Apache Suexec configuration and change the DOC_ROOT (CentOS, Red Hat)

Quite often, when migrating sites from shared hosting to VPS, you must change the DOC_ROOT in suexec.

Here are found in the vastness of INETA and supplemented its statement.

Install gcc (if not already selected):

# yum install gcc

First, find out which version of Apache we installed:

serv # httpd-v
Server version: Apache/2.2.3.
Server built: Jul 30 2010 12:32:08

Then download the source code of the apache, for example here:

# wget http://archive.apache.org/dist/httpd/httpd-2.2.3.tar.gz

Unpack and configure the required settings (because we only need suexec-specify settings for suexec):

# tar-xzf/httpd-2.2.3.tar.gz.
# cd httpd-2.2.3
#./configure-enable-suexec-with-suexec-caller = apache-with-suexec-userdir = cgi-bin-with-suexec-docroot =/home-with-suexec-uidmin = 500-with-suexec-gidmin = 500-with-suexec-logfile =/var/log/httpd/suexec.log

And collect, but do not set!! :

# make

Then look right and the owner, the suexec

# ls-lah/usr/sbin/suexec
-r-s-x-1 apache root 12 k Aug 30 2010/usr/sbin/suexec

Copy the old new suexec, set the correct permissions and ownership, and check:

# cp/support/suexec/usr/sbin/suexec.
# chown root: apache/usr/sbin/suexec
# chmod 4510/usr/sbin/suexec

# ls-lah/usr/sbin/suexec
-r-s-x-1 apache root 23 k Mar 9 12:45/usr/sbin/suexec

Sometimes require elevated privileges, then use this:

# chown root: root/usr/sbin/suexec

# chmod 4755/usr/sbin/suexec

Restartuem apache and all

Before modification:

# suexec-V
-D AP_DOC_ROOT = “/var/www”
-D AP_GID_MIN = 500
-D AP_HTTPD_USER = “apache”
-D AP_LOG_EXEC = “/var/log/httpd/suexec.log”
-D AP_SAFE_PATH = ‘/:/usr/bin:/bin ”
-D AP_UID_MIN = 500
-D AP_USERDIR_SUFFIX = “cgi-bin”

After:

# suexec-V
-D AP_DOC_ROOT = “/home”
-D AP_GID_MIN = 500
-D AP_HTTPD_USER = “apache”
-D AP_LOG_EXEC = “/var/log/httpd/suexec.log”
-D AP_SAFE_PATH = ‘/:/usr/bin:/bin ”
-D AP_UID_MIN = 500

-D AP_USERDIR_SUFFIX = “cgi-bin”

If you suddenly get the error “Warning: SuexecUserGroup directive requires SUEXEC wrapper.” check the law if not helps you do this:

#httpd-V | grep SUEXEC_BIN

If you see a-D SUEXEC_BIN =/usr/sbin/suexec, then everything is OK, and if-D SUEXEC_BIN =/usr/bin/suexec, then you need to make a link:
#ln-s/usr/sbin/suexec/usr/bin/suexec

Next, assign rights (see above)