500 error and log entry: "Could not open config file /etc/apache2/suexec/www-data"

7 posts / 0 new
Last post
#1 Thu, 06/11/2015 - 10:00
flickerfly

500 error and log entry: "Could not open config file /etc/apache2/suexec/www-data"

I'm trying to setup my first wordpress site, but am just getting a 500 message in the browser.

I get this error in /var/log/apache2/suexec.log.

[2015-06-11 07:45:18]: User www-data not allowed: Could not open config file /etc/apache2/suexec/www-data

It is accurate that the file doesn't exist. If I create a blank file at that location, it reports the following.

[2015-06-11 07:48:43]: Could not read docroot from /etc/apache2/suexec/www-data

I'm a bit confused as I thought suexec should be executing the site as the user of the site, not the apache user.

Any idea what I have setup wrong?

Thanks!

Thu, 06/11/2015 - 11:00
andreychek

Howdy,

What distro/version are you using?

And what's the output of this command:

dpkg -l 'apache2*'
Thu, 06/11/2015 - 11:11
flickerfly

Thank you

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.2 LTS
Release:        14.04
Codename:       trusty
$ dpkg -l 'apache2*'
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                              Version               Architecture          Description
+++-=================================-=====================-=====================-========================================================================
ii  apache2                           2.4.7-1ubuntu4.4      amd64                 Apache HTTP Server
un  apache2-api-20120211              <none>                <none>                (no description available)
ii  apache2-bin                       2.4.7-1ubuntu4.4      amd64                 Apache HTTP Server (binary files and modules)
ii  apache2-data                      2.4.7-1ubuntu4.4      all                   Apache HTTP Server (common files)
ii  apache2-doc                       2.4.7-1ubuntu4.4      all                   Apache HTTP Server (on-site documentation)
un  apache2-mpm-event                 <none>                <none>                (no description available)
un  apache2-mpm-itk                   <none>                <none>                (no description available)
un  apache2-mpm-prefork               <none>                <none>                (no description available)
un  apache2-mpm-worker                <none>                <none>                (no description available)
un  apache2-suexec                    <none>                <none>                (no description available)
ii  apache2-suexec-custom             2.4.7-1ubuntu4.4      amd64                 Apache HTTP Server configurable suexec program for mod_suexec
un  apache2-suexec-pristine           <none>                <none>                (no description available)
un  apache2-utils                     <none>                <none>                (no description available)
un  apache2.2-bin                     <none>                <none>                (no description available)
un  apache2.2-common                  <none>                <none>                (no description available)
Thu, 06/11/2015 - 11:28
flickerfly

Just found this and thought I'd toss it in for good measure.

$ sudo /usr/lib/apache2/suexec -V
 -D SUEXEC_CONFIG_DIR=/etc/apache2/suexec/
 -D AP_GID_MIN=100
 -D AP_LOG_EXEC="/var/log/apache2/suexec.log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=100

I see some examples around the internet with -D AP_USERDIR_SUFFIX="public_html" so I'm looking into what that is about to see if it is related since I don't have it.

Thu, 06/11/2015 - 11:34
flickerfly

I had to create a file /etc/apache2/suexec/www-data with the following content. In the past this has been created for me. Curious...

/home
public_html/cgi-bin
# The first two lines contain the suexec document root and the suexec userdir
# suffix. If one of them is disabled by prepending a # character, suexec will
# refuse the corresponding type of request. 
# This config file is only used by the apache2-suexec-custom package. See the
# suexec man page included in the package for more details.
Thu, 06/11/2015 - 12:04
andreychek

Howdy,

That file is created when installing the "apache2-suexec-custom" package (which your output above shows is installed).

After installation, Virtualmin then updates it to point to the proper location (/home, rather than /var/www).

That's very curious that it's missing! I'm not sure why that would occur.

After you created the file above, are things working properly for you now?

-Eric

Thu, 06/11/2015 - 12:20
flickerfly

Yep, everything is working properly. It actually happened on two servers I was setting up at the same time. I'll review my procedure next time to see if I goofed and accidentally have something that includes that in a delete or something. In the end it gave me an excuse to understand suexec better.

-Josiah

Topic locked