0

I cannot find a working, modern configuration to resolve this. I'm using Debian 10 and installed Apache 2. I have dozens of users, so I enabled userdir. I do not want their code to run as www-data, so I enabled suexec, which works for Python or Perl (AddHandler cgi-script .pl .py is enough). But I cannot do this for PHP. Is therer a way to handle this with standard mod_php from Apache, suexec-like with userdir?

If no, I read that PHP FPM is a CGI server, which can be used by Apache by proxy module, which can proxy PHP to this CGI, but in the php-fpm.conf I only cat set single user for this.

Is there a way to run PHP web script as a user that owns the scritp, like suexec is doing, together with userdir?

Kamil
  • 1,311
  • 2
  • 14
  • 31
  • Take a look at mod_ruid2 – stoney Aug 20 '20 at 12:05
  • I did take a look, but the last commit was about 8 years ago, so it is kinda EOL; do not know about compatibility too with the newer Apache/modules; and I think you have to explicitely set a single user, it will not change process ownership to the file's owner. https://sourceforge.net/projects/mod-ruid/files/ – Kamil Aug 20 '20 at 12:11
  • `mod_ruid2` is on [github](https://github.com/mind04/mod-ruid2). Although 7 years old it still works and I know e.g. Ubuntu ships it. – stoney Aug 20 '20 at 12:27
  • Unfortunately Debian do not (I found bugs submitted, it was segfaulting). I think this shoud be doable without mod_ruid2, I do not have a lot of webservers knowledge, but this sound like a common problem, but info on the Internet is stale or does not cover userdir, PHP, etc. For example, I do not understand why suexec works for Perl and Python, but not for PHP? – Kamil Aug 20 '20 at 13:19

0 Answers0