New build system (BETA)

[smtalk]

Hi,
I upgraded my system frm apache 1.3.37 to apache 2.2.4 with new build script, any everything went fine, but when I added new user, after restarting apache I got an error:

[root@us2 public_html]# /etc/init.d/httpd start
Starting httpd: Syntax error on line 7 of /usr/local/directadmin/data/users/username/httpd.conf:
Port was replaced with Listen in Apache 2.0
[FAILED]
and when commented out port:

[root@us2 cewaporg]# /etc/init.d/httpd restart
Stopping httpd: [FAILED]
Starting httpd: Syntax error on line 23 of /usr/local/directadmin/data/users/username/httpd.conf:
User cannot occur within <VirtualHost> section
[FAILED]


I'll manually edit the new user config files, but how to prevent this happening again when adding new users?

Maybe your files aren't rewritten yet. Please post an output of:

cat /usr/local/directadmin/conf/directadmin.conf | grep apache_ver

 

[smtalk]

hm, still no php4 :/ premature ending of script blablabla :/

As I said - contact me via ICQ, MSN or Skype and I'll solve the problem. This error can occur when file (or directory) has chmod >755, file isn't owned by the user or file is corrupted.

 

[smtalk]

Hello,

I think I located the problem, the following symlink leads two directories too high:

da7 (87.204.147.157) /usr/local/directadmin/custombuild/configure/dovecot % ls
dovecot.conf
da7 (87.204.147.157) /usr/local/directadmin/custombuild/configure/dovecot % l
total 8,0K
drwxr-xr-x 2 root root 4,0K 2007-04-24 10:47 .
drwxr-xr-x 7 root root 4,0K 2007-04-01 01:45 ..
lrwxrwxrwx 1 root root 24 2007-04-24 10:47 dovecot.conf -> ../../../../dovecot.conf
da7 (87.204.147.157) /usr/local/directadmin/custombuild/configure/dovecot % cd ../../../..
da7 (87.204.147.157) /usr/local % ls
bin directadmin etc frontpage games include lib man mysql sbin share src suphp sysbk Zend


The symlink should be dovecot.conf -> ../../dovecot.conf, though frankly this seems as brittle solution to me, can't you just place the dovecot.conf in configure/dovecot folder?

Thank you for the report, it will be fixed soon.

 

[Marcin]

problems after conversion to dovecot

I get the following message while creating a user, which is rather irritating:

User da7 created

Details


Unix User created successfully

User's System Quotas set
User's data directory created successfully
Domains directory created successfully
Domains directory created successfully in user's home


A directory component in /var/spool/virtual/da7.promo.pl does not exist or is a dangling symbolic link



Error Creating Domain

User added to ssh config file.

 

[smtalk]

It's not a custombuild issue, you should write to support[at]directadmin.com.

 

[nzyme]

@smtalk:
but why does that only count for PHP4 :/
Problem is fixed now btw thanks for kicking me in de good direction as it turned the owner was root:root and should be apache:apache

But then again, why only php4 ? Cus php5 is default and php4 is handled differently with <you.tell.me> ?


Anyway, i can now run php4 and php5 time to test it more intensively

 

[smtalk]

Maybe your PHP5 is CLI or not chowned to root, because UID <100 isn't allowed to run.

 

[nzyme]

default_php=5
php4_cli=no
php4_cgi=yes
php5_cli=yes
php5_cgi=no
apache_ver=2.2
dovecot=no

so php5 is indeed cli

 

[Sc0uT]

Maybe your files aren't rewritten yet. Please post an output of:

cat /usr/local/directadmin/conf/directadmin.conf | grep apache_ver

I've checked this before, and it says:

[root@us2 conf]# cat /usr/local/directadmin/conf/directadmin.conf | grep apache_ver
apache_ver=2.0
[root@us2 conf]#

I just added a new user to test the system, but I again got an error:

[root@us2 conf]# /sbin/service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd: Syntax error on line 7 of /usr/local/directadmin/data/users/testing/httpd.conf:
Port was replaced with Listen in Apache 2.0
                                                           [FAILED]

Can't figure out what's wrong (and why is DA still using /usr/local/directadmin/data/templates/virtual_host.conf instead virtual_host2.conf )

System is a Virtuozzo VPS with CentOS 4.4 64bit and DirectAdmin 1.29.4

 

[jackc]

hi scout, you should restart directadmin and then rewrite all the httpd.conf, I think it's because you didn't restart directadmin after change apache_ver=2.0.
I got this same problem when I was testing, got it solved with:

service directadmin restart
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue

 

[Sc0uT]

hi scout, you should restart directadmin and then rewrite all the httpd.conf, I think it's because you didn't restart directadmin after change apache_ver=2.0.
I got this same problem when I was testing, got it solved with:

service directadmin restart
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue

DA restart solved the problem

Thanks jackc!

So, new build script works here too

 

[smtalk]

RC4 version of the custombuild script is stable enough, so I guess we will have 1.0.0 soon.

 

[jackc]

I'm still concerning why the httpd processes not running as the user's pid, I thought it's suppose to like running CGI script when I run PHP in CGI mode, is it because the suphp?

 

[LionRock]

I'm still concerning why the httpd processes not running as the user's pid, I thought it's suppose to like running CGI script when I run PHP in CGI mode, is it because the suphp?

Same here. Dunno why there are apache and httpd users but not the users thats hould be :/

 

[smtalk]

jackc and LionRock, as I said it's okay to see few processes of apache (you can see scripts running as apache user if they're owned by it). If you want to check on what user your files run - just create a new file via php script and see what is the owner of the file (firstly, make sure that the executed script isn't owned by apache).

 

[Marcin]

Same here. Dunno why there are apache and httpd users but not the users thats hould be :/

This may also happen because of complications of suexec. I have experimentally checked that in some cases and configurations of suexec a child httpd/php process can even RUN as a "someuser" but WRITE FILES to disk as "apache" for instance!

As someone wrote on slashdot, I would like to personally meet the guy who invented suexec and kick him in the ?????.

P.S. suphp only regards the php files, so I imagine that not even httpd process runs as a user, rather a child php process.

 

[jackc]

The file created via php script is owned by the user, but it is weird, I always want to see which user using high cpu resource but now top only shows them in apache uid, maybe I'll try on a production server when 1.0.0 is released.

 

[Maniak]

Martynas,

I had some time today, so I decided to give a try to the script. I noticed a little bug. To avoid the common bug :

[root@hedgehog custombuild]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: Syntax error on line 423 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf/extra/httpd-suphp.conf: API module structure `suphp_module' in file /usr/lib/apache/mod_suphp.so is garbled - perhaps this is not an Apache module DSO?
[FAILED]

you should, as soon as a user wants to compile suPHP delete the previous one, to avoid this mess. I have noticed with time that mod_suphp.so isn't overwritten all the time.

Thank you for this script.

 

[Maniak]

I would like to request two features. It is probably going to interest a lot of people and make the web a little bit safer.

1. I would like the system to be able to compile Suhosin as we use to setup it one most of our servers.

What is Suhosin ?
Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections.

Unlike our Hardening-Patch Suhosin is binary compatible to normal PHP installation, which means it is compatible to 3rd party binary extension like ZendOptimizer.

More information : http://www.hardened-php.net/suhosin.127.html

If you need help to implement it, just ask me.

2. To read a personal file such as "custom.sh"

This file can exist, but don't have to. It would be a script called just before to launch the massive compilation. This file would allow anybody of us (which will assume entire responsability) to run a script before to compile.

The goal of this file, is, for example to download an overwrite a configuration file before each compilation. Or to make some symlinks before to compile. I am sure this can be helpful to a lot of people. If the file does not exist, the system just don't care about.

Thank you !

 

[smtalk]

I would like to request a feature. It is probably going to interest a lot of people and make the web a little bit safer.

I would like the system to be able to compile Suhosin as we use to setup it one most of our servers.



More information : http://www.hardened-php.net/suhosin.127.html

If you need help to implement it, just ask me.

Thank you for the suggestion, I'll think about it, but I'm not going to implement it into 1.0.0, because it's feature frozen now. Maybe I'll implement it into 1.1 version of the custombuild script.