Hello,

I am currently evaluating CloudLinux as a replacement of our Ubuntu shared hosting platform. So far everything is running smoothly, except one thing :

I am using ISPConfig 3 with Apache2 + fcgid and i want to use cagefs. Everything is ok if i don't use SuExec, but if i do, i am getting internal server error :

[2012-10-31 09:35:02]: command not in docroot (//.php-fcgi-starter)



[2012-10-31 09:40:02]: uid: (5004/web1) gid: (5005/client1) cmd: .php-fcgi-starter



[2012-10-31 09:40:02]: command not in docroot (//.php-fcgi-starter)

Here are some config snippets :

mod_fcgid :

# This is the Apache server configuration file for providing FastCGI support



# through mod_fcgid



#



# Documentation is available at



# http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html





LoadModule fcgid_module modules/mod_fcgid.so





# Use FastCGI to process .fcg .fcgi & .fpl scripts



AddHandler fcgid-script fcg fcgi fpl





# Sane place to put sockets and shared memory file



FcgidIPCDir /var/run/mod_fcgid



FcgidProcessTableFile /var/run/mod_fcgid/fcgid_shm





PHP_Fix_Pathinfo_Enable 1



DirectoryIndex index.php

Virtual Host in question :

    AllowOverride None



    Order Deny,Allow



    Deny from all













      DocumentRoot /var/www/bgserivce1.net/web





    ServerName bgserivce1.net



    ServerAlias www.bgserivce1.net



    ServerAdmin [email protected]





    ErrorLog /var/log/ispconfig/httpd/bgserivce1.net/error.log





    Alias /error/ "/var/www/bgserivce1.net/web/error/"



    ErrorDocument 400 /error/400.html



    ErrorDocument 401 /error/401.html



    ErrorDocument 403 /error/403.html



    ErrorDocument 404 /error/404.html



    ErrorDocument 405 /error/405.html



    ErrorDocument 500 /error/500.html



    ErrorDocument 502 /error/502.html



    ErrorDocument 503 /error/503.html





   



   





   



        Options FollowSymLinks



        AllowOverride All



        Order allow,deny



        Allow from all



   



   



        Options FollowSymLinks



        AllowOverride All



        Order allow,deny



        Allow from all



   









    # suexec enabled



   



      SuexecUserGroup web1 client1



   



    # Clear PHP settings of this website



   



        SetHandler None



   



    # php as fast-cgi enabled



# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html



   



        FcgidIdleTimeout 300



        FcgidProcessLifeTime 3600



        # FcgidMaxProcesses 1000



        FcgidMinProcessesPerClass 0



        FcgidMaxProcessesPerClass 100



        FcgidConnectTimeout 3



        FcgidIOTimeout 360



        FcgidBusyTimeout 300



FcgidMaxRequestLen 1073741824



   



   



        AddHandler fcgid-script .php .php3 .php4 .php5



        FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php



        Options +ExecCGI



        AllowOverride All



        Order allow,deny



        Allow from all



   



   



        AddHandler fcgid-script .php .php3 .php4 .php5



        FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php



        Options +ExecCGI



        AllowOverride All



        Order allow,deny



        Allow from all



   







    # add support for apache mpm_itk



   



      AssignUserId web1 client1



   





   



 # Do not execute PHP files in webdav directory



     



   



          SetHandler None



       



     



      DavLockDB /var/www/clients/client1/web1/tmp/DavLock



      # DO NOT REMOVE THE COMMENTS!



      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!



      # WEBDAV BEGIN



      # WEBDAV END



   

The contents of /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php :

#!/bin/sh



PHPRC="/etc/"



export PHPRC



PHP_DOCUMENT_ROOT="/var/www/clients/client1/web1"



export PHP_DOCUMENT_ROOT



# The variable PHP_FCGI_CHILDREN is onyl useful for lighty or nginx as apache 



# mod_fcgi will control the number of childs themself and never use the additional processes.



# PHP_FCGI_CHILDREN=8



# export PHP_FCGI_CHILDREN



PHP_FCGI_MAX_REQUESTS=5000



export PHP_FCGI_MAX_REQUESTS



exec /usr/bin/php-cgi \



 -d open_basedir="/var/www/clients/client1/web1/web:/var/www/clients/client1/web1/tmp:/var/www/bgserivce1.net/web:/srv/www/bgserivce1.net/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/usr/share/php" \



-d upload_tmp_dir=/var/www/clients/client1/web1/tmp \



-d session.save_path=/var/www/clients/client1/web1/tmp \

If i remove the "SuExec" directive it all works fine, but everything is done with the apache:apache user:group. If i turn off cagefs, it all works fine with and without suexec.

From the documentation also didn't became clear if i need to cagefsctl --addrpm httpd or not, but if i do it also copies all the websites.

Any help or advice ?

Regards

Ok i managed to figure it out.
I had to add /var/www/php-fcgi-scripts/ into cagefs.mp . Then i had to modify the website symlink creation function in ispconfig to create a symlink to the website in /usr/share/cagefs/var/www/[website_domain] as it is where the httpd is configured to look for them. It all works now, without the need to cagefsctl --add-rpm httpd.