[BlueOnyx:04968] Re: 5106R YUM updates (suPHP)

Abdul Rashid Abdullah webmaster at muntada.com
Tue Jul 6 19:53:43 -05 2010 

Michael,

I have decided to test the suPHP on a low priority site that has a more
common configuration that I am using for the most common CMS I use.

Given username is xxx and site is www.yyy.org, here is the situation:

Public_html files are located in /home/sites/www.yyy.org/web/ (I have also
tried using the actual .sites path as well).

Private files which are referred to are located at
/home/sites/www.yyy.org/users/xxx/glfusion/.

If I set suPHP to enabled and set the web ownership to xxx I get a blank
page for the script.  However, if I disable suPHP, set the webownership to
xxx and then set specific directories that I know are being written to with
an ownership of apache everything works.

I am trying to figure this out.  I am going to post this same thing to the
glfusion developers to see if they have any insight but I am hoping I can
bring to light a situation that may come up when others go to implement.

Regards,

Rashid


On 7/5/10 1:32 PM, "Michael Stauber" <mstauber at blueonyx.it> wrote:

> Hi,
> 
>> This particular script requires some of the
>> files in a directory called parsed to be chown to apache or set with
>> a chmod 777.  If I do enable suPHP after setting ownership to apache,
>> I get a minuid error.  Very nice.  ;-)
> 
> If the readme of a script says "chown to apache and set to 777", then they do
> that because the script needs to access files (and/or folders) that it creates
> during runtime. When suPHP is enabled, you don't have to chown to apache and
> don't have to chmod to 777. Instead simply used the GUI to chown the folder to
> a siteAdmin and the script(s) will be able to access files and folders it
> created. Because those files will be created with the UID of that siteAdmin as
> well.
> 
>> Perhaps my whole issue is that I am complicating matters by trying to
>> do things outside the normal web path which was not accounted for
>> initially.
> 
> Yes, I think so, too. Your setup there is too extraordinary. You want PHP
> files from a subdomain to be able to access other files that belong to a /web
> directory of a user? That is not going to work with suPHP enabled. Even with
> "regular" PHP support enabled it is not going to work, as the open_basedir
> directive prevents it, because it prevents your scripts from accessing files
> outside it's designated web-root.
> 
> If the subdomain runs out of "/home/sites/www.4islamicschools.org/vhosts/",
> then the scripts there are only allowed to access files that reside in one of
> the following directories (or subdirectories of those paths):
> 
> /home/sites/www.4islamicschools.org/vhosts/
> /tmp
> /var/lib/php/session/

More information about the Blueonyx mailing list