Cant start httpd after CustomBuild update / SuexecUserGroup not allowed in <Directory> context
- Thread starter websterPL
- Start date
Everything is updated. php as fpm. no customization. DA is updated.
Code:
Nginx Unit: no
Apache: 2.4.58
ModSecurity: 2.9.7
ModSecurity Rule Set: no
htscanner: no
Dovecot: 2.3.21
Dovecot configuration: yes
AWstats: 7.9
Exim: 4.96.2-12-g29d01ae2a
exim.conf update: yes
BlockCracking: yes
Easy Spam Fighter: yes
SpamAssassin: 4.0.0
SpamAssassin rule updates: daily
ClamAV: no
MariaDB: 10.4.31
MySQL backup: yes
MySQL backup directory: /usr/local/directadmin/custombuild/mysql_backups
MySQL compress backups: no
PHP (default): 8.2 as php-fpm
phpMyAdmin: 5.2.1-all-languages
ProFTPD: no
Pure-FTPd: 1.0.51
RoundCube webmail: 1.6.4
Replace "php.ini" with 'da build all' and 'da build php_ini': no
Cron for notifications and (or) updates: yes
Cron frequency: daily
Run "clean" every time: yes
Run "clean_old_webapps" every time: yes
Run "clean_old_tarballs" every time: yes
Show texts in bold: yes
SquirrelMail: no
Zend Guard Loader: no
ionCube loader: no
Suhosin: noAt the end we have
Code:
Installing configuration files
[PRESERVING EXISTING HTDOCS SUBDIR: /var/www/htdocs]
[PRESERVING EXISTING ERROR SUBDIR: /var/www/error]
[PRESERVING EXISTING ICONS SUBDIR: /var/www/icons]
[PRESERVING EXISTING CGI SUBDIR: /var/www/cgi-bin]
Installing header files
Installing build system files
Installing man pages and online manual
make[1]: Leaving directory '/usr/local/directadmin/custombuild/httpd-2.4.58'
Restoring certificate and key, and turning on httpd for DirectAdmins's check.
Checking to ensure /etc/httpd/conf/ssl.crt/server.ca is set.
Enabling httpd in systemd...
Checking to ensure /etc/httpd/conf/ssl.crt/server.ca is set.
2023/10/26 12:32:17 info executing task task=action=rewrite&value=ips
Using 146.59.1.221 for your server IP
Installation of ModSecurity Rule Set has been finished.
PHP has been secured.
Restarting php-fpm82.
2023/10/26 12:32:21 info executing task task=action=rewrite&value=httpd
Restarting apache.
Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xe" for details.
2023/10/26 12:32:28 info executing task task=action=directadmin&value=reload
Restarting apache.
Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xe" for details.In DA/Dashboard/Custom HTTPD Configurations/View Domain Configuration Contents of the httpd.conf file for all domains we have "Syntax Error":
AH00526: Syntax error on line 12 of /etc/httpd/conf/extra/httpd-hostname.conf:
SuexecUserGroup not allowed in <Directory> context
AH00526: Syntax error on line 12 of /etc/httpd/conf/extra/httpd-hostname.conf:
SuexecUserGroup not allowed in <Directory> context
| WEBSERVER | apache |
| USECANONICALNAME | UseCanonicalName OFF |
| HAVE_MOD_SECURITY | 1 |
| HAVE_PHP1_FCGI | 0 |
| HAVE_PHP1_FPM | 1 |
| HAVE_PHP2_FCGI | 0 |
| HAVE_PHP2_FPM | 0 |
| HAVE_PHP_FCGI | 0 |
| HAVE_RUID2 | 0 |
| HAVE_SAFE_MODE | 0 |
| HAVE_SUEXEC_PER_DIR | 0 |
| HAVE_USERDIR_ACCESS | 0 |
| FORCE_SSL_REDIRECT | SetEnvIf X-Forwarded-Proto "https" HTTPS=on RewriteEngine On RewriteCond %{HTTPS} !=on RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC] RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] |
| FASTCGI_OPENBASEDIR | -d open_basedir="/home/domain/:/tmp:/var/tmp:/opt/alt/php82/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/php82/lib/php/" |
| CERT | /usr/local/directadmin/data/users/domain/domains/domain.cert.combined |
| ALLOW_OVERRIDE | AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,IncludesNOEXEC,MultiViews,SymLinksIfOwnerMatch,FollowSymLinks,None |
Nope,
Code:
AH00526: Syntax error on line 12 of /etc/httpd/conf/extra/httpd-hostname.conf:
SuexecUserGroup not allowed in <Directory> contextDid you look at these?
forum.directadmin.com
forum.directadmin.com
Apache don't start after update
Hi, Apache don't start in webserver nginx_apache (or apache) after the update. The error : AH00526: Syntax error on line 18 of /etc/httpd/conf/extra/httpd-hostname.conf: SuexecUserGroup cannot occur within directory context I don't know where the problem is. The file looks correct : Options...
forum.directadmin.com
Apache will not update
One of the servers I "inherited" from Jeff running CENTOS5 and CB 2.0 I was finally able to shell into it today and start running some updates when I ran into a problem updating Apache. I have done some nosing around but I really want to bounce this off of some of you guys who may have seen...
forum.directadmin.com
The OS is AlmaLinux 8.8 (Sapphire Caracal)
Code:
NAME="AlmaLinux"
VERSION="8.8 (Sapphire Caracal)"
ID="almalinux"
ID_LIKE="rhel centos fedora"
VERSION_ID="8.8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="AlmaLinux 8.8 (Sapphire Caracal)"
ANSI_COLOR="0;34"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:almalinux:almalinux:8::baseos"
HOME_URL="https://almalinux.org/"
DOCUMENTATION_URL="https://wiki.almalinux.org/"
BUG_REPORT_URL="https://bugs.almalinux.org/"
ALMALINUX_MANTISBT_PROJECT="AlmaLinux-8"
ALMALINUX_MANTISBT_PROJECT_VERSION="8.8"
REDHAT_SUPPORT_PRODUCT="AlmaLinux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.8"I thought it was interesting that the first search result I see is from Martynas here:
Perhaps @smtalk might have come across this in the past
Perhaps @smtalk might have come across this in the past
"SuexecUserGroup not allowed in <Directory> context"
just remembered. there was similar problem with parameters that stuck.
check options.conf owner/permissions/attributes.
try set all variables with ./build set
like php1 release fast-cgi than change it to php-fpm to see if it remembers previous state and switched to new one,
same with mod_ruid2
run build clean and build remove items
for some reasons on one my server it didn't look in options.conf till i tell DA from build set different values, also try set webserver
just remembered. there was similar problem with parameters that stuck.
check options.conf owner/permissions/attributes.
try set all variables with ./build set
like php1 release fast-cgi than change it to php-fpm to see if it remembers previous state and switched to new one,
same with mod_ruid2
run build clean and build remove items
for some reasons on one my server it didn't look in options.conf till i tell DA from build set different values, also try set webserver
I have answer from Roman DA:
Code:
It seems the problem was related to missed "patch" command:
[root@s1 ~]# head -50 /var/log/directadmin/custombuild.1698322955.655971.YXBhY2hlAA.log
download_with_cache: using cached '/usr/local/directadmin/custombuild/cache/httpd-2.4.58.tar.gz' file
download_with_cache: using cached '/usr/local/directadmin/custombuild/cache/apr-1.7.4.tar.gz' file
download_with_cache: using cached '/usr/local/directadmin/custombuild/cache/apr-util-1.6.3.tar.gz' file
Backing up certificate and key, and turning off httpd for DirectAdmins's check.
Extracting httpd-2.4.58.tar.gz...
Extracting apr-1.7.4.tar.gz...
Extracting apr-util-1.6.3.tar.gz...
Patching apache for hardened symlinks patch...
/proc/self/fd/3: line 11367: patch: command not found
Patching srclib/apr-util/dbm/sdbm/sdbm_private.h...
/proc/self/fd/3: line 11376: patch: command not found
Patching apache to suexec safedir path...
/proc/self/fd/3: line 11379: patch: command not found
Patching suexec for per-user process grouping
/proc/self/fd/3: line 11387: patch: command not found
Patching apache to allow SuexecUserGroup in Directory context...
/proc/self/fd/3: line 11390: patch: command not found
increasing FD_SETSIZE ..
So, it seems the installation of "patch" package solves the issue.