So this is weird... In response to
I didn't see any info mod_suexec_custom, but suexec should not be running until long after the socket communication between httpd and cgid is over. What talks to cgid in this case that doesn't have a www-data userid?
I was going to tell you "Well, if I don't chown the server, the CGI invocation fails with
(13)Permission denied: [client 131.159.43.223:34136] AH01257: unable to connect to cgi daemon after multiple tries
but if I do it doesn't", and checked that on the server, and saw I had accidentally left two modules enabled left over from earlier experimentation (ruid2, fastcgi), so I disabled them and the error went away.
In trying to debug it further, I also disabled suexec just to see scripts being executed by the www-data user... but they aren't.
Here's apache2ctl -M:
me@box:~$ sudo apache2ctl -M Loaded Modules: core_module (static) so_module (static) watchdog_module (static) http_module (static) log_config_module (static) logio_module (static) version_module (static) unixd_module (static) access_compat_module (shared) actions_module (shared) alias_module (shared) auth_basic_module (shared) authn_core_module (shared) authn_file_module (shared) authz_core_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared) cgid_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) ext_filter_module (shared) filter_module (shared) mime_module (shared) mpm_prefork_module (shared) negotiation_module (shared) rewrite_module (shared) setenvif_module (shared) socache_shmcb_module (shared) ssl_module (shared) status_module (shared) userdir_module (shared)
I'm now entirely at a loss as to what's going on on my webserver. Does mod_userdir implicitly enable suexec? Did the Ubuntu maintainers screw up and compile it in with apache?
suexec.log is still logging suexec invocations
==> /var/log/apache2/suexec.log <== [2016-10-20 15:53:32]: uid: (31524/erlacher) gid: (20909/tumuser) cmd: foo-data-x.php
, but restarting apache brings brings up only
==> /var/log/apache2/error.log <== [Thu Oct 20 15:49:47.791148 2016] [mpm_prefork:notice] [pid 27800] AH00169: caught SIGTERM, shutting down [Thu Oct 20 15:49:47.989104 2016] [mpm_prefork:notice] [pid 27889] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations [Thu Oct 20 15:49:47.989320 2016] [core:notice] [pid 27889] AH00094: Command line: '/usr/sbin/apache2'
and not the suexec startup message:
[Thu Oct 20 15:26:40.809958 2016] [suexec:notice] [pid 26788] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)
Is my webserver haunted? Best, Luke --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
