Differences

This shows you the differences between two versions of the page.


apache_worker_mpm_php_cgi_suexec_setup [2015/06/01 21:41] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Apache Worker MPM PHP CGI Suexec Setup ======
  
 +Components to an Apache + SuExec + FCGI + PHP setup:
 +
 +First, need some variables to stay the same throughout the setup.
 +
 +User Apache runs as: daemon
 +User CGI programs run as: steve
 +Parent directory location of CGI binaries, web documents
 +
 +1. Apache must be configured with specific SuExec command line arguments.
 +
 +For an OS X user development system, these would be passed to Apache's configure script:
 +
 +<code>
 +        --enable-suexec \
 +        --with-suexec-docroot=/var/www \
 +        --with-suexec-bin=/usr/local/steve/apache2/bin/suexec \
 +        --with-suexec-caller=daemon \
 +        --with-suexec-uidmin=500 \
 +        --with-suexec-logfile=/usr/local/steve/apache2/logs/suexec_log \
 +        --with-suexec-gidmin=20 \
 +        --with-suexec-userdir=Sites \
 +</code>
 +
 +2. Build mod_fcgid against Apache
 +
 +<code>
 +./configure-apxs && make && make install
 +</code>
 +
 +make install should edit httpd.conf so that it loads the module, but if not, add it in there:
 +
 +<code>
 +LoadModule fcgid_module modules/mod_fcgid.so
 +</code>
 +
 +3. Build PHP as normal, install as a CGI binary
 +
 +4. Create a PHP-wrapper script.  Because of how SuExec works, both the script and the directory must be owned by this user.
 +
 +<code>
 +# mkdir /private/var/www/fcgi-bin/
 +# chown -R steve:
 +</code>
 +
 +http://nx.beandog.org/php/php-wrapper
 +
 +5. Add parts to Apache configuration
 +
 +load fcgid module globally (httpd.conf):
 +
 +<code>
 +LoadModule fcgid_module modules/mod_fcgid.so
 +</code>
 +
 +Setup the fcgi-bin directory to contain handlers and allow executable CGI files (httpd.conf):
 +
 +<code>
 +<Directory /private/var/www/fcgi-bin/>
 +        SetHandler fcgid-script
 +        Options +ExecCGI
 +        Order allow,deny
 +        Allow from all
 +</Directory>
 +</code>
 +
 +Setup PHP handler extension globally (httpd.conf):
 +
 +<code>
 +AddHandler fcgid-script .php
 +FcgidWrapper /private/var/www/fcgi-bin/php-wrapper .php
 +</code>
 +
 +Turn on SuExec globally (httpd.conf):
 +
 +<code>
 +SuexecUserGroup steve staff
 +</code>
 +
 +Add a VirtualHost directive that is under the compiled docroot for SuExec:
 +
 +<code>
 +<VirtualHost *:80>
 +        ServerName qa.steve.beandog.org
 +        DocumentRoot "/Users/steve/Sites/qa"
 +</VirtualHost>
 +</code>

Navigation
QR Code
QR Code apache_worker_mpm_php_cgi_suexec_setup (generated for current page)