sharing directory for users /home/scripts

[asmithjr]

I have set up a new server to move my accounts from my old server. I am trying to remember how I got this working on my older server.

I have a set of php scripts I want all my websites to use and have placed them in /home/scripts.
In the Apache Service Configuration »Apache Configuration »Include Editor I have placed Alias /scripts /home/scripts in the Pre VirtualHost Include then made the Update.

Now when I go to one of my websites example.com/scripts/file.php I get the dreaded 500 error.
I can change the ownership to that example.com user:user and I can then access example.com/scripts/file.php just fine. As soon as I change the ownership to anything other it breaks.
So when I go to example1.com/scripts/file.php I get the 500 error. I change permissions to user1:user1 and it then works but example.com/scripts/file.php stops working.

I have gone into the /etc/group and added root to the end of the line in the wheel group and changed the ownership to root:root for the folder and files in /home/scripts and this is not helping.

Here is the kicker. I have the exact formula working on the original server. I can verify the files and permissions etc on the origional and they are the same on both servers.

Yes I do have root access and yes the few websites I have on the server are all for my company and not sharing with others.

Anyone have an idea what I am missing now.

 

[asmithjr]

Update. I see in my /usr/local/apache/logs/error_log UID of script "/home/scripts/file.php" is smaller than min_uid.

Checking I do have Service Configuration »Configure PHP and suEXEC
Default PHP Version (.php files) 5
PHP 5 Handler suphp
Apache suEXEC on
Apache Ruid2 off

This means I am using suPHP. I understand this but my origional server has the same settings in WHM and yet it works and no errors.

 

[asmithjr]

Sorry to keep posting.
I copied my suphp.conf file from old server to new server and problem is resolved.

Michael. I am not sure it you want to just delete this thread.

 

[cPanelMichael]

I copied my suphp.conf file from old server to new server and problem is resolved.

Hello

I am happy to see you were able to address the issue. Sharing directories between accounts is considered a security risk. However, feel free to post a copy of your suphp.conf file should other users decide to take the same approach.

Thank you.

 

[asmithjr]

I agree with you, this is why I did not share the results. it would not be standard for most cPanel servers since typically for shared hosting accounts. In my case it is a dedicated server for just my group.

 

[nosajix]

I too have this exact problem. And while I understand the security risks of allowing this behavior, there are practical uses for this. Perhaps somebody knows what config value in suphp allow this?

 

[asmithjr]

look in the /etc/suphp.conf
find min_uid=100 change that equal to the lowest user that needs access or min_uid=0
find min_gid=100 change that equal to the lowest user group that needs access or min_gid=0
I do not remember but you may want to change the paranoid_uid and paranoid_gid

;paranoid_uid_check=true
;paranoid_gid_check=true
paranoid_uid_check=false
paranoid_gid_check=false

lock down everything else you can and use at your own risks. I've used this on internal servers only.