Ubuntu :: Setting Up Suexec :: Reasons How Does It Work And How To Configure It?
Aug 5, 2011
My web server does not currently run Suexec. All files within the /var/www directory are owned by vsftpd and belong to nogroup. Apparently, this setup causes issues with some scripts that attempt to upload files and change files, such as the SMF Forum package.
Here's some background information that goes into further details regarding the issues I'm having:[URL]..Why would uploading a file using PHP in SMF not work with the owner being vsftpd belonging to the nogroup when the folder has been chmod to 777? I tested my own simple PHP upload script, and it was able to upload a file without issues. Yet, I've been told that my server is improperly configured if I'm not using Suexec. Why is this? Also, if I did use Suexec, what creates the users? Would I have to add them manually, or would they be created automatically as users based on their FTP login and added as subusers to the vsftpd group? Why should I use Suexec? I don't understand what's wrong with my current setup. How does it work in terms of users? Are users created and just added to a subgroup, or are they created like normal user accounts on the actual server? Do they get their own /home/username directory as well? I'm so confused about Suexec. What I've read about it doesn't make sense.[URL]..
My suspend-to-disk and suspend-to-RAM stopped working months ago. I've grasped at straws about why ever since, but I really don't think it's a software problem, because I've reinstalled my system (MEPIS) repeatedly. What sort of hardware failures could cause this? What should I be looking for? I notice that at boot, Linux always says "no resume image found," even if I left the system in suspension or hibernation. I can post parts of the dmesg if someone tells me what to look for; I can't display the whole thing because it's too long to fit here.
When we run php scripts that move/rename/etc files, the script does not have access to write to files in our web root. Changing permissions to 777 fixes the problem, but obviously this is not an option..I've been reading up about suexec, phpsuexec, and suphp, but we can't seem to figure any of this out.In phpinfo(),the Server API reads: Server API Apache 2.0 Handlerbut on another server (where everything works, it reads : Server API CGI/FastCGIIs there ANY way to achieve this?
I just got a new server dedicated running php5 and SUExec. I understand the concept. INstead of running as "nobody", PHP scripts run as the user of that website. This also means I don't have to have some special directory where I set permissions to 775 or 770 with group=nobody etc just to upload files via PHP .. since PHP will upload files just as the user would using FTP. OK, great so far, and more security, I'm all for it.
Now a dayz I am observing that mUbuntu performance was not satisfactory. My ubuntu is daily up to date. What was the reasons for my Ubuntu becoming slow?
For a bit of background info, the end result i'm trying to achieve is for files that get uploaded via a php script to be owned by the user account that owns the script rather than by the apache user.
So im setting up backuppc but do not want Apache to run as the backuppc user. To get round this I need to setup suEXEC so that CGI scripts are ran as the backuppc user. This seems fine and I do have the module loaded,
1. I have configured my config files as said here 2. I have read that DOC_ROOT for suEXEC is set to /var/www I need to change this to /home/www - as a quick fix i have a symbolic link from /var/www to /home/www.
3. To confirm what DOC_ROOT is and check where the log file will be as suggested on many sites I run "/usr/sbin/suexec -V" but I get nothing back, it does not list any config.
4. Group and Owner for "/usr/share/BackupPC" is backuppc
I am trying to configure evolution to work with MS Exchange but cannot get it to work. I also have an android phone which is dead easy to configure, but I've tried so may settings but cannot get evolution to connect. Anyone also having had this problem and finally solved it? I also tried DavMail with no luck.
What are the benefits to upgrading to F15 from F14 if any? Has there been some huge step forward in performance, security or some other reason that makes it worth while to upgrade? I know many people make the move simply because they wish to have the latest and greatest, but is there any reason specifically to upgrade to the latest and greatest?
I have 3 cronjobs set up on my Unix server . Out of which 2 cron jobs run the same script but at different times and the other one runs another script. So in the 2 jobs which are set to run PMDaily.sh for eg , One runs on Sunday at 8AM and the other runs monday to friday at 6 AM . How ever the Sunday cronjob works (runs through the crontab) but the Cron job set for Monday to Friday is not working. However manually if i run this script it workd perfectly.
Please let me know what could be the possible reasons for this?
when i try to run a program in linux it runs and prints some messages successfully but in the middle it shows the message 'Killed' and stops running. what may be the reasons for this..?
I've recently built a VM appliance using Ubuntu 8.04 that is given to customers for an easy deployment of our software. Ubuntu works great in a VM and its perfect for our software (which is a web application).
Some customers are paranoid (rightfully so) and they will run a vulnerability assessment on the web application. A particular customers' assessment fails as it finds that the appliance isn't running the latest version the Apache web server. I thought that just running "apt-get upgrade" would upgrade all of the software packages to the latest so that failures in the assessment caused by outdated software packages would be resolved... However this is not the case...
I realize that there is a probably a whole process for submitting/approving the latest versions of software packages in Ubuntu, that then get pushed to the repositories - But how does this work? What exactly does "apt-get upgrade" do if it doesnt upgrade packages to the latest?
For example: I need Apache 2.2.11 to fix a particular vulnerability. But when running apt-get upgrade, it doesnt actually upgrade the Apache version number (or any of the other packages). I'm stuck on Apache 2.2.8, and I can't find a .DEB installer for 2.2.11 or later.
I have a Linksys WAG54G2 Router - this is set up and was working fine with Xp and my Apple I phone.I have just changed over from XP to Ubuntu, and am having difficulty in configuring wireless settings to accept UBUNTU.The hard wired Ethernet connection works fine.
I have NFS fileserver that has served me well for more than year. But recently I noticed that it has started to reboot on its own very frequently, almost once a day! It is most likely not a power related issue as I tried changing UPS/power sources, but no help!So my question is:Is there any log file where I can check which is causing the reboot? There may not be a single logfile, but I need some point to start the investigation!
I was trying to install subversion on my machine which have lenny installed on it but when I tried to forward port 22. I got a message connection refused and when I tried to open it in iceweasel it shown me that the port has been restricted for security reasons. I wish to enable it but don't know how to.
I am trying to install a router on my CentOS 5 box, while i have properly configured IP address, Subnet, Default GW and DNS, I am at the point of trying to set up the Proxy. I have added a line: "proxy=http:ip_address:8080/" to the file of "/etc/yum.conf" The Proxy server here does not require any username nor password however I still cannot ping any website, while I tried to ping 74.125.45.100 (google.com) it returns the following message:
Has anyone experienced random wireless dropouts? Like one minute, you are connected and then not, with no obvious reason as to why it happened, just network manager popping up requesting a password to reconnect.
Using Debian Lenny.I am new to printing with Linux and would like some help with CUPS. I have CUPS set up to work with my printer.I read through the documentation, but still have some problems.
1. How should I configure cupsd.conf for security?
Quote:
Portwalling
* By default, cups will listen on every interface. Unless you want to offer your printer to the world, you must block this.Although you can firewall this (and that is a good idea anyway),you can also not have cups listen on your Internet connection.This also prevents any possibility of a root exploit from the Internet. Of course, you still have internal crackers to worry about...
* In cups.conf, comment out the lines: Port 80 Port 631 * Replace them with: Listen 127.0.0.1:631 code....
How do I create a symbolic link between programs?When I opened Xpp it said Printer:destination not available.
4. Can I adjust the text size on text, pdf or html files with Cups or do I need another program for this?
I am setting a Lucid mail server, and got dspam and mailgraph installed. dspam requires suexec module for apache, but it breaks mailgraph with "500 Internal Server Error":
Thunderbird 3 just won't work: I've tried every setting I could think of, but SMTP just won't work (POP works fine though)Does anyone know how to setup SMTP?
I have recently installed Ubuntu 9.10 on laptop behind XP and Win7. No problems at all so far. Even got wireless to work (awesomeness). But trying to set up the email program it continues to say there's a problem. I'm trying to use Hotmail. And the way the email wizard? is set up it's a little off for me. I'm not too experienced with Ubuntu, or Linux for that matter. Mainly a Microsoft OS user. give me the info on setting up the email client to work with Hotmail?
I'm setting up a loopback server for work related testing. I have a small program that needs to be executed through telnet from about 200 IP's on the same network. On the server, I have to set a static ip, enable telnet login, and place my 2 program files in the appropriate folders so it will run. I have been on this for 2-3 days and haven't got far.
My /etc/Network/interfaces file is this... Auto lo iface lo inet loopback
The rest of terminal is filled up with these, and it states that the file only has 32 characters. I don't know if this is a privilege issue or not. I've read several threads on telnet, and lots of arguments about ssh, but I can't run ssh, so I need to enable telnet. There is not a security issue. I run a private network where the only valuable resource would probably be the text file with my IP address on it. Its also accessed by people that have very limited networking knowledge and no linux knowledge...
So, Set static IP Setup telnet server... Any takers?
I'm trying to setup icecast2 so that I can stream music from MPD to other computers in my local network.I have MPD all setup, but I'm having trouble getting icecast to work.I believe its a permission problem.I've been trying to follow this tutorial but I have been unable to get it to work.I've looked at numerous other tutorials and haven't been able to find different that fixed my problems.
i want to install ubuntu10.10 x64 by pxe, so i have following proseed.cfg. and system should install using mirror 10.1.1.2/ubuntu/ubuntu10.10/x64 according to preseed.cfg. But it always report "Bad archive mirror". i could ping 10.1.1.2 and could get file by "wget" from 10.1.1.2.
# Locale sets language and country. d-i debian-installer/locale string en_us # Keyboard selection. d-i console-setup/ask_detect boolean false
i would like to set up a conky setting at my work so when employees call me for questions they can just give me the info that is visually on the screen from conky that i want instead of having them look for it, i have done some conky in ubuntu , it is very easy , just install it then enter codes in the text editor, and BAM done, now on opensuse looking at this thread Conky - Hardware Monitor it looks ALOT harder, is there a easier way around this big mess of codes and what not.
I want to now is it possible to use and how to configure to work program My Heritage try Wine?Please help its important to me.P.S I'am totaly noob regarding Ubuntu netbook remix
I've searched through google, and all I can find are instructions on how to set up a L2TP/IPSec VPN that works with macs and iPhones. I'm NOT trying to set up an L2TP/IPSec VPN. I'm trying to set up a pure-ipsec vpn.
The iPhone IPSec client is a built-in cisco client, I believe. I'm staying away from L2TP and PPTP because I need multicast packets to go through. *edit: wow, i just noticed that the title says "8.10 LTS". Oops! I obviously mean "8.04 LTS". Gah, the lack of sleep got to me.
This is scheme: Code: 10.10.1.90 <--> externalIP1 <--> MY external IP My /etc/ipsec.conf where I type setkey -f Code: cat /etc/ipsec.conf flush; spdflush;
