Virtualmin config check detects that suexec is NOT installed, but it still adds the SuexecUserGroup to the Apache configuration, which in turn prevents Apache from loading properly.
While I can easily comment this out in the virtual-host directives, it’s annoying to have to do this on each new virtual-host twice (once for both http/https).
It also doesn’t properly detect that mod_suexec is disabled.
Is there any reason why this directive is not controlled by the fact that suexec is not installed, or mod_suexec is disabled?
How did you install Virtualmin? Normally suexec is installed as part of Virtualmin installer hence why reference to it is being added to the Apache config for your virtual hosts.
It seems as if you either didn’t install Virtualmin using the install.sh script or something went wrong during the installation.
I can confirm that there is no suexec issues in my own server running Ubuntu 20.04 LTS.
I have an Ansible role that I use to manage the installation process, which allows me to turn off the installation of a lot of extra packages without needing to remember the command line parameters. This has worked great over the last 4 years for multiple servers, with no problems until now.
I understand I’m using an unsupported installation method, my purpose was to highlight that the config check detects that suexec is not installed, and that the directive being added by default should be controlled by that knowledge.
Since I don’t allow cgi-bin usage, and all sites are running php-fpm, suexec is neither necessary nor needed, so I didn’t flip the switch to have my role install it.
Any mode other than PHP-FPM that is labeled “run as domain owner” will include suexec configuration. Then again, I thought not having suexec installed would disable those modes…so not sure how you’re getting there. I think that’s how we detect the no-suexec behavior on CentOS 8 (where we don’t install suexec, and only support PHP-FPM and other similar types of execution that don’t require suexec).
So…it may very well be a bug, but I can’t figure out how exactly how to reproduce it.
Are you using current versions of Webmin and Virtualmin? This no-suexec behavior is pretty new, introduced at the same time as CentOS 8 support a few months back.