[BlueOnyx:24386] Re: In mysql, user at localhost and user at 127.0.0.1 are different.

Thu Oct 15 03:26:45 -05 2020

Hi Tomohiro,

> In the case of a new installation (create or delete), I think that's true.
> But in the case of a migration, I personally think that's not enough.

That might be right.

> 2. We have decided not to move to suPHP and keep the DSO model.
> 
> 3. Removed --chown=$DirOwner in rsync to /web.
> 
> Due to the change in user permissions, the user's disk quota was also
> affected and mail could not be received.

Your choice of PHP implementation (DSO instead of *anything* else) is a
bad choice. DSO is basically the worst thing you could pick and as a
result of that choice you'll also get quota issues and inability of
siteAdmins to upload their content via FTP.

Any other PHP implementation (suPHP, FPM, mod_ruid2) allows you to set
the Web-Owner to one of the siteAdmins and PHP scripts are then executed
with the UID/GID of the owner. AND the siteAdmin who is defined as
Web-Owner can still manage the webpage via FTP client without running
into permission issues.

> 5. new Unix::PasswdFile to retry
> 
> If the file lock fails, undef is returned and it does not work.
> 
> Unix::ConfigFile is a base class.
> https://metacpan.org/release/Unix-ConfigFile/source/ConfigFile.pm#L64
> 
> We ran into this multiple times while running easy-migrate.pl, so we
> prepared a dirty patch.
> 
> --- /usr/sausalito/sbin/easy-migrate.pl 2020-03-05 06:54:15.000000000 +0900
> +++ /usr/sausalito/sbin/easy-migrate.pl-mod 2020-09-30 00:40:44.942912947 +0900
> @@ -1912,6 +1930,13 @@
> 
>                  # Parse /etc/passwd to find out where the User has
> his home directory:
>                  $pw = new Unix::PasswdFile "/etc/passwd";
> +                for (1..5) {
> +                    $pw ||= do {
> +                        print "new Unix::PasswdFile /etc/passwd
> failed. sleep 1 and retry.\n";
> +                        sleep 1;
> +                        new Unix::PasswdFile "/etc/passwd";
> +                    };
> +                }
>                  $userDir = $pw->home($import_username) . '/';
>                  undef $pw;

Thank you. This is helpful and I'll try it out.

> 6. cgiwrap will not work if mod_ruid is enabled.
> 
> This is not a change.
> 
> The error is:
>     CGIWrap Error: Server UserID Mismatch
>     The userid that the web server ran cgiwrap as does not match the
> userid that was configured into the cgiwrap executable. This is a
> configuration/setup problem with cgiwrap on this server. Please
> contact the server administrator.

I believe this is due to incorrect usage. The files in /web must be
owned by a Vsite User with "siteAdmin" rights. You can set this via the
GUI under "Services" / "Web Ownership". This will then also properly
configure mod_ruid2 for that Vsite to run the scripts with the UID/GID
of that siteAdmin. When that's done, CGIWrap should work as well if I
recall correctly.

-- 
With best regards

Michael Stauber