Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

suexec AND mod_ruid2 in apache?

Discussion in 'EasyApache' started by Mike St, Feb 10, 2015.

  1. Mike St

    Mike St Member

    Joined:
    Jul 21, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Here's my problem.

    I ended up creating my own apache module to try to update a file that the default apache user has access to with no success. I keep receiving permission error even tho I asked apache to execute my module before mod_ruid2 decides to switch usernames. But then on my server, I discovered that suexec is also compiled into apache.

    Here are the modules in my server:

    core_module (static)
    authn_file_module (static)
    authn_default_module (static)
    authz_host_module (static)
    authz_groupfile_module (static)
    authz_user_module (static)
    authz_default_module (static)
    auth_basic_module (static)
    include_module (static)
    filter_module (static)
    deflate_module (static)
    log_config_module (static)
    logio_module (static)
    env_module (static)
    expires_module (static)
    headers_module (static)
    setenvif_module (static)
    version_module (static)
    proxy_module (static)
    proxy_connect_module (static)
    proxy_ftp_module (static)
    proxy_http_module (static)
    proxy_scgi_module (static)
    proxy_ajp_module (static)
    proxy_balancer_module (static)
    ssl_module (static)
    mpm_prefork_module (static)
    http_module (static)
    mime_module (static)
    status_module (static)
    autoindex_module (static)
    asis_module (static)
    info_module (static)
    suexec_module (static) ***
    cgi_module (static)
    negotiation_module (static)
    dir_module (static)
    actions_module (static)
    userdir_module (static)
    alias_module (static)
    rewrite_module (static)
    so_module (static)
    bwlimited_module (shared)
    ruid2_module (shared) ***
    php5_module (shared)


    The ones I triple-starred are ones I believe are the only ones on my list that actually switch the username from the apache default to that of the user folder.

    I used easyapache to setup my apache configuration yet there is no option specifically to disable mod_suexec and I want to do that because that functionality is already contained in ruid2_module and I'd rather have speed as opposed to redundant functionality.

    Do I have to modify a configuration file to disable mod_suexec and rerun easyapache?

    and are there any modules mentioned above that change user of the running process?
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    You can configure suexec via:

    "WHM Home » Service Configuration » Configure PHP and suEXEC"

    Note that you may simply want to update your script so it does not have to run as the Apache user itself. Please also see:

    Mod_Ruid2 - Documentation

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Mike St

    Mike St Member

    Joined:
    Jul 21, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Following your advice will cause this line to be added to the config:

    LoadModule disable_suexec_module modules/mod_disable_suexec.so

    I'd rather have no suexec related modules added regardless of whether or not they're statically compiled.
    The only user switching module I want to load is mod_ruid2.

    I want it so that when I execute httpd -M, I do not see this module in the list:

    suexec_module
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    I don't believe it's possible to do that without breaking other aspects of cPanel/WHM. Are you worried about CPU utilization when it's disabled this way?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Mike St

    Mike St Member

    Joined:
    Jul 21, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I just want more speed and less memory usage and fewer crashes on the php-enabled server. With a standard setup, each apache child uses between 20 and 40MB ram which doesn't allow me to serve too many users. I'll be lucky if I can server 150 users simultaneously. I'd like to serve more because the world now consists of people wanting to get everything done all at once.
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    I don't believe the suexec module in it's disabled state causes any additional resource utilization compared to if it wasn't listed in the Apache modules list at all.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice