Updating httpd: very lost (CentOS 5.5)

After much trial and error (mostly error), I managed to get apache updated to 2.2.14 from 2.2.3, but received this error:

The Suexec command on your system is configured to only run scripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as domain owners will not be executed.

My understanding is that I need to recompile suexec to change the document root, but that’s frankly over my head. Can anybody walk me through this, ideally using very small words as if to an idiot?


Well, our recommendation tends to be to stick with the Apache version that’s available by default with your distro… trying to move to a custom compiled Apache version is not a simple process, nor is maintaining it over the long haul going to be easy :slight_smile:

Alternatively, if you aren’t familiar with recompiling Apache, you could always disable suexec.

However, suexec provides a wonderful security benefit.

Is there a particular reason you’re after a newer Apache version? The few times folks have wanted a different Apache version, it was due to a PCI scanning company complaining that the Apache version was old… and all you’d need to do there is explain to them that they’re seeing a false positive, and that your distro backports security fixes into older Apache versions. So long as you’re using the most recent Apache available to your distro, all the known security vulnerabilities are taken care of.


Is there a particular reason you’re after a newer Apache version?

Yes, I was after the [B] rewrite flag which was added in 2.2.8 (I think).
I can rewrite a couple of sections of my application so that it’s not necessary (and I may well), but that was the reason.

I ended up recompiling suexec, and seem to have been successful with this command line:

./configure --enable-suexec --with-suexec-docroot=/home --with-suexec-caller="apache" --with-suexec-logfile="/var/log/httpd/suexec.log" --with-suexec-uidmin=500

The issue I’m having now is, apparently, yum thinking that my version (2.2.14) is older than the virtualmin repo version (2.2.3).