On Fri, Aug 24, 2007 at 10:37:22AM -0700, Matthew W Marcus wrote: > I recently installed suPHP onto my VPS. I've had a few issues after doing > this, one dealing w/ the shared SSL certificate used by my clients. > > Before installing suPHP, the user's could access secure pages by visiting a > URL such as the following: > > https://SERVER_NAME/~USERNAME/FILE > > However, that is no longer working. This process now generates a 500 - > Server Configuration Error message. Upon further research, I discovered that > this is happening because the user ID attempting to access the file is not > the same as the owner of that file. Messages such as the following are being > generated in the suPHP.log file: > > [DATE] [warn] Mismatch between target UID (32010) and UID (32015) of file > "/home/<USERNAME>/public_html/index.php" > > So, my question is how can I allow my clients to continue to use a shared SSL > certificate? Is there a way to allow a particular user full access to all > files?
First, this issue doesn't have anything to do with SSL certificates; I'm not sure why you think that. It may have to do with VirtualHosts, however. But HTTP vs. HTTPS plays no role. The error you're getting means that the index.php file is owned by UID 32015, but your suphp configuration in Apache believes the only UID permitted to run PHP scripts is 32010. How did you configure suphp? Did you use --with-setid-mode=owner, force, or paranoid? It sounds as if you configured it using --with-setid-mode=paranoid. It sounds as if you don't want to use paranoid or force. It sounds as if you want --with-setid-mode=owner, where PHP scripts run as the uid/gid of the PHP file itself. If you use owner mode, you should remove all suPHP_UserGroup directives from your Apache configuration, because they won't be valid. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | _______________________________________________ suPHP mailing list suPHP@lists.marsching.biz http://lists.marsching.biz/mailman/listinfo/suphp
