suexec doc_root incorrect - best way to reinstall

pixel_paul · July 28, 2008, 1:12pm

Hi,

I’m looking at this: /usr/sbin/suexec -V

-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/httpd/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=500
-D AP_USERDIR_SUFFIX="public_html"

and doc_root is incorrect.

How can I go about safely reinstalling apache to get that set to /home?

I have CentOS 5.2 and VM pro.

Cheers,

Paul

Eric · July 28, 2008, 4:16pm

Howdy,

Do you recall how you installed Virtualmin, was it with the install.sh script, or did you use the RPM’s or perhaps a tarball?

I have a suspicion that you may have the CentOS version of Apache (or suexec) rather than the Virtualmin one. You can tell by running this:

rpm -qf /usr/sbin/suexec

What is the output of that command?
-Eric

pixel_paul · July 29, 2008, 4:07am

Hi Eric,

Yes, I am using the CentOS version of Apache. The reason for this was that I had set the server up already before I installed Virtualmin.

Is there a way of recompiling with the Virtualmin version of Apache?

Cheers,

Paul

Eric · July 29, 2008, 9:20am

Hey Paul,

One more thing (it’ll help decide the best way to resolve things) – did you install via the install.sh, or did you use the RPM/tarball in order to install Virtualmin?

Thanks!
-Eric

pixel_paul · July 29, 2008, 9:40am

I upgraded from Virtualmin GPL…unfortunately I can’t remember how I actually did the upgrade to Virtualmin Pro.

I can only imagine that it was done via the install.sh script…

Cheers,
Paul

Eric · July 30, 2008, 10:27pm

Hi Paul,

Okay, so it definitely looks as if you need the Virtualmin version of Apache. They have Suexec pointing at /home rather than /var/www.

Joe tells me that the Virtualmin and CentOS Apache packages are identical, with the exception of where suexec_docroot points.

So how would you go about changing your Apache version to use the Virtualmin repository?

There’s a few different ways to go about it, but the ultimate goal would be to install the following packages from here:

Repository:
http://YOUR_LICENCE_KEY:YOUR_SERIAL_NUM@software.virtualmin.com/centos/5.2/i386/

Packages:

httpd, httpd-manual, httpd-devel, mod_ssl, and mod_fcgid packages

One way to do it would be to manually download them all, then use RPM to install them in place of your current versions.

I’d still make a solid backup of my config files in /etc and such (or heck, the entire system) before making any changes
-Eric

pixel_paul · July 31, 2008, 4:14am

Hi Eric,

Thank you for all this assistance on this. I will look at doing this early next week, so will post back any problems/success stories

Cheers,

Paul

Eric · July 31, 2008, 9:23am

Sure thing… if it gives you a hard time trying to install those, just yell! RPM may balk since the Virtualmin Apache version is a tad older, you might have to install them with the --oldpackage option or so.
-Eric

Joe · July 31, 2008, 4:28pm

–oldpackage shouldn’t be necessary. Epoch, FTW!

yum can also install them, if the virtualmin repo is available.

pixel_paul · October 13, 2008, 6:24am

Well, as usual certain things took longer than expected and am now back to trying to change this.

My question is this - if i update the httpd package etc to the virtualmin version, will my virtual servers list be overwritten? I have just tested this using a virtualmin gpl version and it seems that I may lose my virtual servers…which i dont want to do!

Cheers,

Paul

Joe · October 13, 2008, 9:33pm

My question is this - if i update the httpd package etc to the virtualmin version, will my virtual servers list be overwritten? I have just tested this using a virtualmin gpl version and it seems that I may lose my virtual servers...which i dont want to do!

I can’t imagine how that could happen, unless you didn’t install Apache from a package to start with.

pixel_paul · October 14, 2008, 5:37am

Hi Joe,

Interestingly, the virtualmin repo wasn’t present in /etc/yum.repos.d/
(I have now added this, although i just copied the details from a Virtualmin GPL repo). This is obviously why there were no virtualmin packages installed, and why everything is coming out of the centos base.

I now have two packages to install, the clamav (0.94-3vm.el5) and httpd (2.2.3-11.el5.3vm)

if I yum update - will this just do a straight upgrade of apache, and not affect anything in the virtual servers?

Thanks,

Paul

Eric · October 14, 2008, 9:51am

Paul,

The Virtualmin version of the httpd package is near-identical to the RHEL/CentOS one.

If what you have in there now is the RHEL/CentOS provided httpd package, then the Virtualmin httpd package should be a clean upgrade.

Of course, now would be a great time to make sure your backups are working, and you could easily make a copy of /etc/httpd/conf/httpd.conf before installing that
-Eric

pixel_paul · October 22, 2008, 12:56pm

I’ve just tried to update the httpd package but I get the following:

[code:1]warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID a0bdbcf9

GPG key retrieval failed: [Errno 5] OSError: [Errno 2] No such file or directory: ‘/etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin’[/code:1]

pixel_paul · October 22, 2008, 1:02pm

's all right - figured it out:

rpm --import http://software.virtualmin.com/lib/RPM-GPG-KEY-virtualmin

pixel_paul · October 22, 2008, 1:19pm

Everything appears to have gone smoothly. I now have this: FCGId (run as virtual server owner)
so all is looking good.
Many thanks to Eric and Joe, bit of a nail biting experience as on a live system (and first time doing it!)…but all went well.

Cheers,

Paul