What an Enormous, Unbelievable Mess

Posted on by

I’ve been trying to config our Apache server today.

These are the requirements:

  • We want PHP version 5.
  • All users accounts are separated through virtual hosts.
  • PHP should be run with the same user rights as the user, this means either CGI or FastCGI with suexec; because when frameworks create files in the home directory, they should be owned by the user, not by apache.
  • PHP should be locked down with open_basedir, and session storage should be in the user’s own home directory.

What an enormous, unbelievable mess this has been to set up. We’re also doing this with CentOS 5.1.

suexec is a bitch to set up, but, in the end, it works.

There is practically no documentation on FastCGI and how it works. There is a ton of user-submitted scripts, all of which are crazy in one way or other, and don’t seem to work on my box.

Many of these methods seem to rely on patches, and I want to maintain my yum compatibility.

The most difficult thing was to make PHP default to different values for each user account, and in the end, I had to make a cgi-bin/php5 file, setting PHPRC to the user’s home directory, and build a small shell-script that copies /etc/php.ini, tacks on a few custom settings at the end, and puts that where the cgi-bin php script can find it.

Unbelievable. But, the good news is, with a plain vanilla suexec + php-cgi setup, it now works.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>