Mike St

Member
Jul 21, 2014
12
0
1
cPanel Access Level
Root Administrator
Here's my problem.

I ended up creating my own apache module to try to update a file that the default apache user has access to with no success. I keep receiving permission error even tho I asked apache to execute my module before mod_ruid2 decides to switch usernames. But then on my server, I discovered that suexec is also compiled into apache.

Here are the modules in my server:

core_module (static)
authn_file_module (static)
authn_default_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authz_default_module (static)
auth_basic_module (static)
include_module (static)
filter_module (static)
deflate_module (static)
log_config_module (static)
logio_module (static)
env_module (static)
expires_module (static)
headers_module (static)
setenvif_module (static)
version_module (static)
proxy_module (static)
proxy_connect_module (static)
proxy_ftp_module (static)
proxy_http_module (static)
proxy_scgi_module (static)
proxy_ajp_module (static)
proxy_balancer_module (static)
ssl_module (static)
mpm_prefork_module (static)
http_module (static)
mime_module (static)
status_module (static)
autoindex_module (static)
asis_module (static)
info_module (static)
suexec_module (static) ***
cgi_module (static)
negotiation_module (static)
dir_module (static)
actions_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
so_module (static)
bwlimited_module (shared)
ruid2_module (shared) ***
php5_module (shared)


The ones I triple-starred are ones I believe are the only ones on my list that actually switch the username from the apache default to that of the user folder.

I used easyapache to setup my apache configuration yet there is no option specifically to disable mod_suexec and I want to do that because that functionality is already contained in ruid2_module and I'd rather have speed as opposed to redundant functionality.

Do I have to modify a configuration file to disable mod_suexec and rerun easyapache?

and are there any modules mentioned above that change user of the running process?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello :)

You can configure suexec via:

"WHM Home » Service Configuration » Configure PHP and suEXEC"

Note that you may simply want to update your script so it does not have to run as the Apache user itself. Please also see:

Mod_Ruid2 - Documentation

Thank you.
 

Mike St

Member
Jul 21, 2014
12
0
1
cPanel Access Level
Root Administrator
Hello :)

You can configure suexec via:

"WHM Home » Service Configuration » Configure PHP and suEXEC"
Following your advice will cause this line to be added to the config:

LoadModule disable_suexec_module modules/mod_disable_suexec.so

I'd rather have no suexec related modules added regardless of whether or not they're statically compiled.
The only user switching module I want to load is mod_ruid2.

I want it so that when I execute httpd -M, I do not see this module in the list:

suexec_module
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
I don't believe it's possible to do that without breaking other aspects of cPanel/WHM. Are you worried about CPU utilization when it's disabled this way?

Thank you.
 

Mike St

Member
Jul 21, 2014
12
0
1
cPanel Access Level
Root Administrator
I just want more speed and less memory usage and fewer crashes on the php-enabled server. With a standard setup, each apache child uses between 20 and 40MB ram which doesn't allow me to serve too many users. I'll be lucky if I can server 150 users simultaneously. I'd like to serve more because the world now consists of people wanting to get everything done all at once.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
I don't believe the suexec module in it's disabled state causes any additional resource utilization compared to if it wasn't listed in the Apache modules list at all.

Thank you.