I am trying to get cgi scripts to work from virtual hosts. I thought is was automatically setup with webmin, but when I try to run a script I am getting an Internal Server Error. When I read the suexec log it says "command not in docroot". The suexec docroot is set to /var/www/ and the virtual servers are set to run under /home/virtualserver. If I edit the directives for the site and remove the SuexecUserGroup "#XXX" "#XXX" line the scripts will work, but I assume that is without suexec. I think this is the problem, but all of the config pages that I find for suexec are very vague to me. Any help is appreciated.
First, I suexec neccessary?
Second, Why is this not working?
Third, How do I change the docroot directory and will that make the suexec work?
Virtualmin Professional includes a build of Apache that has SuExec configured correctly. If you’re using Virtualmin Professional and having this problem, something went wrong during installation and we’ll help you fix it. If you’re using Virtualmin GPL, then you’ll need to rebuild Apache to correctly configure the suexec docroot.
I think suexec is a pretty important feature to have, if you have more than one user on the machine and any of them are not trusted (I don’t mean you like them–they can be friends or family and still make stupid mistakes in CGI coding that could lead to serious security holes, without suexec–trust here refers also to your users ability to understand security issues).
There was a thread about rebuilding Apache with suexec not long ago:
Joe,
I tried to go through the update and everything seems to go as it should but the doc-root directory does not change. It do not see any errors on the rebuild. Any suggestions?
Here you go. The s/blah/blah/ is you basic syntax. The is an “escape character”. I’m terribly rusty, but I’m quite positive that this would do the trick.
My guess is:
perl -pe ‘s//var/www//home/’ suexec.save] suexec
(I haven’t tried since things like mailman and openwebmail don’t get installed in /home) You should be able to verify it with suexec -V
I guess the ""s are there to pad a specific length. so you have to take off as many ""s as many chars you add and of course you’re limited to the length of “/var/www” so something like /home/vhosts would not work.