Suexec target uid/gid mismatch with directory or program

bobsthename

Verified User
Joined
Sep 23, 2009
Messages
66
Location
NZ
After running ./build all d on Debian 8 i am now getting the following error:-

Code:
# service httpd restart
Job for httpd.service failed. See 'systemctl status httpd.service' and 'journalctl -xn' for details.
# systemctl status httpd.service -l
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/etc/systemd/system/httpd.service; enabled)
   Active: failed (Result: exit-code) since Mon 2015-05-25 02:10:06 NZST; 6s ago
  Process: 20690 ExecStop=/bin/kill -TERM ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 20688 ExecStart=/usr/sbin/httpd $OPTIONS -k start (code=exited, status=0/SUCCESS)

httpd[20688]: httpd (pid 16366) already running
kill[20690]: kill: failed to parse argument: ''
systemd[1]: httpd.service: control process exited, code=exited status=1
systemd[1]: Failed to start The Apache HTTP Server.
systemd[1]: Unit httpd.service entered failed state.
#

Apache error log:-
Code:
suexec policy violation: see suexec log for more details
suexec policy violation: see suexec log for more details

Suexec error log:-
Code:
[2015-05-25 01:43:19]: uid: (1043/user) gid: (1045/user) cmd: fcgid55.sh
[2015-05-25 01:43:19]: target uid/gid (1043/1045) mismatch with directory (1000/1000) or program (1000/1000)
[2015-05-25 01:43:25]: uid: (1009/user1) gid: (1011/user1) cmd: fcgid55.sh
[2015-05-25 01:43:25]: target uid/gid (1009/1011) mismatch with directory (1000/1000) or program (1000/1000)

I don't fully understand what the suexec error means and how to go about correcting the permission errors?
 
Please post the output of the following command:
Code:
suexec -V
 
Code:
suexec -V
 -D AP_DOC_ROOT="/"
 -D AP_GID_MIN=100
 -D AP_HTTPD_USER="apache"
 -D AP_LOG_EXEC="/var/log/httpd/suexec_log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=100
 -D AP_USERDIR_SUFFIX="public_html"
 
You seem to be missing the following line:
Code:
-D AP_SAFE_DIRECTORY="/usr/local/safe-bin"

Are you running CustomBuild 2.0? Please try "./build apache" to see if it solves the problem. It'd also be great to see at least 10 lines of the output around "Patching apache to suexec safedir path...".
 
I'm running custom build 2, and unfortunately ./build apache didn't fix it.
Looks like it can't find the suexec patch which could be causing the issue:-

Code:
Found /usr/local/directadmin/custombuild/apr-util-1.5.4.tar.gz
Extracting /usr/local/directadmin/custombuild/apr-util-1.5.4.tar.gz...
File already exists
MD5 Checksum on harden-symlinks-2.4.patch passed.
Patching apache for hardened symlinks patch...
./build: 12240: ./build: patch: not found
Enabling mod_systemd...
./build: 12262: ./build: patch: not found
Patching srclib/apr-util/dbm/sdbm/sdbm_private.h...
./build: 12269: ./build: patch: not found
Patching mod_proxy_fcgi for PHP-FPM logging...
Patching apache to suexec safedir path...
./build: 12293: ./build: patch: not found
Patching apache to allow SuexecUserGroup in Directory context...
./build: 12311: ./build: patch: not found
Configuring httpd-2.4.12
aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in'
acinclude.m4:7: warning: underquoted definition of APACHE_HELP_STRING
acinclude.m4:7:   run info Automake 'Extending aclocal'
acinclude.m4:7:   or see http://www.gnu.org/software/automake/manual/automake.html#Extending-aclocal
 
Back
Top