[Modules] mod_vhost_dbi: I got it working including suexec

Ian Barry ian at sensical.net
Sat Oct 7 07:05:05 EDT 2006 

First of all, big thanks to you outoforder guys for your vhost module; I
have been playing when many other similar modules and have not got what I
need working.

What I needed was mass virtual hosting with configuration over SQL; with no
need to restart Apache and manually add vhosts; and I wanted suexec /
suexecusergroup functionality to work so that each user had their cgi
scripts executed under their own user.

Having said that, your module did not work out of the box, but here, for
everybody's benefit, is how I got it working.

I got the DocumentRoot working over SQL straight away; but the
SuExecUserGroup refused to work and all scripts were running as the web user
(www).

The big breakthrough was working out (from the source) that the name of the
user column was meant to be called User and not Username as per the
documentation.  Also, I had to play with Apache to get cgi working nicely as
you cannot use the ScriptAlias directive (or at least I could not find a way
to do it).

Hope this works for you...

Thanks again!

Ian
---

Ian Barry
System Administrator
Sensical.net Webhosting

e: ian at sensical dot net
w: www.sensical.net


Relevant Extract from httpd.conf:
---------------------------------

  LoadModule dbi_pool_module modules/mod_dbi_pool.so
  LoadModule vhost_dbi_module modules/mod_vhost_dbi.so

  PoolDbiDriver         Server1  mysql
  PoolDbiHost           Server1  127.0.0.1
  PoolDbiUsername       Server1  ********
  PoolDbiPassword       Server1  ********
  PoolDbiDBName         Server1  vhost_dbi
  PoolDbiConnMin        Server1  1
  PoolDbiConnSoftMax    Server1  1
  PoolDbiConnHardMax    Server1  5
  PoolDbiConnTTL        Server1  30

  User www
  Group www

  <Directory "/home/*/">
    Options Indexes SymLinksIfOwnerMatch Includes ExecCGI
    AllowOverride All
    Order allow,deny
    Allow from all
  </Directory>

  Listen xxx.xxx.xxx.xxx:80
  NameVirtualHost *:80

  <VirtualHost *:80>
    VhostDbiEnabled On
    VhostDbiConnName Server1
    # Use "User" as the user column, not "Username" as per the mod_vhost_dbi
documentation.
    VhostDbiQuery "SELECT ServerName, DocumentRoot, User FROM vhost_info
WHERE ServerName = &{RequestHostname}"

    <Location "/cgi-bin/">
      Options ExecCGI
      AllowOverride None
      ForceType application/x-httpd-cgi
      SetHandler cgi-script
    </Location>
  </VirtualHost>


MySQL Schema & Example Data:
----------------------------

mysql> describe vhost_dbi.vhost_info;
+--------------+--------------+------+-----+---------+-------+
| Field        | Type         | Null | Key | Default | Extra |
+--------------+--------------+------+-----+---------+-------+
| ServerName   | varchar(63)  |      | PRI |         |       |
| DocumentRoot | varchar(127) |      |     |         |       |
| User         | varchar(15)  |      |     |         |       |
+--------------+--------------+------+-----+---------+-------+
3 rows in set (0.00 sec)

mysql> select * from vhost_dbi.vhost_info;
+-------------------+---------------------------+-------+
| ServerName        | DocumentRoot              | User  |
+-------------------+---------------------------+-------+
| www.mywebsite.com | /home/test7/mywebsite.com | test7 |
+-------------------+---------------------------+-------+
1 row in set (0.00 sec)


Filesystem Layout:
------------------

[root@]# ls -l /home/test7/mywebsite.com
total 2
drwxr-xr-x  3 test7 test7 4096 Oct  7 10:13 cgi-bin
-rw-r--r--  1 test7 test7   54 Oct  7 09:51 index.html

[root@]# ls -l /home/test7/mywebsite.com/cgi-bin
total 1
-rwxr-xr-x  1 test7 test7 64 Oct 7 09:55 test.sh

[root@]# cat /home/test7/mywebsite.com/cgi-bin/test.sh
#!/bin/sh

echo "Content-type: text/plain

"
whoami
[root@]#


Test:
-----

[root@]# telnet xxx.xxx.xxx.xxx 80
Trying xxx.xxx.xxx.xxx...
Connected to xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx).
Escape character is '^]'.
GET / HTTP/1.0
Host: www.mywebsite.com

HTTP/1.1 200 OK
Date: Sat, 07 Oct 2006 10:52:20 GMT
Server: Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a mod_jk/1.2.14
mod_dbi_pool/0.1.0 mod_vhost_dbi/0.1.0
Accept-Ranges: bytes
Content-Length: 54
Connection: close
Content-Type: text/html; charset=ISO-8859-1

<html><body>Hello this is mywebsite.com</body></html>
Connection closed by foreign host.

[root@]# telnet xxx.xxx.xxx.xxx 80
Trying xxx.xxx.xxx.xxx...
Connected to xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx).
Escape character is '^]'.
GET /cgi-bin/test.sh HTTP/1.0
Host: www.mywebsite.com

HTTP/1.1 200 OK
Date: Sat, 07 Oct 2006 10:49:00 GMT
Server: Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a mod_jk/1.2.14
mod_dbi_pool/0.1.0 mod_vhost_dbi/0.1.0
Connection: close
Content-Type: text/plain; charset=ISO-8859-1


test7
Connection closed by foreign host.
[root@]#

More information about the Modules mailing list