[HOWTO] mod_ruid2

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
Sounds like a very nice option, but reading a little bit it looks like it could be insecure to run a default centos kernel with this? What are the real risks involved?
What have you seen that makes you think it could be insecure to use it with a default CentOS kernel? What have you read?

Jeff
 

cyberneticos

Verified User
Joined
Aug 21, 2005
Messages
689
Location
Spain
Got it from the readme once you download the mod:

-there are some security issues, for instance if attacker successfully exploits the httpd process, he can set effective capabilities and setuid to root. i recommend to use some security patch in kernel (grsec),
or something..


That's kinda scary, but it might be becuase I?m no expert and maybe this is normal or expected.
 

jml75

New member
Joined
Dec 19, 2010
Messages
1
Compatible with mod_php and mod_vhost_alias

Hi guys,

I just heard of mod_ruid2 and I find it very interesting but there isn't much information about it out there.

So do you know if mod_ruid2 is compatible with mod_php and with mod_vhost_alias?

Also hav you ever played with RDocumentChrRoot?

Thanx!
 

pppplus

Verified User
Joined
Dec 19, 2008
Messages
518
Hi,

I try to install mod_ruid2, but stop. Sites are unavailables, I've message : Forbidden when I want to access to them.

I stop just after :
Code:
/etc/init.d/httpd restart
So I do not modify permissions on files.
I prefer to stop, because after changing permissions, it's difficult to come back with previous permissions.

I've an error when I run /usr/local/directadmin/dataskq d800 :
Code:
MimeTypes::readFile(): Unable to open /usr/local/directadmin/data/users/admin/domains/5go.fr.handlers for reading
for each domains

I think about another problem :
I have some files in cgi folder with permissions 755, but these files are not .cgi or .pl. (they have no extension).
So how to modify script, to not touch files with 755 permissions ?
This script :
Code:
cd /usr/local/directadmin/scripts && ./set_permissions.sh user_homes
find /home/*/domains/*/public_html -type d -print0 | xargs -0 chmod 711
find /home/*/domains/*/public_html -type f -print0 | xargs -0 chmod 644
find /home/*/domains/*/public_html -type f -name '*.cgi*' -exec chmod 755 {} \;
find /home/*/domains/*/public_html -type f -name '*.pl*' -exec chmod 755 {} \;
find /home/*/domains/*/public_html -type f -name '*.pm*' -exec chmod 755 {} \;
cd /usr/local/directadmin/data/users && for i in `ls`; do { chown -R $i:$i /home/$i/domains/*/public_html;}; done;
Thanks for your help
 

massive

Verified User
Joined
Feb 16, 2006
Messages
305
I just installed mod_ruid2 on a new vps and i am trying to install joomla and i a getting the following error :

configuration.php not Writable
 

massive

Verified User
Joined
Feb 16, 2006
Messages
305
Thanks Andrea.
Problem solved. Wrong permissions in the parent folder.
 

massive

Verified User
Joined
Feb 16, 2006
Messages
305
mpm_worker_module with mod_ruid2

Does anybode has experience with mod_ruid2 and mpm_worker_module
working together?
 

defomaz

Verified User
Joined
Jun 26, 2008
Messages
133
just report
i've used mod_ruid + eaccelerrator then get trouble about user quota
user usage status on directadmin/repquota 4x bigger and not same with current user usage on his own directory /home/user/

after investigate, finnaly i found that eaccelerator cache file is also owned by user not root
so when Directadmin counting quota, eaccelerator cache also counted.

i still search solution, how to force eacellerator cache as root

thanks
 
Last edited:

snk

Verified User
Joined
Dec 19, 2007
Messages
102
I think there is nothing wrong, this is user's files so it will be counted.
ea cache will be owner by root if you will run php from root, but this is wrong way.

Try to store ea cache to partition that not have quote
 

zaja

Verified User
Joined
Nov 20, 2010
Messages
5
How to upgrade

Does anybody know how to upgrade mod_ruid2 from 0.9.1 to 0.9.3?
 

defomaz

Verified User
Joined
Jun 26, 2008
Messages
133
Hallow, have you know or use cloudlinux(www.cloudlinux.com )?
now cloudlinux support mod_ruid2, it's seem i'm the first who use cloudlinux with mod_ruid2
after submit ticket request not more than 1 week mod_ruid2 added in cloudlinux modhostinglimit
 
Last edited:

ViAdCk

Verified User
Joined
Feb 14, 2005
Messages
269
I have activated mod_ruid2 on one server and a user is having problems with his cgi scripts. This is in the domain error log:

(13)Permission denied: exec of '/home/user/domains/domain.com/public_html/cgi-bin/count/tc.cgi' failed, referer: http://www.domain.com/
Premature end of script headers: tc.cgi, referer: http://www.domain.com/

The cgi-bin folder has 711 permissions and the cgi script 755 permissions.

Any thoughts?
 

daveyw

Verified User
Joined
Jan 5, 2008
Messages
702
Location
/dev/null
(13)Permission denied: exec of '/home/user/domains/domain.com/public_html/cgi-bin/count/tc.cgi' failed, referer: http://www.domain.com/
Premature end of script headers: tc.cgi, referer: http://www.domain.com/
Before we can say whats the problem we would like to see what the first 5 lines are.

Having you this problem since you are using mod_ruid2 or not?
I can also remember something about
chmod 711 /usr/sbin/suexec
and then restart HTTPd.
 
Top