From owner-freebsd-questions@FreeBSD.ORG Thu Apr 29 06:56:57 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 289F816A4CE for ; Thu, 29 Apr 2004 06:56:57 -0700 (PDT) Received: from dyer.circlesquared.com (host217-45-219-83.in-addr.btopenworld.com [217.45.219.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2EB7D43D2D for ; Thu, 29 Apr 2004 06:56:52 -0700 (PDT) (envelope-from peter@circlesquared.com) Received: from circlesquared.com (localhost.petanna.net [127.0.0.1]) i3TDvg6U004595; Thu, 29 Apr 2004 14:57:43 +0100 (BST) (envelope-from peter@circlesquared.com) Message-ID: <409109D6.2090504@circlesquared.com> Date: Thu, 29 Apr 2004 14:57:42 +0100 From: Peter Risdon User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7b) Gecko/20040327 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Mikkel Christensen References: <200404262126.36157.mikkel@talkactive.net> <4090B0B2.70704@circlesquared.com> <200404291041.00879.mikkel@talkactive.net> <200404291058.44766.mikkel@talkactive.net> In-Reply-To: <200404291058.44766.mikkel@talkactive.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: Suexec with Apache 1.3.29 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2004 13:56:57 -0000 Mikkel Christensen wrote: >On Thursday 29 April 2004 07:37, you wrote: > > >>... >> >>If you want to enable the suEXEC mechanism for the first time and an >>Apache server is already running you must kill and restart Apache. >>Restarting it with a simple HUP or USR1 signal will not be enough. >> >>... >> >> >Now i tried killing apache using "killall -9 httpd" and the start it again with "apachectl start". >Now for the first time "[notice] suEXEC mechanism enabled (wrapper: //path/to/suexec/)" is printet to the error log. > >But this leads to another problem. When executing the hellow-world script under another username execution is refused. >The error "Premature end of script headers:" is printed to the error-log. >This error doen't show if I run the script as the www-user. >Do you have any idea of what is wrong? > > That sounds promising, suexec is now functioning. Although it's annoyingly vague, that's a common error from perl cgi scripts. It sounds permissions-related. Try running the script on the command line as the user you want the apache host to run as, and see whether it gives a more meaningful error. My first thought is that the suexec user doesn't have execute permissions on the script, or on the directory that contains it. PWR.