The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

phpsuexec is no good

Discussion in 'General Discussion' started by nightscream, Apr 22, 2003.

  1. nightscream

    nightscream Member

    Joined:
    Sep 28, 2002
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    After installing this option with Apache a couple of weeks ago, all php scripts went dead, we ran the postsuexec script to fix this mess which did for old scripts but now whenever a new script is installed the same thing happens..
    Do we have to run the fix script each time a client uploads a php script or is there a more logical approach to this?
     
  2. silversurfer

    silversurfer Well-Known Member

    Joined:
    Dec 29, 2002
    Messages:
    274
    Likes Received:
    0
    Trophy Points:
    18
    phpsuexec run php as cgi. You will need to add a new line to the top of EVERY php script installed for it to work (just like in cgi)
     
  3. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    Just tested in a spare server and PHP scripts work with access permissions as restricted as 0600 and without the shebang line.

    <?php
    echo("HELLO");
    ?>

    # ls -l test.php

    -rw------- 1 user user 239 Apr 22 05:04 test.php
     
  4. mpierre

    mpierre Well-Known Member

    Joined:
    Jun 30, 2002
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    No you don't...

    I managed to run PHP code with PHPsuexec installed. I uninstalled it because I had other problems with it which I am still trying to figure out,

    but it doesn't need the CGI directive.
     
  5. TeaParty

    TeaParty Member

    Joined:
    Apr 9, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    script needs chmodding 755 or tighter
    phpsuexec works fine.
     
  6. Faldran

    Faldran Well-Known Member

    Joined:
    May 28, 2002
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    With php+suexec, all php scripts run like normal with chmod as 644, which means 99% of all scripts do not need to be changed ( if they were setup right ).

    Only scripts that have been chmod to world write premissions must be moved to 644 or 755 to work.. ( and of course any direcotry that has php scripts in it, must be chmod to 755, instead of 777 [ again they can not have world write permissions ])

    And only other final thing is any script that writes files to the server must be chown to the username, these are usually ones like galleries, or a few that use .lock or flat file databases...

    That is the most of the changes, you would have to make, except for a few .htaccess things that need to be changed. i.e. someone used Mime Type to phrase html as php would have to be changed to apache handler.. nothing too hard there..
     
  7. Annette

    Annette Well-Known Member
    PartnerNOC

    Joined:
    Aug 12, 2001
    Messages:
    445
    Likes Received:
    0
    Trophy Points:
    16
    I'm rather curious to see if anyone has done a large scale conversion to phpsuexec on a production server (~200 sites) - especially anyone who has a lot of blogs hosted with addons (gallery, etc.). I'd love to turn this on as we do our migration, but I'm wondering if the headaches that will no doubt arise because of permissions and ownership will be worth it on existing boxes or if it would simply be better to turn it up on new boxes instead. Thoughts?
     
  8. mpierre

    mpierre Well-Known Member

    Joined:
    Jun 30, 2002
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    I had tried it on my server, but removed it because of a bug I found in a script heavily used by my clients ( and me ).

    Once I find the time, I'll reinstall it and share the experience...

    I have close to 200 accounts.
     
  9. Faldran

    Faldran Well-Known Member

    Joined:
    May 28, 2002
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    I converted a server with 200-300 clients on it, with only a few minor changes for client sites, as I stated above.. total we have move 800 clients to php+suexec, with minor problems, similar to what I described above.
     
  10. Annette

    Annette Well-Known Member
    PartnerNOC

    Joined:
    Aug 12, 2001
    Messages:
    445
    Likes Received:
    0
    Trophy Points:
    16
    Thanks, both of you. I think we'll start this on the next round of machines we set for migrating clients and see how it goes.
     
  11. elenlace

    elenlace Well-Known Member

    Joined:
    Sep 10, 2002
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    Change to apache handler...

    Hi there...

    I was about to migrate to phpsuexec when I read your post; I'm concerned because in a custom application used by my clients we use the following line in .htaccess:

    AddType application/x-httpd-php .php4 .php3 .php .phtml .css

    This is because we want to parse .css files as php files, to dynamically assign colors, fonts, font sizes, etc through php code (and through a MySQL database).

    If I understand your post correctly, I will need to change this line to be able to use phpsuexec? Would you be so kind to help me out in changing that line using Apache Handlers?

    Many thanks in advance,

    Alessandro Arona
    elenlace.com
     
  12. Faldran

    Faldran Well-Known Member

    Joined:
    May 28, 2002
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    AddType application/x-httpd-php .php4 .php3 .php .phtml .css

    to

    AddHandler application/x-httpd-php .php4 .php3 .php .phtml .css

    That is all that has to be changed.
     
  13. drhonk

    drhonk Active Member

    Joined:
    Aug 12, 2001
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    But still doesn't work with SSL. I kept on getting '500 Internal Server Error' with phpsuexec in SSL environment.
     
  14. drhonk

    drhonk Active Member

    Joined:
    Aug 12, 2001
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    nevermind .. got it to work.
     
  15. Hoster2k

    Hoster2k Well-Known Member

    Joined:
    Jun 17, 2002
    Messages:
    131
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    UK
    Would love to hear how it goes. I would like to recompile with phpsuexec some time soon for things like php scripts sending email from the username rather than nobody
     
  16. elenlace

    elenlace Well-Known Member

    Joined:
    Sep 10, 2002
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    Didn't work for me... disastrous results

    Hello,

    Just my 2 cents... I followed every direction in these forums for phpsuexec:

    - Compiled apache as indicated
    - Changed PHP scripts to be owned by owner
    - Changed PHP permissions to 755
    - Use AddHandler instead of AddType

    The results in my 240 account server were disastrous, just a few things that happenned:

    - Suddenly PHP stopped recognizing some functions, such as mysql_connect. Most dynamic websites that use MySQL stopped working.
    - If a function was inside a script and haven't been defined before being called in return a error (this hadn't been an issue since PHP 4.0.6 I think).
    - A custom app we sell that uses Apache Basic authentication through PHP stopped working; PHP didn't recognize PHP_AUTH_USER anymore. Users couldn't log on.
    - A few other issues with PHP acting weird (suddenly working fine and then a few minutes after suddenly not recognizing functions, classes, extensions).

    I have not give up on phpsuexec however we have returned to the regular compiled Apache with PHP 4.3.1, we plan to revisit phpsuexec in a few months when surely most of these issues have been debugged.

    My personal suggestion is give it a test, maybe on a low traffic day such as a Saturday or Sunday, and debug, debug, debug until you make sure it works fine. If it works for you great, if it doesn't then wait as the others.

    Regards,

    Alessandro Arona
    elenlace.com
     
  17. Faldran

    Faldran Well-Known Member

    Joined:
    May 28, 2002
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    Re: Didn't work for me... disastrous results

    I did not do that to any of our sites... it is not needed most of the time, only ones that typically need changed are those that chmod thier files to 777 ( should be returned to 644 ) chmod everything to 755 breaks some scripts ( bud would have to read instructions on each script to find proper settings )

    I did not have any problems with that... not sure what to say there.

    Did you upgrade PHP? Sounds more like a PHP issue than the PHP+SuExec problem.


    Only had one have this problem ( was my site, I just re-wrote the scripts.. had been planning that for a while any ways ) Besides making a different login scripts, I do not know a solution to this.

    Again, I did not run into anything like this.. hmm..

    One thing, I did not see, was did you chown each users files, back to them, on the sites that did not work. Most likely alot of them have files saved as "nobody" as the user, once you do the upgrade, anything as user nobody, will stop working.

    Well, some have good luck in the change, while others do not.. The only thing I can say, is that after the upgrade, monitor the suexec_log and error_log you will see what needs to be fixed pretty quickly...
     
  18. elenlace

    elenlace Well-Known Member

    Joined:
    Sep 10, 2002
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    Hi,

    Thanks for your reply; yes I ran /scripts/easyapache and chose option 2, (apache+phpsuexec). I ran it before that with option 6 but then I recompiled when I saw the issues to try to fix it.

    PHP was 4.3.1 as expected, that was the strangest thing of all, it was behaving very strange. If I had just a few accounts on this server, maybe I could have waited for a few days to fix all the issues, but with around 150 customers with dynamic websites and the other 90 with general issues (the server going down and up for a few times), they were ringing the phone, the online chat and e-mail; it was impossible not go back.

    NOTE: I did change the ownership of PHP and other files, so all files on an account where owned by that username, not by nobody. After my scripts ran, no file was owned by nobody. Maybe I had bad luck, maybe my apps can't run with phpsuexec for the moment, maybe I made a mistake somewhere; who knows.

    Regards,

    Alessandro
     
    #18 elenlace, Apr 26, 2003
    Last edited: Apr 26, 2003
  19. Faldran

    Faldran Well-Known Member

    Joined:
    May 28, 2002
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    Yeah, seems alot of people have problems with the install of it. It is more work, to change from a non-php+SuExec than to start out fresh. ( not to mention teaching everyone the do's and don't of how to properly chmod files.. hehe )
     
  20. Annette

    Annette Well-Known Member
    PartnerNOC

    Joined:
    Aug 12, 2001
    Messages:
    445
    Likes Received:
    0
    Trophy Points:
    16
    We set up a couple of fresh servers with php+suexec the other day. Thus far, new accounts on those servers seem to have no issues. We're doing another round of migrations tonight of existing sites from servers that do not have php+suexec enabled to the new boxes, so we'll see what issues (if any) arise from that.
     

Share This Page