httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 49439] New: Bug in mod_userdir which prevents suexec from running
Date Mon, 14 Jun 2010 21:20:51 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49439

           Summary: Bug in mod_userdir which prevents suexec from running
           Product: Apache httpd-2
           Version: 2.2.15
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_userdir
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: baryluk@smp.if.uj.edu.pl


Full description here http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528062

This bug was also present in mod_ldap_userdir but its author solved it using
similar patch.


I have apache2 configured with mod_userdir + mod_suexec + mod_fcgid (for
runing php5-cgi in my case).


According to http://httpd.apache.org/docs/2.2/suexec.html#usage
handling of /~baryluk/ should automagically work (by working, I mean fcgid
scripts
are run under uid baryluk).


Currently this scripts are run under the www-data uid, because
as I first written mod_userdir.c is not working correctly (not to be honest,
not well tested - this error is sitting there very very long).


Here is my exact (i hope) configuration attached:

# apt-get install apache2 apache2-suexec libapache2-mod-fcgid php5-cgi
# a2enmod actions suexec userdir fcgid

Relevant files in attachment

/etc/apache2/sites-available/default
/etc/apache2/conf.d/php-fcgid.conf

/home/baryluk/public_html/test.php
/home/baryluk/public_html/fcgi-bin/php-fcgi-wrapper
/home/baryluk/public_html/.htaccess
(edit the last one if other username needed)

# chown -R baryluk:users /home/baryluk/public_html

# /etc/init.d/apache2 restart

Then point your web browser to http://servername/~baryluk/test.php

You will see, `whoami` output one the first line. It will say
"www-data", but should say "baryluk".

This simply mean that suexec support in userdir is not working
correctly.


Patch in first post resolves this problem. There was identical problem
in ldap-userdir, but is already solved there in the same way.


All patches against 2.2.11 at address
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528062

Please at least comment this, as Debian maintainers doesn't seems to be
interested.

This need to be fixed in code or in documentation.

Thanks you.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message