The default suexec AP_DOC_ROOT path that is provided by rpm repositories are set to /var/www , while virtualmin uses /home/ as its docroot folder. So one needs to use the custom build httpd package provided by virtualmin which is kind of outdated, OR compile apache by themselves and correct the docroot path.
I use httpd24u package provided by IUS-repo which is up-to-date and the followings are the gist I use to recompile this package and set its suexec docroot to /home:
# Install dependencies
yum install mock brotli-devel systemd-devel xmlto rpm-build epel-rpm-macros yum-utils -y
yum group install "Development Tools" -y
useradd -s /sbin/nologin mockbuild
useradd rpm
su rpm
cd ~
# Get source
yumdownloader --source httpd24u
yum-builddep httpd24u
# Centos 8 source
# dnf download --source httpd
#wget http://vault.centos.org/8.2.2004/AppStream/Source/SPackages/httpd-2.4.37-21.module_el8.2.0+382+15b0afa8.src.rpm
rpm2cpio httpd*.src.rpm | cpio -civ '*.spec'
rpm -i httpd*.src.rpm
sed -i httpd*.spec -e "s,--with-suexec-docroot=%{docroot},--with-suexec-docroot=/home,"
rpmbuild -bb httpd*.spec
# extract suexec from our rebuilt rpm
mkdir ./usr/sbin/
rpm2cpio ./rpmbuild/RPMS/x86_64/httpd24u*.rpm | cpio -civ './usr/sbin/suexec'
# run as root:
cp ./usr/sbin/suexec /usr/sbin/suexec
chown root.apache /usr/sbin/suexec
chmod u+s /usr/sbin/suexec
ls -l /usr/sbin/suexec
chattr +ia /usr/sbin/suexec
Subscribe to:
Post Comments (Atom)
-
This post shows how to configure a mail proxy server to connect clients in an intranet to an external mail server. I will use SSL offloading... -
An updated version of this post is available here . I use this tutorial to setup RemoSIM.com product for customers. RasPBX – Asterisk for ... -
I use this tutorial to setup RemoSIM.com product for customers. To do: - Add instructions for enabling fail2ban for asterisk - Fix the fre...
No comments:
Post a Comment