我成功设法与FPM的mod_fastcgi工作,这使我设置用户:通过运行FPM池定义脚本组。然而,有,比如说,通过运行的mod_fastcgi Python脚本没有类似的替代品,所以我想学习如何使用suexec的运行通过与用户的mod_fastcgi任何脚本:I组选
I successfully managed to make mod_fastcgi work with fpm, which enables me to set the user:group running the scripts via fpm pools definition. However, there is no similar alternative for, say, a python script run through mod_fastcgi, so i'm trying to learn how to use suexec to run whatever script through mod_fastcgi with the user:group i choose.
我是从这个工作的配置开始:
I'm starting from this working configuration:
#/etc/apache2/sites-available/test1 <VirtualHost *:80> ServerName test1.slothcompany DocumentRoot /var/www/test1 LogLevel Debug ErrorLog /var/www/test1/error.log <Directory /var/www/test1/> Options Indexes Includes FollowSymLinks ExecCGI AllowOverride All DirectoryIndex index.php AddHandler php5-fastcgi .php Action php5-fastcgi /php5.fcgi Order allow,deny Allow from all </Directory> </VirtualHost> #/var/www/test1/php5.fcgi #!/bin/bash PHPRC="/var/www/test1/php.ini" PHP_FCGI_CHILDREN=5 export PHPRC export PHP_FCGI_CHILDREN exec /usr/bin/php5-cgi我把的phpinfo()在 /var/www/test1/index.php ,这说明正确的的php.ini 路径。
I put a phpInfo() inside /var/www/test1/index.php, which shows the correct php.ini path.
现在,激活 suexec的我:
- 安装的Apache2-suexec的:命令和apt-get安装的apache2-suexec的
- 激活 mod_suexec :须藤a2enmod的suexec
- 改变文件的权限:须藤CHOWN -R米歇尔:米歇尔在/ var / WWW / test1的
- 添加此行到虚拟主机配置: SuexecUserGroup米歇尔·米歇尔
- 恢复了网站,并重新启动Apache的:须藤a2dissite测试1&放大器;&安培;须藤a2ensite测试1&放大器;&安培;须藤服务的Apache2重启
- Installed apache2-suexec: sudo apt-get install apache2-suexec
- Activated mod_suexec: sudo a2enmod suexec
- Changed files' permissions: sudo chown -R michele:michele /var/www/test1
- Added this line to the vhost configuration: SuexecUserGroup michele michele
- Reactivated the site and restarted apache: sudo a2dissite test1 && sudo a2ensite test1 && sudo service apache2 restart
用户:组米歇尔:米歇尔系统中存在。在运行时 test1.slothcompany 我像以前一样看到的phpinfo()输出准确和回声EXEC('WHOAMI'); 打印 www数据而不是米歇尔。
The user:group michele:michele exists in the system. When running test1.slothcompany i see the phpInfo() output exactly as before, and echo exec('whoami'); prints www-data instead of michele.
sudo的/ usr / lib目录/ apache2的/的suexec -V 告诉我,该日志文件应该在 /无功/日志/的Apache2 / suexec的.LOG ,但没有这样的文件存在。于是,我知道了Apache应该登录error.log文件suEXEC处理器的激活,作为一个通知,但在error.log中没有这样的通知中看到它们。所以,我怀疑是出于某种原因的suexec没有启动的。
sudo /usr/lib/apache2/suexec -V tells me that the log file should be in /var/log/apache2/suexec.log, but no such file exists. Then, i know that apache should log in the error.log file the activation of the suexec wrapper, as a notice, but in the error.log no such notice is found as well. So, i suspect that for some reason suexec isn't starting at all.
我看了这里检查suexec的呢名单以决定是否调用全成,但我不知道如何检查一下这些检查的结果are..it说,他们应在suexec的日志文件被写入,但从未创建这个文件,因为它似乎。
I read here the list of checks suexec does to decide if the call is successfull, but i don't know how to check what the results of these checks are..it says they should be written in the suexec log file, but this file is never created, as it seems.
所以,我做错了吗?
感谢大家这么多。
推荐答案我终于设法使其工作,用的这个职位。有我的第一个配置的两个大问题:第一个是,我没有启用suexec的FastCGI的工作(这需要编辑fastcgi.conf配置文件);第二次是在我的第一个虚拟主机我没有使用FastCGI了!我得到这个当我意识到系统禁用FastCGI的工作后同。
I finally managed to make it work, with the help of this post. There were two big issues with my first configuration: the first was that i didn't enable suexec to work with fastcgi (this requires to edit the fastcgi.conf configuration file); the second was that in my first virtual host i wasn't using fastcgi at all! I got this when i realized that the system worked the same after disabling fastcgi.
不过,这些都为我工作(我想他们只是为这个创造了Debian的虚拟机内)的最后步骤:
However, these are the final steps that worked for me (i tried them inside a Debian virtual machine created just for this):
添加非自由到的/etc/apt/sources.list 的后安装软件包( 中的libapache2-MOD-的FastCGI )
Install packages (after adding non-free to /etc/apt/sources.list for libapache2-mod-fastcgi): sudo apt-get install apache2 libapache2-mod-fastcgi apache2-suexec php5-cgi
添加一个全球性的FastCGI配置:
Add a global fastcgi configuration:
sudo nano /etc/apache2/conf.d/fastcgi # /etc/apache2/conf.d/fastcgi FastCGIConfig -killInterval 60 -maxClassProcesses 1 -maxProcesses 50 -minProcesses 0 -startDelay 5
启用suexec的内部FastCGI配置(删除#从 FastCgiWrapper 行):
sudo a2dismod fastcgi sudo nano /etc/apache2/mods-available/fastcgi.conf # /etc/apache2/mods-available/fastcgi.conf <IfModule mod_fastcgi.c> AddHandler fastcgi-script .fcgi FastCgiWrapper /usr/lib/apache2/suexec FastCgiIpcDir /var/lib/apache2/fastcgi </IfModule>
启用Apache模块:
Enable apache modules:
sudo a2enmod fastcgi suexec actions
创建测试站点文件:
Create test site files:
sudo mkdir -p /var/www/vhosts/test cd /var/www/vhosts/test sudo mkdir cgi-bin etc httpdocs logs sudo nano httpdocs/index.php # /var/www/vhosts/test/httpdocs/index.php <?php echo exec('whoami'); phpInfo(); sudo nano cgi-bin/php5.fcgi # /var/www/vhosts/test/cgi-bin/php5.fcgi #!/bin/bash export PHPRC=/var/www/vhosts/test/etc export PHP_FCGI_CHILDREN=5 exec /usr/bin/php5-cgi sudo chmod +x cgi-bin/php5.fcgi sudo cp /etc/php5/cgi/php.ini etc/ sudo chown -R michele:michele .
创建Apache虚拟主机:
Create apache virtual host:
sudo nano /etc/apache2/sites-available/test # /etc/apache2/sites-available/test <VirtualHost *:80> ServerAdmin webmaster@slothcompany ServerName test.slothcompany LogLevel notice ErrorLog /var/www/vhosts/test/logs/error.log CustomLog /var/www/vhosts/test/logs/access.log combined ScriptAlias /php5.fcgi /var/www/vhosts/test/cgi-bin/php5.fcgi FastCgiServer /var/www/vhosts/test/cgi-bin/php5.fcgi -processes 1 -user michele -group michele -idle-timeout 310 -flush SuexecUserGroup michele michele DocumentRoot /var/www/vhosts/test/httpdocs <Directory /var/www/vhosts/test/httpdocs/> Options FollowSymLinks ExecCGI AllowOverride All Action php5.fcgi /php5.fcgi AddHandler php5.fcgi .php Order allow,deny Allow from all </Directory> </VirtualHost> sudo a2ensite test
重新启动Apache
Restart apache
sudo service apache2 restart
更多推荐
无法让与的mod
发布评论