You could run a cron to “chown -R username:group /home/username/*” every hour or so, but this is what SUExec is supposed to do for you… Perhaps SUExec isn’t working.
PHP run as an apache modules gets the user that apache runs under which is usually “nobody” or “apache” (Iworx setup). I think the only way around this is to run PHP as a CGI module (or fastCGI) using suexec to give it the correct username. I know this has increased security benefits, but there are also some advantages to doing it as a module (which I can’t remember at the moment).
But even better is if there are any good C programmers reading this is to go startup development on the MPMperChild apache modules which forks off a different child for each apache virtual host and apache runs as that vhost user account and therefore so would PHP in the Iworx setup.
suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
And I’ve just noticed there is a suPHP SRPM in the IWorx experimental repo - can someone install it any tell me if it works?
We have a few hosting clients using it and it has been stable for months but I don’t claim to be an expert with it yet so please test/try/comment BUT it’s unsupported/experimental so be careful.
So this can be installed but if you dont update the Vhost file those sites will still work as user apache correct? So that you can slowly move sites over (or not at all) to suPHP.
So this can be installed but if you dont update the Vhost file those sites will still work as user apache correct? So that you can slowly move sites over (or not at all) to suPHP.
Yes, all works as “normal” unless you input the shPHP directives.
Let’s say a year has past since last post on this tread. Several clients of me are running Joomla and confront me with the same issue. “Sir have uploaded something using php en now can’t acces it with my normal FTP-account! Can you help me?”
My solution is that I chown to correct GID but is not my hobby to do so everytime.
Has suPhp become proven technologie yet? Any changes on procedure mentioned above? Any other solutions available?
Let’s say a year has past since last post on this tread. Several clients of me are running Joomla and confront me with the same issue. “Sir have uploaded something using php en now can’t acces it with my normal FTP-account! Can you help me?”
My solution is that I chown to correct GID but is not my hobby to do so everytime.
Has suPhp become proven technologie yet? Any changes on procedure mentioned above? Any other solutions available?
Gtz[/QUOTE]
If you don’t want to install suPHP (which will run PHP as a CGI and without fastcgi will so be less faster than a php module) You can create a cron job which will set the good owner to the files in a directory
for example
*/5 * * * * chown -R user.user /home/user/public_html/directory/
We personally use suPHP to allow our clients to run PHP4 and PHP5 on the same account
But for our clients that use Joomla only and don’t need PHP5 we just create a cron jobs that set the good owner like I said.