Disabling mod_mpm_itk caused lots of permissions problems
Hi,
To enable mod_userdir, i have to disable mod_mpm_itk, now I have lots of permissions errors and not found pages.
How does mod_mpm_itk affect users permissions, and what is the solution ?
Thx
-
Make sure you have mod_suexec installed as well. 0 -
Make sure you have mod_suexec installed as well.
mod_suexec is installed. The probems triggered exactly when I change the PHP handler from CGI to suphp. Lots of folders are restricted and cannot found. Now I switched back to CGI, but I need mod_userdir to proceed with teh developement of a project.0 -
hm and do you have custom permissions set on those folder? It shouldn't cause any issues normal.y 0 -
In general, you'll want to make sure that all files are 644 and all directories are 755. If the permissions are different than that, you'll run into issues with suPHP on the machine due to the way it handles user scripts. 0 -
All files are 644 and folders 755, working well on CGI.. But on suPHP many websites have permissions errors. I don't know where to look for fixes.. I noticed if I change the permission to 777, things work again, but there is a lot of directories to change, i can't do it all. 0 -
Look in /var/log/apache2/suphp_log (from memory). suPHP will refuse to execute any PHP script with write set for group or world. The permissions errors are usually pretty obvious in the log. 0 -
@ffeingol is correct - you can check the main Apache log (/etc/apache2/logs/error_log) or the suPHP log (/etc/apache2/logs/suphp_log, which is also linked to the path that @ffeingol provided if that is easier to remember for you) and you should see the errors in one of those locations. With the errors you are describing there is almost certainly a permissions or ownership issue causing the problem. For security reasons, you don't want to set everything to 777, so fixing the root cause of the errors is the best way to get this resolved. 0 -
To add to the above, if you have too many permissions allowed to a file or directory, such as setting 777 on a file, and you are using suPHP, you'll see something like this in the Apache log on the system. This example may help you track down the error: [Tue Dec 15 12:15:05.803735 2020] [:error] [pid 865355:tid 47350949099264] [client 1.2.3.4:54904] SoftException in Application.cpp:261: File "/home/username/public_html/testdir/phpinfo.php" is writeable by group
0 -
To add to the above, if you have too many permissions allowed to a file or directory, such as setting 777 on a file, and you are using suPHP, you'll see something like this in the Apache log on the system. This example may help you track down the error:
[Tue Dec 15 12:15:05.803735 2020] [:error] [pid 865355:tid 47350949099264] [client 1.2.3.4:54904] SoftException in Application.cpp:261: File "/home/username/public_html/testdir/phpinfo.php" is writeable by group
I checked one of the accounts logs errors: In "Latest suEXEC error log Messages : [2020-12-18 09:14:30]: uid: (1114/user) gid: (1116/user) cmd: ea-php73 In "Latest web server error log messages" : [Sat Dec 12 23:57:55.943708 2020] [cgi:error] [pid 7003] [client 13.66.139.97:14400] AH01215: PHP Warning: fwrite() expects parameter 1 to be resource, boolean given in /home/elementslb/public_html/system/library/log.php on line 31: /usr/local/cpanel/cgi-sys/ea-php560 -
I don't believe either of those messages would be related to your error, as the first is just a notification letting you know it's processing data, and the second is a warning, but not an actual error. 0 -
I don't believe either of those messages would be related to your error, as the first is just a notification letting you know it's processing data, and the second is a warning, but not an actual error.
all output errors are the same, nothing else. any idea where should i look ? when i switch back to CG all websites works well.0 -
It's interesting that the latest web logs would be from December 12. Are you checking the main /etc/apache2/logs/error_log file when you are referencing the "latest web server error log messages"? That would be the place I'd start looking. 0 -
It's interesting that the latest web logs would be from December 12. Are you checking the main /etc/apache2/logs/error_log file when you are referencing the "latest web server error log messages"? That would be the place I'd start looking.
how can i browse /etc/apache2/logs/error_log from Terminal ?0 -
If you have root access to the server you could run this command to perform that work while you load the page on the site causing the issues: tail -f /etc/apache2/logs/error_log
That will let you watch the Apache log in real-time to see what errors are happening on the system.0 -
If you have root access to the server you could run this command to perform that work while you load the page on the site causing the issues:
tail -f /etc/apache2/logs/error_log
That will let you watch the Apache log in real-time to see what errors are happening on the system.
Thank you for this important command line.. useful. The errors appeared when I browsed a website:[Sat Dec 19 19:26:54.868214 2020] [:error] [pid 1997] [client 94.187.3.79:58017] SoftException in Application.cpp:267: File "/home/user/public_html/livezilla/script.php" is writeable by group, referer: https://domain.com/livezilla/mobile/ [Sat Dec 19 19:26:54.868260 2020] [core:error] [pid 1997] [client 94.187.3.79:58017] End of script output before headers: script.php, referer: https://domain.com/livezilla/mobile/ [Sat Dec 19 19:27:07.355382 2020] [:error] [pid 2057] [client 94.187.3.79:58030] SoftException in Application.cpp:267: File "/home/user/public_html/livezilla/server.php" is writeable by group, referer: https://domain.com/index.php?route=common/home [Sat Dec 19 19:27:07.355437 2020] [core:error] [pid 2057] [client 94.187.3.79:58030] End of script output before headers: server.php, referer: https://domain.com/index.php?route=common/home
0 -
Great - those are exactly the errors I expected to happen. You'll want to make sure the permissions on the files are 644 and then those errors will stop happening. If the files themselves have the correct permissions, check the "livezilla" directory and make sure that is 755. 0 -
Great - those are exactly the errors I expected to happen. You'll want to make sure the permissions on the files are 644 and then those errors will stop happening. If the files themselves have the correct permissions, check the "livezilla" directory and make sure that is 755.
Permissions are correct, i checked the folders and files mentioned in the errors log0 -
There must be a wrong permission at some point in the path, since it's giving the error saying Group has write permissions. If you aren't able to find the root cause, or believe the error message isn't correct, it would be best to speak with our team directly through a ticket so e can check that directly on the machine. 0
Please sign in to leave a comment.
Comments
18 comments