is there anyway to get cgi scripts to run in the public_html directory of a user? I tried using a .htaccess file with the following:


Options +ExecCGI
AddHandler cgi-script .cgi .pl .pm

but that didn't work. If I do that for any subdirectory, it works fine though. The only thing that seems wrong is the gid for "public_html"... which is apache.. I mention this because the suexec log is giving me a mismatch error:


target uid/gid (503/503) mismatch with directory (503/48) or program (503/503)


of course, changing that gid causes failure on the whole domain to view.

Is this because of mainly a security issue, or is there something else behind it?

Thanks
Linh

Works fine on our server.

Note our settings for public_html:

drwxr-xr-x 6 technolo technolo 4096 Mar 28 17:00 public_html/

Where "technolo" is the username for the user that owns the site.

Jeff

hrm... if i set that directory to the user of the site, apache pretty much fails for them.

However, this isn't much of any issue anymore, so for now I won't worry about it.

if you set the directory to user:user, you also have to set r-x for "other"; that's why I showed you the "drwxr-xr-x".

Jeff

Originally posted by jlasman
Works fine on our server.

Note our settings for public_html:

drwxr-xr-x 6 technolo technolo 4096 Mar 28 17:00 public_html/

Where "technolo" is the username for the user that owns the site.

Jeff
Do you have to set this up each time a new account is created or is there a setting in DA that allows you to do this by default?

What is the default setting anyway?

The default setting on the public_html as of DA 1.21.3 is:

user: username
group: apache
chmod: 750

For anyone who doesn't like that, I've posted a workaround script for all new domains that are created:

http://www.directadmin.com/forum/showthread.php?s=&threadid=3002

John

Thanks! Are you intending for the username/apache/750 set up to continue to be the default for the foreseeable future?

Yes, I think so, unless of course there is a consensus that it's not worth the trouble. I think the best way to get around suexec errors would be to tell suexec not to panic when the group is apache.. (patch and recompile).

John