0

I am stuck on this since fews days, I am using suPHP & Apache 2.4 on Centos 6 on VPS (OVH) since few years, then since sunday, the binary chmod is always restored to 0444 so it cannot execute and throws a 500. It works correctly when I set to it website user group with chmod 4750 OR 'nobody' group with chmod 4755, but chmod is always restored by some process after 1 or 2 hours or even 30min, I am lost !

I know suphp mod Apache needs a lot of requirement for working correctly, I think everything is ok as far as it runs well for few time until binary chmod reverted to 0444. I also tried duplicate this used php version folder, same same, it works few minutes then its chmod is changed.

If chmod of the php-cgi binary itself is forced to be chmod 0444 (with owner root and group apache or website), how to run it correctly, even via 'nobody' (apache) or 'website' user ?

Usually (previously) suphp binaries get chmod 755 for running...

Many thanks for any help !

David
  • 1
  • 1

1 Answers1

0

Normal server ops (exception: using php as an apache module) file permissions are set to 644 and the files are owned by you. Most servers now run php-as-cgi or an equivalent and use some version of 'su' to allow the httpd process to run properly without ownership and thus permission issues.

Actual problem: there are hard-coded file-system permissions in a number of places, overriding non-default umask for shared environments.

Make sure Joomla is not using a umask function to define the permissions of the files it creates (check your umask settings, etc/init/php-fpm.conf).

For testing purposes, try using an alternate PHP script to see if you experience the same behavior.

Try changing umask in /usr/local/apache/bin/envvars to the value you want and then any file created on the server should have the new permissions.

Overmind
  • 2,970
  • 2
  • 15
  • 24
  • Thank you, I am making test with a simple php file with a phpinfo which have correct 644 permission, as its folder. The main problem is the **php-cgi binary chmod** which is always restored to 0444, why ? How runing it correctly ? When chmod set 4750, it runs well and its php user is the correct website owner user. – David Oct 10 '19 at 08:02
  • I have updated the answer with the location you should be able to alter umask settings from. – Overmind Oct 10 '19 at 08:30
  • Thx, maybe I am wrong but I don't understand why apache umask conf - which is only for created files/dir chmod ? - is about of the chmod of php-cgi binary run. Any reference ? I am testing it then anyway. – David Oct 10 '19 at 09:46
  • Try the umask options from etc/suphp/suphp.conf . – Overmind Oct 10 '19 at 10:37
  • which value would you set ? – David Oct 10 '19 at 14:48
  • I usually use 640. – Overmind Oct 11 '19 at 05:07
  • hmm...usually it is 022. Then could you please answer my previous question : why this setting would change the behavior of **the chmod of the php-cgi bin** ? umask is about chmod of the created files by the process, not the chmod of the process itself...please check my initial question with the bold sentence. – David Oct 11 '19 at 09:16