The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_ruid2 not working

Discussion in 'General Discussion' started by Cha0s, Jan 9, 2013.

  1. Cha0s

    Cha0s Member

    Joined:
    Mar 9, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Amsterdam
    Hello,

    I enabled mod_ruid2 on a server with quite a few accounts in order to use php as a DSO module instead of suPHP.

    Ι've enabled mod_ruid2 on other cpanel servers as well without any glitch.


    On this particular server though I can see that the httpd.conf is not recreated properly so no suid is performed on any vhost.
    This causes PHP to throw permission errors since it's run as user 'nobody' instead of the user of each account.

    I've tried to recompile apache/php using Easyapache many times and a full/forced cpanel update, but with no avail.

    Comparing httpd.conf with another cpanel server on which mod_ruid2 works properly I see the following differences

    Here is a snippet from a working vhost with mod_ruid2 on another server:

    Code:
    <VirtualHost *.*.*.*:80>
        ServerName domain.com
        ServerAlias www.domain.com
        DocumentRoot /home/domain/public_html
        ServerAdmin webmaster@domain.com
        UseCanonicalName Off
        CustomLog /usr/local/apache/domlogs/domain.com combined
        CustomLog /usr/local/apache/domlogs/domain.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
        ## User domain # Needed for Cpanel::ApacheConf
        <IfModule mod_suphp.c>
            suPHP_UserGroup domain domain
        </IfModule>
        <IfModule concurrent_php.c>
            php4_admin_value open_basedir "/home/domain:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
            php5_admin_value open_basedir "/home/domain:/usr/lib/php:/usr/local/lib/php:/tmp"
        </IfModule>
        <IfModule !concurrent_php.c>
            <IfModule mod_php4.c>
                php_admin_value open_basedir "/home/domain:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tm$
            </IfModule>
            <IfModule mod_php5.c>
                php_admin_value open_basedir "/home/domain:/usr/lib/php:/usr/local/lib/php:/tmp"
            </IfModule>
            <IfModule sapi_apache2.c>
                php_admin_value open_basedir "/home/domain:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tm$
            </IfModule>
        </IfModule>
        <IfModule !mod_disable_suexec.c>
            <IfModule !mod_ruid2.c>
                SuexecUserGroup domain domain
            </IfModule>
        </IfModule>
        <IfModule mod_ruid2.c>
            RUidGid domain domain
        </IfModule>
    
    
        # To customize this VirtualHost use an include file at the following location
        # Include "/usr/local/apache/conf/userdata/std/2/domain/domain.com/*.conf"
    
    </VirtualHost>

    While on the non-working server the vhosts are in the following format:

    Code:
    <VirtualHost *.*.*.*:80>
        ServerName domain.com
        ServerAlias www.domain.com
        DocumentRoot /home/domain/public_html
        ServerAdmin webmaster@domain.com
        UseCanonicalName Off
        CustomLog /usr/local/apache/domlogs/domain.com combined
        CustomLog /usr/local/apache/domlogs/domain.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
        ## User domain # Needed for Cpanel::ApacheConf
        <IfModule mod_suphp.c>
            suPHP_UserGroup domain domain
        </IfModule>
        <IfModule concurrent_php.c>
            php4_admin_value open_basedir "/home/domain/public_html:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/l$
            php5_admin_value open_basedir "/home/domain/public_html:/usr/lib/php:/usr/local/lib/php:/tmp"
        </IfModule>
        <IfModule !concurrent_php.c>
            <IfModule mod_php4.c>
                php_admin_value open_basedir "/home/domain/public_html:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php$
            </IfModule>
            <IfModule mod_php5.c>
                php_admin_value open_basedir "/home/domain/public_html:/usr/lib/php:/usr/local/lib/php:/tmp"
            </IfModule>
            <IfModule sapi_apache2.c>
                php_admin_value open_basedir "/home/domain/public_html:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php$
            </IfModule>
        </IfModule>
        <IfModule !mod_disable_suexec.c>
            SuexecUserGroup domain domain
        </IfModule>
        ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/
        
        
        # To customize this VirtualHost use an include file at the following location
        # Include "/usr/local/apache/conf/userdata/std/2/domain/domain.com/*.conf"
            
    </VirtualHost> 

    For some reason the following directive:

    Code:
        <IfModule mod_ruid2.c>
            RUidGid domain domain
        </IfModule>
    Is not included in httpd.conf making all vhosts run as user nobody instead of each account's uid/gid.


    My PHP & suEXEC configuration is as follows:

    Code:
    Default PHP Version (.php files) 	5
    PHP 5 Handler 	dso
    PHP 4 Handler 	none
     	 
    Apache suEXEC 	on
    Apache Ruid2 	on

    How can I fix httpd.conf (without manually editing it) to include the mod_ruid2 directive so all vhosts run as the proper user/group?


    Thanks.
     
  2. Cha0s

    Cha0s Member

    Joined:
    Mar 9, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Amsterdam
    Bump

    Anyone?
     
  3. abturnbull

    abturnbull Registered

    Joined:
    Oct 10, 2011
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi

    I too have seen the exact same issue, some servers its works fine, but on the others it does exactly what you describe above.

    Did you raise a ticket with Cpanel ?

    Thanks
     
  4. abturnbull

    abturnbull Registered

    Joined:
    Oct 10, 2011
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    My issue turned out to be

    the existance of .local files here

    ls -ltr /var/cpanel/templates/apache2/*vhost*local

    Thanks
     
  5. Cha0s

    Cha0s Member

    Joined:
    Mar 9, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Amsterdam
    Hello,

    Yes, that was the reply I got from cPanel :)

     
  6. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi Cha0s,

    I'm happy to hear that cPanel tech support was able to help out!
     
Loading...

Share This Page