I am trying to run 3 separated domains in one machine, each with its user (through virtual host) so I decided to use suExec for my task (it been also installed along with apache):
Global Server configuration running on "apache" user and group.
The conficuration of one of the users (the one I am trying to access with):
listen 9999
<VirtualHost *:9999>
ServerName *:9999
DocumentRoot "/home/efpanel/public_html"
ErrorLog "/home/efpanel/err.log"
<IfModule suexec_module>
# SuexecUserGroup efpanel efpanel
</IfModule>
# Directory settings...
...
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/home/efpanel/public_html/cgi-bin/"
</IfModule>
</VirtualHost>
The issue:
When the line of the SuexecUserGroup is commented, running perl script will be on user "apache" - not what I want, but at least run.
HOWEVER: If I uncomment this line, even simple perl script will fail with error 500 (internal server error). Checking the log file, the error I get there is:
[Sat Dec 21 01:34:56.274872 2019] [cgi:error] [pid 31211] [client 183.28.7.14:7262] End of script output before headers: test.cgi, referer: http://99.99.99.99:9999/
Notes:
1) mod_suexec is installed and enabled (the below is the result of "ls -l /usr/sbin | grep suexec"):
-r-x--x--- 1 root apache 15440 Aug 8 07:42 suexec
2) I am running Apache 2.4 httpd on CentOS 7, CGI written in PERL.
3) I am aware that suEXEC only work on script files, but is enough for me - if I make it somehow to work.
4) Checking the configuration values, I cannot determine where is the suexec log file, and was unable to find it by "find / suexec.log" command. The configuration values are as follows (seems standard):
[root@vps cgi-bin]# suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_SYSLOG
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=500
-D AP_USERDIR_SUFFIX="public_html"
My only concern here is the "DOC_ROOT" which is "/var/www" and has anything common with "/home/efpanel" - but: a) I have no idea how to reconfigure suexec after it been compiled, b) I don't think it is that necessary, maybe it is ok "as is"?
5) cgi script, cgi-bin directory, public_html directory and /home/efpanel directory are all belong to the same user and group (efpanel) and has access permit of 0755, except "/home/efpanel" that has 0711 access permit.
6) I have tried to add "-w" in the first line of the script, as suggested here:
#!/usr/bin/perl -w
my $u=(getpwuid $>)[0];
print "ContentType: text/html;\n\n$u";
exit 0;
As it seen, a VERY simple script and fail.