Andrew Peng | 3 Nov 00:07 2009
Picon

suPHP configuration variables

Hello folks;

I been banging my head about this one for quite some time and I can't
seem to figure it out. I have a clean base install of Debian 5 on
three machines. One is a virtual machine on my desktop computer, one
is an old PowerPC-G3 macintosh, and the last is a leased server at a
colocation. All of the servers experience the same issue.

In all cases, doing a fresh install of Debian, libapache2-mod-suphp,
and apache2 (along with the PHP5 cgi and all supporting packages as
determined by apt-get) results in a working configuration with PHP. I
set a new virtualhost directive for Apache2 to be in the
/home/username/public_html/domain.com directory:

***********************************************************
***********************************************************
<VirtualHost example.hostname.com:80>
        ServerAdmin webmaster <at> localhost

        DocumentRoot /home/username/public_html/example.hostname.com
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>

        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
(Continue reading)

Hugo Monteiro | 3 Nov 00:36 2009
Picon

Re: suPHP configuration variables

Andrew Peng wrote:
> Hello folks;
>   

Hello Andrew

> I been banging my head about this one for quite some time and I can't
> seem to figure it out. I have a clean base install of Debian 5 on
> three machines. One is a virtual machine on my desktop computer, one
> is an old PowerPC-G3 macintosh, and the last is a leased server at a
> colocation. All of the servers experience the same issue.
>
> In all cases, doing a fresh install of Debian, libapache2-mod-suphp,
> and apache2 (along with the PHP5 cgi and all supporting packages as
> determined by apt-get) results in a working configuration with PHP. I
> set a new virtualhost directive for Apache2 to be in the
> /home/username/public_html/domain.com directory:
>
>
> ***********************************************************
> ***********************************************************
> <VirtualHost example.hostname.com:80>
>         ServerAdmin webmaster <at> localhost
>
>         DocumentRoot /home/username/public_html/example.hostname.com
>         <Directory />
>                 Options FollowSymLinks
>                 AllowOverride None
>         </Directory>
>
(Continue reading)

Hugo Monteiro | 3 Nov 00:40 2009
Picon

Re: suPHP configuration variables

Hugo Monteiro wrote:
> Andrew Peng wrote:
>   
>> Hello folks;
>>   
>>     
>
>
> Hello Andrew
>
>   
>> I been banging my head about this one for quite some time and I can't
>> seem to figure it out. I have a clean base install of Debian 5 on
>> three machines. One is a virtual machine on my desktop computer, one
>> is an old PowerPC-G3 macintosh, and the last is a leased server at a
>> colocation. All of the servers experience the same issue.
>>
>> In all cases, doing a fresh install of Debian, libapache2-mod-suphp,
>> and apache2 (along with the PHP5 cgi and all supporting packages as
>> determined by apt-get) results in a working configuration with PHP. I
>> set a new virtualhost directive for Apache2 to be in the
>> /home/username/public_html/domain.com directory:
>>
>>
>> ***********************************************************
>> ***********************************************************
>> <VirtualHost example.hostname.com:80>
>>         ServerAdmin webmaster <at> localhost
>>
>>         DocumentRoot /home/username/public_html/example.hostname.com
(Continue reading)

Jared Sulem | 9 Nov 12:22 2009
Picon

[PATCH] Support HTTP Digest Authentication

Hi,

Here is a patch to support HTTP digest authentication using the (SU)PHP_AUTH_DIGEST environment variables.  Under the hood, it works the same way as the HTTP Basic authentication support.

If this feature is good for inclusion into suPHP I'd welcome any comments that would help get the code ready for inclusion.

Thanks,

Jared Sulem

Attachment (suphp-0.7.1-auth_digest.patch): application/octet-stream, 4409 bytes
_______________________________________________
suPHP mailing list
suPHP@...
https://lists.marsching.com/mailman/listinfo/suphp
Wah Jong | 12 Nov 08:55 2009
Picon

suphp 0.7.1 & PHP 5.2.11 & Apache 2.2.13 & Fedora Core 11

Dear all,

After having looked into the strace code further, I have noticed one of thing, that is missing filename eventually. I'm looking forward to getting your help.


script location to be executed
/home/httpd/devel/tuncow/phpinfo.php

20498 lstat("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
20498 lstat("/home/httpd", {st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
20498 lstat("/home/httpd/devel", {st_mode=S_IFDIR|0711, st_size=4096, ...}) = 0
20498 lstat("/home/httpd/devel/
tuncow", {st_mode=S_IFDIR|0711, st_size=12288, ...}) = 0
20498 lstat("/home/httpd/devel/tuncow/-", 0x7fff92241310) = -1 ENOENT (No such file or directory)

################ Problem right here ############
Why is there a dash symbol above instead of filename phpinfo.php ?

20498 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fff92244270) = -1 EINVAL (Invalid argument)
20498 fstat(0, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
20498 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffc8a245000
20498 read(0, ""..., 8192)              = 0
20498 close(0)                          = 0
20498 munmap(0x7ffc8a245000, 4096)      = 0
20498 setitimer(ITIMER_PROF, {it_interval={0, 0}, it_value={0, 0}}, NULL) = 0
20498 munmap(0x7ffc83c9f000, 2228136)   = 0
20498 brk(0x134a000)                    = 0x134a000
20498 exit_group(0)                     = ?



Thanks
Wah Jong
_______________________________________________
suPHP mailing list
suPHP@...
https://lists.marsching.com/mailman/listinfo/suphp
Dave Ingram | 12 Nov 14:32 2009
Picon

Re: suphp 0.7.1 & PHP 5.2.11 & Apache 2.2.13 & Fedora Core 11

Wah Jong wrote:
Dear all,

After having looked into the strace code further, I have noticed one of thing, that is missing filename eventually. I'm looking forward to getting your help.

script location to be executed
/home/httpd/devel/tuncow/phpinfo.php

[snip]


################ Problem right here ############
Why is there a dash symbol above instead of filename phpinfo.php ?
It's fairly standard to use "-" as an input filename to mean standard input, but either PHP doesn't honour this (i.e. it only reads from stdin if no filename is given), or something is being called incorrectly.

That's just a first guess though.


[snip]


Thanks
Wah Jong
_______________________________________________ suPHP mailing list suPHP-qhrM8SXbD5JCREYaNQg7v0EOCMrvLtNR@public.gmane.org https://lists.marsching.com/mailman/listinfo/suphp

_______________________________________________
suPHP mailing list
suPHP@...
https://lists.marsching.com/mailman/listinfo/suphp
Wah Jong | 13 Nov 09:19 2009
Picon

Re: suphp 0.7.1 & PHP 5.2.11 & Apache 2.2.13 & Fedora Core 11

Hi,

That was my mistake, It got it working properly eventually after having php-cgi being built using the following settings, hope this experience would be helpful.

Building PHP 5.2.11 CGI binary: /usr/local/php5/bin/php-cgi
    --enable-fastcgi
    --enable-force-cgi-redirect
    --with-apxs2 <- don't use this, otherwise the php-cgi would not have built

Building suphp 0.7.1
#!/bin/bash
CFLAGS="-march=core2 -g -O3 -pipe -funroll-loops -fomit-frame-pointer" \
CXXFLAGS="-march=core2 -g -O3 -pipe" \
./configure \
    --prefix=/usr \
    --sysconfdir=/etc \
    --with-apxs=/usr/local/apache2/sbin/apxs \
    --with-apr=/usr/local/apache2/bin/apr-1-config \
    --with-apache-user=apache \
    --with-min-uid=100 \
    --with-min-gid=100 \
    --with-setid-mode=paranoid \
    --with-logfile=/var/log/httpd/suphp_log

/etc/suphp.conf
[global]
logfile=/var/log/httpd/suphp_log
loglevel=info
webserver_user=apache
docroot=/home/httpd
env_path=/bin:/usr/bin
umask=0077
min_uid=100
min_gid=100

; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false

;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=false

;Send minor error messages to browser
errors_to_browser=false

[handlers]
x-httpd-php="php:/usr/local/php5/bin/php-cgi"
x-suphp-cgi="execute:!self"


Regards
Wah


On Thu, Nov 12, 2009 at 3:55 PM, Wah Jong <wahjong-Re5JQEeQqe8@public.gmane.orgm> wrote:
Dear all,

After having looked into the strace code further, I have noticed one of thing, that is missing filename eventually. I'm looking forward to getting your help.

script location to be executed
/home/httpd/devel/tuncow/phpinfo.php

20498 lstat("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
20498 lstat("/home/httpd", {st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
20498 lstat("/home/httpd/devel", {st_mode=S_IFDIR|0711, st_size=4096, ...}) = 0
20498 lstat("/home/httpd/devel/
tuncow", {st_mode=S_IFDIR|0711, st_size=12288, ...}) = 0
20498 lstat("/home/httpd/devel/tuncow/-", 0x7fff92241310) = -1 ENOENT (No such file or directory)

################ Problem right here ############
Why is there a dash symbol above instead of filename phpinfo.php ?

20498 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fff92244270) = -1 EINVAL (Invalid argument)
20498 fstat(0, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
20498 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffc8a245000
20498 read(0, ""..., 8192)              = 0
20498 close(0)                          = 0
20498 munmap(0x7ffc8a245000, 4096)      = 0
20498 setitimer(ITIMER_PROF, {it_interval={0, 0}, it_value={0, 0}}, NULL) = 0
20498 munmap(0x7ffc83c9f000, 2228136)   = 0
20498 brk(0x134a000)                    = 0x134a000
20498 exit_group(0)                     = ?



Thanks
Wah Jong

_______________________________________________
suPHP mailing list
suPHP@...
https://lists.marsching.com/mailman/listinfo/suphp
Nathaniel Morris | 11 Nov 20:12 2009
Picon

suPHP & Shared Code

I've hunted high and low on the web for this. Basically, I have a dedicated box with suPHP in paranoid mode (because I resell some of the space). I'd like to maintain security levels, but still expose a library of shared PHP code. Is this possible?


-Nate
_______________________________________________
suPHP mailing list
suPHP@...
https://lists.marsching.com/mailman/listinfo/suphp
Dave Ingram | 13 Nov 10:51 2009
Picon

Re: suPHP & Shared Code

Nathaniel Morris wrote:
> I've hunted high and low on the web for this. Basically, I have a 
> dedicated box with suPHP in paranoid mode (because I resell some of 
> the space). I'd like to maintain security levels, but still expose a 
> library of shared PHP code. Is this possible?
I see no reason why not -- as long as the suPHP user can read the shared 
code files, and the code is included rather that executed directly, it 
should work.

Dave
Laurent Rathle | 21 Nov 16:50 2009
Picon

Permissions problems

Hello,

From one day to another I can't install plugins with Wordpress admin panel (unable to write in the directory) and I get this kind of messages with my php website (wordpress, joomla) :

Warning: realpath() [function.realpath]: Unable to access /var/www/vhosts/xxxxx.info/httpdocs/wp-admin/admin/admin.php in /var/www/vhosts/xxxxx.info/httpdocs/wp-includes/functions.php on line 1963

Warning: realpath() [function.realpath]: Unable to access /var/www/vhosts/xxxxx.info/httpdocs/wp-admin/admin/admin.php in /var/www/vhosts/xxxxx.info/httpdocs/wp-includes/functions.php on line 196

Could it be a problem related to Suphp, and if yes how can I fix it ?

I use :

Ubuntu server 8.04
Apache 2.2.8
PHP 5.2.4
SuPhp 0.6.2

Thank you
_______________________________________________
suPHP mailing list
suPHP@...
https://lists.marsching.com/mailman/listinfo/suphp

Gmane