[HOWTO] mod_ruid2

thomasdk81

Verified User
Joined
Oct 3, 2010
Messages
56
Location
Denmark
I just installed mod_ruid2 using this How to.

The sessions which where stored in /tmp made errors because of the now wrong ownership (I guess)
removing all sess_* files in /tmp resolved the issue.

Exim stopped recieving mails and this resolved it:
http://help.directadmin.com/item.php?id=245

I see some httpd owned by the users when I use
Code:
top
But the ones that are using cpu% are owned by apache.

Code:
 6045 apache    20   0  199m  54m 4912 S 25.6  0.9   1:14.40 httpd
 8868 apache    20   0  202m  57m 4912 S 18.3  1.0   1:05.12 httpd
10400 apache    20   0  197m  52m 5496 S 14.0  0.9   0:26.75 httpd
10401 apache    20   0  198m  53m 5572 S 11.3  0.9   1:18.23 httpd
 5661 apache    20   0  198m  54m 5308 S 10.6  0.9   1:26.22 httpd
10572 apache    20   0  196m  51m 4660 S  9.6  0.9   0:20.64 httpd
 5861 apache    20   0  199m  54m 4880 S  9.0  0.9   1:16.68 httpd
Is everything running as it should?
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,792
Location
A Coruña, Spain
i dont get how exim should stop on mod_ruid edit, maybe there was something related to exim in tmp folder...

Btw:

1. i suggest you to use htop ;)
2. you should see some process hadled by single username (had you restarted apache? Any error?
3. check yor /etc/httpd/conf/httpd.conf for the mod_ruid related line
4. had you changed the httpd template and rewrite all of them for existing user?
5. no more ideas... :)

Regards
 

thomasdk81

Verified User
Joined
Oct 3, 2010
Messages
56
Location
Denmark
1: htop is not installed on my Centos box
2: I see some and I restarted apache with no errors
3: I did the check as per the how to
4: I have followed the how to and didn't get any errors. If I see some process handled by the users mod_ruid2 is working right?

I copied the templates to a folder called custom and edited the originals. Wasn't that the point?

Thanks for the quick reply :)
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,792
Location
A Coruña, Spain
no, the point is copy the original to custom directory and edit the one in custom :)

Directadmin re-create the httpd confs checking first custom, and, if custom doesnt exist will take the original.

About htop, was just suggesting to use that, at my opinion, work much better.

Regards
 

thomasdk81

Verified User
Joined
Oct 3, 2010
Messages
56
Location
Denmark
I edited the files in the custom folder and did the how to again from that part.
I installed htop and it looks great :)

Code:
  1  [|||||||||||||||||||                                                          21.8%]     Tasks: 129 total, 1 running
  2  [||                                                                            1.0%]     Load average: 0.31 0.33 0.35 
  3  [                                                                              0.0%]     Uptime: 8 days, 06:50:01
  4  [                                                                              0.0%]
  5  [|||                                                                           1.9%]
  6  [|                                                                             0.1%]
  7  [                                                                              0.0%]
  8  [                                                                              0.0%]
  9  [                                                                              0.0%]
  10 [                                                                              0.0%]
  11 [                                                                              0.0%]
  12 [                                                                              0.0%]
  Mem[|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||1601/5952MB]
  Swp[|||||                                                                   163/3071MB]

  PID USER     PRI  NI  VIRT   RES   SHR S CPU% MEM%   TIME+  Command                                                                                                                    
14004 apache    20   0  197M 52992  4440 S  0.0  0.9  0:03.91 /usr/sbin/httpd -k start -DSSL
13998 apache    20   0  143M 53684  4532 S  0.0  0.9  0:05.02 /usr/sbin/httpd -k start -DSSL
14002 apache    20   0  144M 54428  4568 S  0.0  0.9  0:03.98 /usr/sbin/httpd -k start -DSSL
15011 mysql     20   0  864M  125M  3648 S  0.0  2.1  3:30.00 /usr/sbin/mysqld --basedir=/ --datadir=/var/lib/mysql --user=mysql --log-error=/var/lib/mysql/server5.infoland.dk.err --pid
13990 apache    20   0  146M 56268  4588 S  0.0  0.9  0:04.16 /usr/sbin/httpd -k start -DSSL
13987 apache    20   0  148M 58356  4408 S  0.0  1.0  0:06.58 /usr/sbin/httpd -k start -DSSL
14005 apache    20   0  144M 53848  4352 S  6.0  0.9  0:04.29 /usr/sbin/httpd -k start -DSSL
13986 apache    20   0  140M 50648  4632 S  2.0  0.8  0:04.95 /usr/sbin/httpd -k start -DSSL
14006 apache    20   0  143M 53664  4388 S  0.0  0.9  0:05.19 /usr/sbin/httpd -k start -DSSL
13994 arrild    20   0  142M 52624  4400 S  0.0  0.9  0:04.00 /usr/sbin/httpd -k start -DSSL
arrild is one of my users
 
Last edited:

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,075
Location
GMT +7.00
Check with a PHP script:

<?php
system("id");
?>

Save it in public_html and trigger it with your browser.
 

ViAdCk

Verified User
Joined
Feb 14, 2005
Messages
270
Here I am again with a question regarding mod_ruid2 ;)

I am also using mod_security and am seeing these lines in the error logs of various domains:

ModSecurity: Failed to access DBM file "/tmp/global": Permission denied
ModSecurity: Failed to access DBM file "/tmp/ip": Permission denied

Those files exist in /tmp but have root ownership. Does anyone know how to solve this issue?

Thanks :)
 

Ramsy

Verified User
Joined
Dec 25, 2005
Messages
65
Location
London, UK
I seem to get 403 errors everywhere.
Things screwed up my permissions.
Any idea's on how to fix this?
 

pppplus

Verified User
Joined
Dec 19, 2008
Messages
518
Hi

Simple question, for experts in mod_ruid2 ...

I've already install it on some VPS, and all happens very good, I just have to delete all sessions just after installation.

Now, I had a problem in my main server. When I install mod_ruid2, all was stopped after I change template files.

So : is it possible, to install mod_ruid2, then modify only for one domain, or one user account ?

So I can check error, debugg and install it for all accounts when all is clear.
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,792
Location
A Coruña, Spain
yes, just edit the httpd.conf for that user (keep in mind that directadmin will overwrite it, dont remember the schedule, maybe on a new domain add).

the file to edit is /usr/local/directadmin/data/users/USERNAME/httpd.conf

Edit this httpd.conf isntead of the template, be sure to edit it correctly.

Regards
 

lowfour

New member
Joined
Apr 25, 2011
Messages
3
yes, just edit the httpd.conf for that user (keep in mind that directadmin will overwrite it, dont remember the schedule, maybe on a new domain add).

the file to edit is /usr/local/directadmin/data/users/USERNAME/httpd.conf

Edit this httpd.conf isntead of the template, be sure to edit it correctly.

Regards
First of all thank you for all your help and contributions to this thread. This is my first post.

I also tried to install mod_ruid2 in my debian 5 + directadmin vps and I followed all the tutorial. But all the permissions are wrong now for all the domains. I reverted the settings, deleted the custom .conf files and also checked the httpd.conf files for the problematic domains and seem to be as the original ones.

I get 403 for all the domains now and I don't really know where to follow or what to do.

I restarted httpd, and all seems as it should, but it doesn't. Any help to revert to the original settings?

Thank you in advance!
 

lowfour

New member
Joined
Apr 25, 2011
Messages
3
Ok!

I solved my issue now. I hadn't modified the right virtual_host2.conf files. I modified the ones inside the custom/ folder and now everything works.

But my interest is still there. How to disable a mod applied by apxs? Is there a way to revert to the original?

Thank you!
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,792
Location
A Coruña, Spain
Yes, just edit the http template, rewrite all httpd confs and comment the line in /etc/httpd/conf/httpd.conf where mod_ruid2 is loaded

This should be enough.

Regards
 
Top