RedFutura

Well-Known Member
Jun 11, 2003
72
0
156
I have on all my servers SuExec and PHPSuexec, but recently I had to remove PHPSuExec because I needed to instal eAccelerator (which I greatly recommend). The problem is that I don't understand 100% how SuExec works without PHSuexec.

This is how I think things should be. Please correct me if I am wrong:

1. With SuExec and PHPSuexec:
- All files and folders have owner user:user

2. With SuExec and NO PHPSuexec:
- PHP, HTML and all NON-CGI files have owner nobody:nobody
- Public_html folder has owner user:nobody <--- not 100% about this one
- Cgi-bin folder and files inside have owner user:user

With this setup most things work fine, but I have 2 main problems right now:
1. Apache cannot write in public_html root, but it can in folders inside.
2. Files cannot be deleted through FTP.

Any help would be greatly appreciated.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
Probably the simplest thing to do would be to run /scripts/chownpublichtmls which resets the /home/*/public_html directories to the correct ownership and permissions.

To clarify:

Suexec:

Has nothing to do with php and is solely for CGI scripts (usually perl) which run under the user:group of the account. The scripts must be owned by the account and within a directory that is not world writable to work

Phpsuexec:

Soley to do with php scripts. With it enabled, scripts and files should be owned by user:group and again should not be world writable With it disabled, scripts should still be owned by user:group, but files they create will be owned by nobody:nobody and so directory permissions and script permissions must be such that nobody:nobody can access them, i.e. chmod 666.
 

RedFutura

Well-Known Member
Jun 11, 2003
72
0
156
If I chmod a folder with 666 I get a 403 error.

If I chmod with 655 it works but apache cant write files on it.
 

RedFutura

Well-Known Member
Jun 11, 2003
72
0
156
Right now I have files and folders with owner user:group, and folders with chmod 755, but apache cannot upload files or modify files. Files have 644.

What should be the correct permissions? I have tried what chirpy said but I get a 403 error.
 

brianoz

Well-Known Member
Mar 13, 2004
1,146
7
168
Melbourne, Australia
cPanel Access Level
Root Administrator
RedFutura said:
Right now I have files and folders with owner user:group, and folders with chmod 755, but apache cannot upload files or modify files. Files have 644.

What should be the correct permissions? I have tried what chirpy said but I get a 403 error.
You most likely still have an ownership problem. If the ownerships were correct you'd have no problems with those permissions. So, if the user was "user1" the ownership and group should be user1:user1 and for directories, permission 755 and files 644.

If the ownership seems correct and you still get failures, my guess is you aren't really running phpsuexec/suexec. To verify this for sure, try a chmod 777 and put the following line in your PHP file and see what ownership the resulting file 'ownership' is, that will tell you what owner it is running as:
PHP:
<?php system("id > ownership"); ?>
 

brianoz

Well-Known Member
Mar 13, 2004
1,146
7
168
Melbourne, Australia
cPanel Access Level
Root Administrator
Actually on reflection, the anove was kind of a confusing way to work out who PHP is running as. Instead, putting this in a PHP file would be a smarter and more direct way of working out what it's running as:
PHP:
<?php passthru("id"); ?>
You could use variations on this, like replacing the "id" with "ps -ef | grep httpd", or 'ps -fp$$', to find out more.