[HOWTO] mod_ruid2

I'm guessing something is broken in your conversion to mod_ruid2, because under mod_ruid2, php runs as an apache module and should run under whatever usre apache runs as.

I've never yet insalled mod_ruid2 with CB; I'm still following instructions found in this How-To, and the last time I did, everything worked as it should.

Of course there are a lot of steps and you may have accidentally missed or improperly done one of them. I'd suggest starting over.

Jeff
 
I think it's a bug in DA 1.43
I already did the complete procedure again and I installed numerous servers with mod_ruid.

When I create a new domain, as said, only the suexecusergroup is copied to the httpd.conf of the user, not the mod_ruid part with RUID and Rguid as I described.
I checked the vhost2.conf template and it's in there as it should be, but it does not get copied.
So this is not a configuration or mod_ruid error IMHO but a DA error.
 
I just confirmed it on another server on which mod_ruid2 was running fine before.

After creating a new domain, the users httpd.conf is overwritten and the mod_ruid section is gone.
So it's a DA 1.43 bug which is concerning ALL DA servers running mod_ruid and DA 1.43.
I already send a mail to DA support.
 
Hello,

With the changes for CustomBuild 2.0, the templates now look like this:
Code: 
        |*if HAVE_RUID2="1"|
        <IfModule mod_ruid2.c>
                RMode config
                RUidGid |USER| |GROUP|
                RGroups apache |SECURE_ACCESS_GROUP|
        </IfModule>
        |*endif|
note the tokenizer part.

If CB2 is not used, then the value will not be set to 1.
The HAVE_RUID2 requires that the options.conf have:
custombuild=2.0 (or higher)
mod_ruid2=yes

1) You could try CB2 (in testing)... CLI with mod_ruid2 on CB2 should be pretty much the same as for 1.2.

2) or create custom templates.. and either remove the |*if HAVE_RUID2="1"| line completely (and the|*endif|)...

3) or create custom templates, and add:
Code: 
|?HAVE_RUID2=1|
at the top of all 4.


Number 3 may not work.. as 1.43.0 might reset it back to 0.... so probably #2 would be best for now.. or change to CB2.

John
 
Just did #2 on a few boxes.

Probably a lot of installs will have to do this as they were relying on those ruid config lines being there by default. As the ruid config already has an apache if block, another one by DA seems a bit useless to be honest :]
 
Thank you.
I'm using Custombuild 1.2 as many do.

Some scripts will have change owner/group apache/access now, how can we fix this so they are all to user:user again?

A lot of users won't know about this problem, so IMHO this should be fixed in DA itself a nicer way.
 
Last edited:
What I can do is do an extra check for the 1.1/1.2 boxes to see if mod_ruid2 is enabled..

So, the main question I need to know it.. what method was used to enable mod_ruid2?
Was it compiled into apache, or does it use an .so file?
Which file is the .so file loaded into apache?

If you could paste me the output, I could then code the checks into DA, and set the token HAVE_RUID2=1.

eg, paste me your output from:
Code: 
/usr/sbin/httpd -l | grep ruid2
cd /etc/httpd/conf
grep ruid2 httpd.conf
grep ruid2 extra/*
so we can get an idea of what to check to know to enable it.

John
 
It's enabled by use of an .so file:
Code: 
grep ruid2 httpd.conf
LoadModule ruid2_module       /usr/lib/apache/mod_ruid2.so

The grep's for /usr/sbin and ruid2 extra/* don't give any results. Nothing present there.
 
It's installed through this line

apxs -a -i -l cap -c mod_ruid2.c

which indeed adds that .so loadmodule line in httpd.conf.
 
Great now my server doesn't work proper anymore. I made a test user to check if I am able to write without chmodding but I am not. What do I need to do? I am using custombuild 1.1 with mod_ruid2.
 
nobaloney said:
@pucky,

If you really feel you need to use an insecure and not-recommended setting to make your sites work, then of course you should. But many of us have no problems with mod_ruid2 and WHMCS, and with mod_ruid2 and wordpress with custom templates (including me). So I'd think it very important you figure out the problem you're having rather than revert to an insecure setting.

I'm going to do a new install of WHMCS with mod_ruid2 in the next few days, and I'll report back of anything I had to change to make it work. But as far as images working with WordPress with mod_ruid2, that works fine for me and for my clients.

Jeff
Click to expand...

Jeff, try following the OPs writeup. You will find it doesnt work. So whats the point of seeing it there if its doesnt work. My WHMCS was not working because i followed the OPs method of installation (manual). Then, i blew that away, undid everthing written and used CB2.0. Now, whmcs works and so do all the otehr directories chmod to 755. Point is, the OPs installation does not work and gives peole trying it a false sense of hope. It does not work.
 
Richard G said:
I think it's a bug in DA 1.43
I already did the complete procedure again and I installed numerous servers with mod_ruid.

When I create a new domain, as said, only the suexecusergroup is copied to the httpd.conf of the user, not the mod_ruid part with RUID and Rguid as I described.
I checked the vhost2.conf template and it's in there as it should be, but it does not get copied.
So this is not a configuration or mod_ruid error IMHO but a DA error.
Click to expand...

Are you sure about that? How did you install it? I used CB2.0 and just looked. All the directives are there. Maybe you should try using CB2.0.
 
Yes I am sure about it, it's even confirmed by DA support as you can read in the postings above, they made a fix for it.
I won't try CB 2.0 until it's fully tested and released.
Everything is working fine now. So I think this bug was the reason WHMCS was not working on your server also. That could be the reason other people with WHMCS did not have that problem you had.

I installed it by using the guide Arieh made, like I always do on all our servers, which all work nicely.
 
Well i can just confirm.

I do use CB 2.0 with mod_ruid2 apache 2.4 php 5.3 mysql 5.5, no issue at all.

I was using mod_ruid2 with this guide between that was getting implemented in CB 2.0 since at least one year with no issue.

So, you can blame how long you want, there is something wrong on your side and i'm about sure about this cause i did install serveral boxes with mod_ruid2 and now with cb2.0.

Feel free to hire someone who does know how verify and fix your issue, otherwise, keep your server as you want.

Regards
 
The reason why WHMCS was not work was because,

1) All directories were chown 0711 instead of 0755
2) I followed the origional post in this thread.

I discovered chowned all directories back to 0755
Removed the manually installed mods.
updated using cb2.0
ran rewrite confs

That was it!

As i said, that was about 4 or 5 days ago, long before DA made any changes. And i can show you whats in my current configs

Code: 
# Auto generated apache config file by DirectAdmin version 1.43.0
# Modifying this file is not recommended as any changes you make will be
# overwritten when the user makes any changes to his/her website

# For global config changes that affect all Users, see this guide:
# http://help.directadmin.com/item.php?id=2
# For local config changes that only affect one User, see this guide:
# http://help.directadmin.com/item.php?id=3


<Directory "/home/wpliv4co">
	
	
	<IfModule mod_ruid2.c>
		RMode config
		RUidGid wpliv4co wpliv4co
		RGroups apache access
	</IfModule>
	
	
	
	
	
</Directory>




<VirtualHost xxx:80 >


	ServerName www.xxx.com
	ServerAlias www.xxxx.com xxxx.com 
	ServerAdmin [email protected]
	DocumentRoot /home/wpliv4co/domains/xxxx.com/public_html
	ScriptAlias /cgi-bin/ /home/wpliv4co/domains/xxxx.com/public_html/cgi-bin/

	UseCanonicalName OFF

	<IfModule !mod_ruid2.c>
		SuexecUserGroup wpliv4co wpliv4co
	</IfModule>
	
	<IfModule mod_ruid2.c>
		RMode config
		RUidGid wpliv4co wpliv4co
		RGroups apache access
	</IfModule>
	
	CustomLog /var/log/httpd/domains/xxx.com.bytes bytes
	CustomLog /var/log/httpd/domains/xxx.com.log combined
	ErrorLog /var/log/httpd/domains/xxx.com.error.log

	



	<Directory /home/wpliv4co/domains/xxx.com/public_html>






		php_admin_flag engine ON
		php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f [email protected]'


		php_admin_value open_basedir /home/wpliv4co/:/tmp:/var/tmp:/usr/local/lib/php/


	</Directory>





</VirtualHost>

Looks right to me as everthing is working now.
 
It certainly looks right, but I did not doubted that, since you already stated that you went to CB 2.0 and all worked fine.
The first page is not up2date anymore, because the custom virtual_host2.conf files are already very long not needed anymore and there was indeed the 711 problem which you discovered.
 
You must log in or register to reply here.
Back
Top