About SuExec of Rocky Linux 8.5 and CentOS 8

I-Love-Virtualmin · May 2, 2022, 2:43pm

SYSTEM INFORMATION
OS type and version	Rocky Linux 8.5
Webmin version	1.990
Virtualmin version	6.17
Related packages	Apache

There were various things about SuExec of Rocky Linux 8.5 or CentOS8, and I tried to make it.
I made a script to edit SuExec’s DocRoute from /var/www in binary and rewrite it to /home.
It’s still in the trial stage, so I’m not sure if the operation will work …

custom-suexec.sh

#!/bin/bash

if [ ! -L /usr/sbin/suexec ]; then
cp -p /usr/sbin/suexec /usr/sbin/suexec_bk;
hexdump -v -e ‘/1 "%02X "’ /usr/sbin/suexec | awk ‘{sub(“61 70 61 63 68 65 00 2F 76 61 72 2F 77 77 77”, “61 70 61 63 68 65 00 2F 68 6F 6D 65 00 00 00”, $0);print $0}’ | xxd -p -r > /usr/sbin/suexec-custom;
chmod 4711 /usr/sbin/suexec-custom;
chown root:apache /usr/sbin/suexec-custom;
rm /usr/sbin/suexec;
ln -s /usr/sbin/suexec-custom /usr/sbin/suexec
fi

Thank You !!

I-Love-Virtualmin · May 2, 2022, 11:08pm

The above script works by itself. Perl CGI also worked under /home.
But the concern is whether the patch will work when suexec is updated by YUM.

Joe · May 2, 2022, 11:35pm

This is kinda scary looking. Did you find this on the web somewhere (maybe with docs explaining what it’s doing)? It looks like it’s patching the binary, which feels fragile.

Joe · May 2, 2022, 11:37pm

Also note we’re adding support for fcgiwrap instead of suexec for systems that don’t have suexec-custom in the OS repo.

I-Love-Virtualmin · May 3, 2022, 12:13am

Thank you for your reply!!

This is the site I referred to…

and somewhere where awk ‘{sub(“line”, “after”, $0);print $0}’ is written…

I-Love-Virtualmin · May 3, 2022, 12:56am

So, How do I use fcgiwrap with Apache ?

I-Love-Virtualmin · May 3, 2022, 2:50am

Additionally…

‘/var/www’ appears only once in the dump of suexec, but I don’t know what will happen in the future, so I also searched for the ‘apache’ ASCII character that appears in front.
I replace ‘apache./var/www’ to ‘apache./home…’.
‘.’ is ASCII code ‘00’.

I am seeking about ‘fcgiwrap’ now.

Sorry.

Joe · May 3, 2022, 4:10am

I don’t know, I haven’t experimented with it yet, as the feature is new in virtual-server module 7.0.

Joe · May 3, 2022, 4:27am

But, I’m sure you’d start by installing the fcgiwrap package.

I-Love-Virtualmin · May 3, 2022, 5:37am

Thank you for your support !!

I will do try to experiment fcgiwrap with NEW module 7.0 !!

Thank you so very much !!

I-Love-Virtualmin · June 4, 2022, 4:11am

I’m Sorry.

Above Script occur error near double quotation in line 5 with just only Copy&Paste.

Please re-type the Double Quatrain Character after Copy&Paste in line 5.

I’m sorry so much !!

I-Love-Virtualmin · June 27, 2022, 3:39am

Finally ,I reached to run CGI with FcgiWrap !!
I wanted to restore the CentOS7’s VurtualServer to the RockyLinux8.5.
After I restored the one to the RockyLinux8.5, I disabled Apache & SSL Apache & AWStats at ‘Edit Vurtual Server’ menu. And then I re-enabled them. So the FcgiWrap Setting was made in apache’s vurtual server setting !! But to run the CGI completely, it is needed that the ’ +ExecCGI’ in Options of '<Directory /home/wwwaoj/public_html> at ‘Configure SSL Website’ and ‘Configure Website’ menu’s ‘Edit Directives’.

Thank You for FcgiWrap !!

system · August 26, 2022, 3:39am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.