11:26:57 2014] [error] [client 208.93.154.116] SecurityException in Application.cpp:186: Do not have root privileges. Executable not set-uid root?

    I've looked up this issue an 99% of what I've found says that the SuPHP binary missing its “sticky” permissions, however I've verified that the permissions are set correctly.

    CPShavaun, I did have "EXPERIMENTAL: Jail Apache Virtual host using mod_ruid2 and cPanel jailshell" but disabling it didn't seem to change the error.
     
  5. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    942
    Likes Received:
    57
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    If you're sure that /opt/suphp/sbin/suphp is chmod 4755 (not just 755) then you might want to just open a cPanel ticket on this one.
     
  6. jeremys_ppc

    jeremys_ppc Member

    Joined:
    May 7, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Strange thing is it is working now... after disabling the mod_ruid2 and cPanel jailshell it still wasn't working but then I reapplied the profile and now it works. Not sure what the deal was with that but it appears to be linked to the jail shell setting.
     
  7. Shavaun

    Shavaun Well-Known Member

    Joined:
    Aug 15, 2013
    Messages:
    106
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    That is correct, after you disable the tweak setting, you have to rerun EasyApache so that it rebuilds everything. Sorry I did not specify. I'm glad you were able to get it working though.

    We have case 70561 open to fix the issue.
     
Loading...

Share This Page