I'm the maintainer of the www/suphp port for FreeBSD. You've asked a lot of questions (and in quite a rambling manner), so I'll do my best to answer them one at a time.
1) It's obvious from your use of the mod_ssl patch that you're using Apache 1.3.x. That's important to know, because suPHP behaves differently on Apache 1.3.x than it does on 2.x. 2) The reason suPHP worked for you the first time was because, by default, the www/suphp port compiles suPHP in "owner" mode. This mode causes suPHP to setuid() and setgid() to the user/group of the PHP script itself. 3) The error you receive "Invalid command suPHP_UserGroup" is because you're using Apache 1.3.x. That Apache configuration directive is not available on Apache 1.3.x. That's documented in the suPHP docs here (look at the --with-setid-mode configuration flag): http://www.suphp.org/Documentation-Installation.en.html The huge warning you got (re: "!!!!!!!!!!!!!!" and so on) tells you this -- you can't use suPHP_UserGroup with Apache 1.3.x. You should really spend some time looking at the official suPHP documentation here: http://www.suphp.org/Documentation.en.html 4) There is plenty of documentation installed with the port: it's all the documentation that comes with suPHP! You should have done pkg_info -L suphp-0.5.2_2 and looked at the documentation files listed there (they get installed in /usr/local/share/doc/suphp by default). 5) The www/suphp port is for suPHP 0.5.2 -- it has not been upgraded to the 0.6.x series because of numerous reports on the mailing list of problems (all of those problems have been fixed in the latest 0.6.x release, and I'm in the process of verifying that the 0.6.x port will work OK on FreeBSD). The 0.5.x series does not use a configuration file. All of the configuration is done during compile-time. You can look at www/suphp/Makefile to get a list of things you can tweak/adjust, or do "cd www/suphp && make show-options". 6) The www/suphp port _does not_ make log files. The suphp module itself makes the logfiles -- and only when the interpreter is run. So, if you have an Apache configuration that doesn't work (as proven in Item #3 above), then the logfile will never get created. It's not the job of the port to make/delete log files. 7) To use the suPHP_UserGroup directive, you will need to upgrade to Apache 2.x (I recommend the 2.2 series). Another advantage is that Apache 2.x comes with SSL built-in; there is no need to use mod_ssl patches. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | On Wed, Oct 24, 2007 at 06:59:09PM +0400, Unprivileged user wrote: > I have apache+mod_ssl-1.3.37+2.8.28 already installed from ports. Then I > install php and suphp (all from ports). Then I read several saples in > Internet and configuring suphp. I don't know how, but it's worked. From /var/ > log/suphp.log: > [Thu Sep 20 19:02:44 2007] [info] Executing /usr/local/www/data.xek2.aga/ > index.php as user xek2 (1007), group xek2 (1007) > Wonderful. But I have some experiment with chroot and I several times > reinstall all without any backup of config files. > Now it's tell me something like: > Invalid command suPHP_UserGroup, perharps mis-spelled or defined by a module > not included in the server configuration. (from command line on /usr/local/ > etc/rc.d/apache.sh start/restart) > > I am install suphp from ports absolutely exactly. There are too few > documentation with port (no any description of config files, options, logs > file.. etc) and on site. Version of suphp from /usr/ports/www/suphp/ is > 0.5.2_2. I see and read about that: > configure: WARNING: > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > !!*** The suPHP module for Apache 1.3 only works with ***!! > !!*** set-ID mode "owner", other modes are only supported ***!! > !!*** by the Apache 2.x module ***!! > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > Also, I several time reinstall it, but /var/log/suphp.log is not create any > more. > > So.. How it's possible??? I can't remember how I do it. Maybe it's possible > do make --with.. and activate several option?? I need suPHP_UserGroup. How I > can activate it on Apache 1.3.* (+mod_ssl)?? > > > _______________________________________________ > suPHP mailing list > [email protected] > http://lists.marsching.biz/mailman/listinfo/suphp _______________________________________________ suPHP mailing list [email protected] http://lists.marsching.biz/mailman/listinfo/suphp
