summaryrefslogtreecommitdiff
path: root/network/suphp/README.SLACKWARE
blob: b3aaa7451bc1fa72783e84418ea93bc6455933fc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
suphp README.SLACKWARE 

This version was compiled to look for its config file in /etc/httpd
rather then just /etc as 'httpd' looks there aswell.

To enable this make sure to disable mod_php first, then (after editing
as needed for your site) add to /etc/httpd/httpd.conf:
 
  Include /etc/httpd/mod_suphp.conf

Unlike suEXEC, suPHP tries to fix variables like $_SERVER['SCRIPT_NAME']

Apache php_* directives in .htaccess files will only work if you install
the 'htscanner' PHP extension (available from SBo also).  However, not
every setting will work that way; using a php.ini per vhost is another
option available, configurable in /etc/http/mod_suphp.conf

Upon each connection getpwnam() and similar user-db functions are run,
which may hinder performance on systems with many accounts (or that use
some kind of external db system) in which case running 'nscd' may help:
http://groups.google.nl/group/alt.os.linux.slackware/msg/7032b8ec0e2b11b3

To use different php versions 'per vhost' see:
http://www.howtoforge.com/apache2_suphp_php4_php5

==

Note on capabilities: FCAPS=true

Which, if set, will install the wrapper non-setuid. For this to work
however filesystem support must be available (ext3 has this support).
Your backup tool might ignore, or not know about, extended attribs...

Besides the 'apache' user must be able to write to its logfile, e.g.
drwxrwxr-x 2 root apache 4096 2009-04-05 00:29 /var/log/httpd
-rw-rw-r-- 1 root apache 2212 2009-04-05 13:45 /var/log/httpd/suphp_log
Which might have some consequence in logrotate configuration too.

In case Apache is chrooted (for instance with mod_chroot available from
SBo as well), breaking out should be much harder if installed this way, as
ptrace, chroot, etc will be unavailable to get via suphp within the jail.