php5 with mod_fcgid results in 500 error - probably wrong permissions

Question 1

php5 with mod_fcgid results in 500 error - probably wrong permissions

php permissions fastcgi mod-fcgid

mzimmer · Sep 11, 2012 · Viewed 9.9k times · Source

Answer

Answer

I (accidently) found the solution: The fcgi script (and the directory containing it) has to be at least publicly executable (r-x--x--x / 511).

updated file structure:

drwxr-xr-x root   root    /var/
drwxr-xr-x root   root      www/
dr-xr-xr-x wiheha wiheha      wiheha/
dr-x--x--x wiheha wiheha        conf.d/
-r-x--x--x wiheha wiheha          php.fcgi
drwxr-xr-x wiheha wiheha        www/
-rw-r--r-- wiheha wiheha          favicon.ico
-rw-r--r-- wiheha wiheha          test.html
-rw-r--r-- wiheha wiheha          test.php

Question 2

Every time I request a .php file I get the 500 error code.

I tried many different file permissions and searched the whole internet (or at least, it felt like this), but i couldn't find anything helpful. (It's not an easy to find suexec error or something like that. However I guess, it's something with the permissions... and probably I just don't know a/the certain point...)

/var/log/apache2/error.log (LogLevel info)

[Tue Sep 11 12:47:21 2012] [info] Init: Seeding PRNG with 648 bytes of entropy
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Init: Initializing (virtual) servers for SSL
[Tue Sep 11 12:47:21 2012] [info] mod_ssl/2.2.16 compiled against Server: Apache/2.2.16, Library: OpenSSL/0.9.8o
[Tue Sep 11 12:47:21 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)
[Tue Sep 11 12:47:21 2012] [info] mod_fcgid: Process manager 30502 started
[Tue Sep 11 12:47:21 2012] [info] Init: Seeding PRNG with 648 bytes of entropy
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Shared memory session cache initialised
[Tue Sep 11 12:47:21 2012] [info] Init: Initializing (virtual) servers for SSL
[Tue Sep 11 12:47:21 2012] [info] mod_ssl/2.2.16 compiled against Server: Apache/2.2.16, Library: OpenSSL/0.9.8o
[Tue Sep 11 12:47:21 2012] [notice] Apache/2.2.16 (Debian) mod_fcgid/2.3.6 mod_ssl/2.2.16 OpenSSL/0.9.8o configured -- resuming normal operations
[Tue Sep 11 12:47:21 2012] [info] Server built: Apr  1 2012 06:40:08
[Tue Sep 11 12:48:08 2012] [info] mod_fcgid: server wiheha.us.to:/var/www/wiheha/conf.d/php.fcgi(30603) started
[Tue Sep 11 12:48:08 2012] [warn] [client 192.168.2.109] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server
[Tue Sep 11 12:48:08 2012] [error] [client 192.168.2.109] Premature end of script headers: test.php
[Tue Sep 11 12:48:11 2012] [info] mod_fcgid: process /var/www/wiheha/conf.d/php.fcgi(30603) exit(communication error), terminated by calling exit(), return code: 255

My setup is: Apache/2.2.16 (Debian)

file structure:

drwxr-xr-x root   root    /var/
drwxr-xr-x root   root      www/
dr-xr-xr-x wiheha wiheha      wiheha/
dr-x------ wiheha wiheha        conf.d/
-r-x------ wiheha wiheha          php.fcgi
drwxr-xr-x wiheha wiheha        www/
-rw-r--r-- wiheha wiheha          favicon.ico
-rw-r--r-- wiheha wiheha          test.html
-rw-r--r-- wiheha wiheha          test.php

"wiheha" is a user btw:

wiheha:x:1005:1005::/var/www/wiheha:/bin/false
(adduser [...] --no-create-home --disabled-password --disabled-login [...])

/var/www/wiheha/conf.d/php.fcgi

#!/bin/sh
exec /usr/lib/cgi-bin/php

/var/www/wiheha/www/test.html

<!DOCTYPE html>
<html>
    (working, not much more than "lorem ipsum...")
</html>

/var/www/wiheha/www/test.php

<?php phpinfo(); ?>

/etc/apache2/sites-available/wiheha

<VirtualHost *:80>
    ServerName wiheha.us.to
    ServerAdmin [email protected]
    DocumentRoot /var/www/wiheha/www
    SuexecUserGroup wiheha wiheha
    <Directory /var/www/wiheha/www/>
        AllowOverride All
        Options +ExecCGI
        AddHandler fcgid-script .php
        FCGIWrapper /var/www/wiheha/conf.d/php.fcgi .php
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

Additional info:

# cat /etc/debian_version
6.0.5
# apachectl -V
Server version: Apache/2.2.16 (Debian)
Server built:   Apr  1 2012 06:40:08
Server's Module Magic Number: 20051115:24
Server loaded:  APR 1.4.2, APR-Util 1.3.9
Compiled using: APR 1.4.2, APR-Util 1.3.9
Architecture:   32-bit
Server MPM:     Worker
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/worker"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"
# /usr/lib/cgi-bin/php --version
PHP 5.3.3-7+squeeze14 with Suhosin-Patch (cgi-fcgi) (built: Aug  6 2012 20:08:51)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
    with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH

Quite long... I hope, this isn't too much ;-)

Please don't mind wrong language, if something is wrong.
And yes, you should be able, to access the server: http://wiheha.us.to/

php5 with mod_fcgid results in 500 error - probably wrong permissions

Answer

Related questions