[BlueOnyx:21144] Re: Perl script executing as apache instead of user
Chris Gebhardt - VIRTBIZ Internet
cobaltfacts at virtbiz.com
Mon Jun 26 13:29:34 -05 2017
Hi Michael,
On 6/26/2017 12:44 PM, Michael Stauber wrote:
> There is no easy answer to this other than: At this time on 5209R we do
> have no way of executing Perl scripts under other UID/GIDs than "apache".
That's a pretty concise answer. Helpful, even if not the ideal response
I was looking for. :)
> The "suexec" binary on CentOS 7 has been compiled with a hard-coded
> Apache DocumentRoot of /var/www/ and our Perl scripts reside with the
> rest of the Vsites under /home/sites instead.
>
> Hence we're not allowed to use anything "suexec" related. And "suexec"
> is part of the "httpd" RPM, so this would mean recompiling Apache and
> providing it out of the BlueOnyx YUM repos.
Oh yeah... I can see that gets sticky for all sorts of reasons. So I'm
going to say that based on the frequency that we have gotten any
feedback on anything to do with CGI / Perl, it's a safe bet we can put
this on the back burner.
> Where to go from here?
> =======================
>
> apache2-suexec-custom: Debian and Ubuntu have the same problem and solve
> this by providing an alternative suexec mechanism called
> "apache2-suexec-custom". I haven't been able yet to port this to CentOS
> 7 and am still looking into it.
>
> CGIWrap: I haven't given up on this yet, but as of now I haven't yet
> managed to get it working.
Stupid question: A symlink or hard link from, say, /var/www/site1 ->
/home/sites/appropriate_vsite would probably have no effect here, right?
--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ
More information about the Blueonyx
mailing list