Hello,
When users do an uplaod of files from php script the owner/group of those files are apache-apache and not the siteworx users/gid account.
It’s true for example with phpBB froum when users upload their avatars.
Is there a way to have these uploads file set to the owner of the siteworx account rather than apache ?
The problem is that these siteworx users can^t see these files are they are not the owner.
Pascal
I have this problem too…
You could run a cron to “chown -R username:group /home/username/*” every hour or so, but this is what SUExec is supposed to do for you… Perhaps SUExec isn’t working.
Yes, it’s what we do, but…
SuEXEC is only for CGI programms not for php ones
Thanks
Pascal
Ahh. Perhaps you could use PHPSUExec (I think that’s its name…)
Another option would be to make the directories which house the avatar files and any other uploaded files chmod -R 666 so the owner doesn’t matter.
PHP run as an apache modules gets the user that apache runs under which is usually “nobody” or “apache” (Iworx setup). I think the only way around this is to run PHP as a CGI module (or fastCGI) using suexec to give it the correct username. I know this has increased security benefits, but there are also some advantages to doing it as a module (which I can’t remember at the moment).
But even better is if there are any good C programmers reading this is to go startup development on the MPMperChild apache modules which forks off a different child for each apache virtual host and apache runs as that vhost user account and therefore so would PHP in the Iworx setup.
ha ha ha
It’s recall me an other thread a long long time ago ;).
And sometime I check the MPM PercHild page, but still at the same level :\
suPHP seems to be a good option indeed
Pascal
If and when you get it working, can you post a tutorial on how to install it? 
Is suPHP just running apache as a CGI intead of as a module (which i think is default Iworx setup)?
From suphp.org:
suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
And I’ve just noticed there is a suPHP SRPM in the IWorx experimental repo - can someone install it any tell me if it works?
It works :).
I read through this quickly but I will say that suPHP is nice and it allows you to chmod PHP scripts 600 and keep “normal” ownership.
To get the suPHP SRPM installed just do this:
rpmbuild --rebuild --with rhe4x http://updates.interworx.com/iworx/SRPMS/experimental/suphp-0.6.0-100.iworx.src.rpm
rhe4x = CentOS 4.X or RHEL 4.x
The rpm -Uvh the RPM in /usr/src/redhat/RPMS/i386
Restart Apache.
In the .conf file in /etc/httpd/conf.d you need to add this to the vhost block to make suPHP work:
AddType application/x-httpd-php .php
AddHandler x-httpd-php .php
suPHP_Engine on
suPHP_UserGroup <username> <username>
suPHP_ConfigPath /home/<username>/<domain.com>
php_admin_flag engine off
and also you’ll need to add the suPHP_AddHandler directive between the Directory tags, like so:
<Directory /home/username/domain.com/html>
suPHP_AddHandler x-httpd-php .php
AllowOverride AuthConfig FileInfo Options Limit Indexes
Options +ExecCGI
</Directory>
We have a few hosting clients using it and it has been stable for months but I don’t claim to be an expert with it yet so please test/try/comment BUT it’s unsupported/experimental so be careful.
Chris
Thanks Chris 
I’ll try it out and let you know if I have any problems.
So this can be installed but if you dont update the Vhost file those sites will still work as user apache correct? So that you can slowly move sites over (or not at all) to suPHP.
So this can be installed but if you dont update the Vhost file those sites will still work as user apache correct? So that you can slowly move sites over (or not at all) to suPHP.
Yes, all works as “normal” unless you input the shPHP directives.
Chris
Does this module also work with PHP 5?
Yep
Chris
Thanks Chris 
So how do I fix this on my site?
Hi folks,
Let’s say a year has past since last post on this tread. Several clients of me are running Joomla and confront me with the same issue. “Sir have uploaded something using php en now can’t acces it with my normal FTP-account! Can you help me?”
My solution is that I chown to correct GID but is not my hobby to do so everytime.
Has suPhp become proven technologie yet? Any changes on procedure mentioned above? Any other solutions available?
Gtz
[QUOTE=Colly-K;12139]Hi folks,
Let’s say a year has past since last post on this tread. Several clients of me are running Joomla and confront me with the same issue. “Sir have uploaded something using php en now can’t acces it with my normal FTP-account! Can you help me?”
My solution is that I chown to correct GID but is not my hobby to do so everytime.
Has suPhp become proven technologie yet? Any changes on procedure mentioned above? Any other solutions available?
Gtz[/QUOTE]
If you don’t want to install suPHP (which will run PHP as a CGI and without fastcgi will so be less faster than a php module) You can create a cron job which will set the good owner to the files in a directory
for example
*/5 * * * * chown -R user.user /home/user/public_html/directory/
We personally use suPHP to allow our clients to run PHP4 and PHP5 on the same account
But for our clients that use Joomla only and don’t need PHP5 we just create a cron jobs that set the good owner like I said.
ps: suPHP works well and is really good
Pascal