Suexec error when Checking Configuration

I am running Virtualmin 3.62 GPL on CentOS 5.2

After the upgrade to Virtualmin 3.62 today, the system ported me to run configuration re-check. When I do it it returns the error below:

What would be the easiest way to fix this without endangering the many sites, already hosted on the system, by messing up their config files?

Just disable suexec in Virtualmin (Server Templates:Apache Website:Automatically add appropriate SuExec directive? set it to “No”). Obviously you’re not using it, if scripts are working.

Longer term, if you have less than fully trusted users on your system, I’d suggest getting suexec setup correctly. We provide Apache packages for CentOS 5 that are appropriately configured for use with Virtualmin in our CentOS yum repo.

Hi Joe,

Thank you for your response. At this time it’s me and 1 more user of the system, but I would like to secure the server some time in the future.

Is it possible to configure Suexec to use both /home and /var/www? If yes, can I do it without uninstalling and installing apps.

If not:
Which are the RPM that I need to install from your repo?
What is your repo’s address?
When I uninstall and install the apps is anything going to majorly change and affect all the other settings/configurations on the server necessary for the websites to run properly or is the suexec run environment going to be the only thing changed?
Any config files I should back up first, that might be affected in the process?

Also, if you could have a look at this http://www.virtualmin.com/forums/virtualmin/unavailable-features-for-server-admins.html.

Thank you for your time.

No.

Assuming you installed everything (including Webmin, and all Virtualmin modules) via RPM, it’s safe to install virtualmin-release:

http://software.virtualmin.com/gpl/centos/5/i386/virtualmin-release-1.0-1.rhel.gpl.noarch.rpm

Which will setup both our universal repo (for Webmin packages) and the OS-specific repository for your OS version and architecture.

From there, just update httpd and related packages using yum:

yum update httpd

It might require you to update some other pieces.

This should be safe, but I obviously recommend you have good backups–but you’re keeping good backups already, right?

Yeah, the suexec path is a compile-time setting in the suexec binary.

Virtualmin does provide Apache packages that include suexec with /home compiled into suexec.

Another option is to disable suexec; it’s less secure, but it might help you get by for the time being.

For the long-term, though, you’d probably want to consider using Virtualmin’s Apache packages, that’ll prevent problems like this from creeping up
-Eric

Can you post a link with details where I can find these debian apache packages for virtualmin. Can I add for example an apt repository on my sources.list?

I had no idea there were such packages till I encountered the problem

Thank you!

Well, in theory, performing a Virtualmin install would add them to /etc/apt/sources.list .

You said you’re using Etch, which is supported. You can see the Virtualmin GPL repo here:

http://software.virtualmin.com/gpl/debian/dists/virtualmin-etch/

Joe,

Thank you for your response, I will be working on this over the weekend. BTW, should I uninstall Vmin first, or can I just play the RPM over the old one?

Could you please have a look at http://www.virtualmin.com/forums/virtualmin/unavailable-features-for-server-admins.html.

Thank you.

Howdy yall,
just adding my experiences here, to build your confidence Thetitan.

I had the same problem on the last updates to my CentOS 4.7 server, the httpd etc… made a change that whamo’d my V-min suexec.

Basically, I removed the CentOS stock packages:
httpd, httpd-manual, httpd-devel, httpd-suexec, mod_ssl, and mod_fcgid

Then, I installed the custom rpm’s that Joe (and Jamie?) have so graciously made avaiable from their repo:
http://software.virtualmin.com/gpl/centos/
There is a repo for the Debian packages also.

My whole “panic” lasted about 15 minutes. Whern I was finished swapping out the rpm’s my apache server actually seems a little more responsive.
Y.M.M.V.! But I found the process very easy.
HTH
Joe

P.S. --> helpful links:
http://www.virtualmin.com/forums/help-home-for-newbies/suexec-doc_root-incorrect--best-way-to-reinstall.html
and
http://software.virtualmin.com/gpl/debian/

Great Thanks BossHog. I’m glad I have an open weekend in case of mess ups

I have virtualmin pro installed on debian etch

When I add the following repository

[code:1]deb http://software.virtualmin.com/gpl/debian virtualmin-etch main[/code:1]
and do

[code:1]aptitude update && aptitude dist-upgrade[/code:1]
i get all the following packages ready to update

My concern was that I have virtualmin pro installed. Will the following repository try to install the gpl version on top of the pro and mix things up? I have a lot of sites in my server and i can’t risk anything.

Is this repository for the pro version as well, or should i use another repositiry or procedure?

Thanks everyone!

[quote]Is this repository for the pro version as well, or should i use another repositiry or procedure?[quote]

The gpl repository is not for Professional. Using it will downgrade your Virtualmin to the GPL version.

You need the Professional repositories instead. They are all documented here:

http://www.virtualmin.com/component/option,com_openwiki/Itemid,48/id,manual_virtualmin_installation/#virtualmin_modules_and_theme

No! Don’t uninstall Virtualmin! That’ll wipe out all of your Virtualmin meta-data, which could ruin your day if you’re not keeping good backups. If you are keeping good backups, it’ll just waste an hour or two of your time.

But I thought we were talking about Apache packages, which have nothing to do with the Virtualmin packages. (Though, I guess if you’ve been manually installing stuff all this time you might have some out of date stuff.)

Did you install Virtualmin using RPMs or wbm? (If the latter, why? I’m trying to figure out how to guide people better…we’re still getting a lot of odd install processes that makes folks lives harder than it needs to be, and makes things harder to support.)

Thanks Joe,
Not sure how to add to sources.list the authorization required though.

Can I use sources.list to automate the dependencies or should I manually download the packages and install.

Is this correct?

[code:1]deb http://mylicencekey:myserial@software.virtualmin.com/ virtualmin-etch main[/code:1]

Vagelis

Both apt-get and yum use standard URL syntax:

http://serial:license@software.virtualmin.com/blah/blah

I don’t know. What are you trying to do?

Hrm, your sources line isn’t showing up above… however, for Debian Etch, you might use something like this:

deb http://VIRTUALMIN_SERIALNUM:VIRTUALMIN_LICENCENUM@software.virtualmin.com/debian/ virtualmin-etch main

How did you end up doing your install? Had you used the install.sh script? And if so, can you verify that there isn’t a line similar to the above already in sources.list?
-Eric

(the code tag didn’t display correctly)
I used

deb http://mylicence:mykey@software.virtualmin.com/ virtualmin-etch main

on my sources.list

But with no luck. I don’t know how to pass authorization through apt.

Thanks!

Thanks everyone!

I corrected the sources.list as you mentioned (i had putted licence and key vice versa) and that passed the authorization!

Vagelis

Eric
I did not do the setup with the script.
I had the gpl version for a while, I manually changed settings in apache and other webmin modules to pass the config check
Then i installed pro through the web-interface of the gpl.

I can see now that it was a painfull and procedure (not the best) and the problems arise now and then

Anyway thanks everyone! My problems seem to be solved!

I have this problem with a system entirely installed by Webmin. Webmin was installed by apt-get by adding the link above to apt-get sources. This was all before any programs were installed.

Why did Webmin/Virtualmin not install apache etc correctly? It was not on the server to start with.

Do I have to uninstall all the programs and do it again?

Shanta