FreeBSD forums:
I'm building a server to replace a very old FreeBSD 4.5 server, still barely hanging in there. I'm spinning my root:wheels tonight trying to get suexec working for apache22. Haven't found the problem, nor the solution after much tinkering and searching. Had even thought I'd found the solution while stepping through building this post, wrong!
The basic idea is simple, use server-side includes via a html/cgi perl script on apache22. Comparing against my working apache1.3 install, the suEXEC apache manual, even forcing my directory structure into default compliance (like this recommendation minus the virtualmin), nothing has resolved this issue.
//Note: I'm utterly failing at understanding how to properly pass apache22 or suEXEC compile options. My options don't seem to stick. I included the apache Makefile with a modified CONFIGURE_ARGS= to demonstrate.
I'm hoping the verbose inclusion of all related information will give some more skillful eyes a chance to right my way.
Obligatory:
Original .shtml include:
tail -f mysite.com-error_log:
http://pastie.org/1391130
apache22 Makefile:
http://pastie.org/1391048
make install output:
http://pastie.org/1391049
Clean format output of httpd.conf:
http://pastie.org/1391055
httpd-vhosts.conf:
apache22 compile options:
httpd-error.log output:
suexec options:
suexec complaining:
suexec_log:
suexec privileges:
I'm building a server to replace a very old FreeBSD 4.5 server, still barely hanging in there. I'm spinning my root:wheels tonight trying to get suexec working for apache22. Haven't found the problem, nor the solution after much tinkering and searching. Had even thought I'd found the solution while stepping through building this post, wrong!
The basic idea is simple, use server-side includes via a html/cgi perl script on apache22. Comparing against my working apache1.3 install, the suEXEC apache manual, even forcing my directory structure into default compliance (like this recommendation minus the virtualmin), nothing has resolved this issue.
//Note: I'm utterly failing at understanding how to properly pass apache22 or suEXEC compile options. My options don't seem to stick. I included the apache Makefile with a modified CONFIGURE_ARGS= to demonstrate.
I'm hoping the verbose inclusion of all related information will give some more skillful eyes a chance to right my way.
Obligatory:
Code:
[root@phoenixxi /sites]# uname -a
FreeBSD phoenixxi.digitalamusement.com 8.1-RELEASE FreeBSD 8.1-RELEASE #2: Mon Oct 4 04:18:23 CDT 2010
root@phoenixxi.digitalamusement.com:/usr/obj/usr/src/sys/KERNEL_XI i386Original .shtml include:
Code:
<!--#include virtual="cgi/dirlist.cgi">
[root@phoenixxi mysite.com/gamedev]# ll cgi/dirlist.cgi
2 -rwxr-xr-- 1 dasite dasite 1326 Dec 13 2005 cgi/dirlist.cgi
[root@phoenixxi mysite.com/gamedev/cgi]# ll
2 drwxr-xr-x 23 dasite dasite 2048 Oct 4 23:18 .
...
[root@phoenixxi mysite.com/cgi]# ./dirlist.cgi
Content-type: text/html
...tail -f mysite.com-error_log:
http://pastie.org/1391130
apache22 Makefile:
http://pastie.org/1391048
make install output:
http://pastie.org/1391049
Clean format output of httpd.conf:
http://pastie.org/1391055
httpd-vhosts.conf:
Code:
<VirtualHost *>
ServerAdmin [email]admin@mysite.com[/email]
DocumentRoot /usr/local/www/data/mysite.com
ServerName mysite.com
ServerAlias xi mysite.com *.mysite.com
ErrorLog logs/mysite.com-error_log
CustomLog logs/mysite.com-access_log common
ScriptAlias /cgi/ /usr/local/www/cgi-bin-dist/mysite.com
</VirtualHost>apache22 compile options:
Code:
[root@phoenixxi /usr/local/sbin]# httpd -V
Server version: Apache/2.2.15 (FreeBSD)
Server built: Dec 19 2010 19:34:35
Server's Module Magic Number: 20051115:24
Server loaded: APR 1.4.2, APR-Util 1.3.9
Compiled using: APR 1.4.2, APR-Util 1.3.9
Architecture: 32-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_USE_FLOCK_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/usr/local"
-D SUEXEC_BIN="/usr/local/sbin/suexec"
-D DEFAULT_PIDLOG="/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="etc/apache22/mime.types"
-D SERVER_CONFIG_FILE="etc/apache22/httpd.conf"httpd-error.log output:
Code:
// apachectl stop/start
[root@phoenixxi /usr/local/sbin]# tail -f /var/log/httpd-error.log
...
[Sun Dec 19 19:25:16 2010] [notice] caught SIGTERM, shutting down
[Sun Dec 19 20:05:14 2010] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Sun Dec 19 20:05:15 2010] [notice] Digest: generating secret for digest authentication ...
[Sun Dec 19 20:05:15 2010] [notice] Digest: done
[Sun Dec 19 20:05:16 2010] [notice] Apache/2.2.15 (FreeBSD) mod_ssl/2.2.15 OpenSSL/0.9.8n DAV/2
configured -- resuming normal operations
^Csuexec options:
Code:
[root@phoenixxi /usr/local/sbin]# suexec -V
-D AP_DOC_ROOT="/usr/local/www/data"
-D AP_GID_MIN=1000
-D AP_HTTPD_USER="www"
-D AP_LOG_EXEC="/var/log/httpd-suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=1000
-D AP_USERDIR_SUFFIX="public_html"suexec complaining:
Code:
[root@phoenixxi /usr/local/sbin]# suexec -v
suexec policy violation: see suexec log for more detailssuexec_log:
Code:
[root@phoenixxi /usr/local/sbin]# tail /var/log/httpd-suexec.log
[2010-12-19 19:47:52]: too few arguments
[2010-12-19 20:04:28]: too few arguments
[2010-12-19 20:05:38]: too few argumentssuexec privileges:
Code:
[root@phoenixxi /usr/local/sbin]# ll /usr/local/sbin/suexec
22 -rwsr-xr-x 1 root wheel 20543 Dec 19 19:46 /usr/local/sbin/suexec