所以,我有以下WORKING虛擬主機:apache + fastcgi + fpm爲什麼需要suexec?
<VirtualHost 192.168.128.20:80>
ServerName euclid.domain.tld
#LogLevel debug
ErrorLog /var/www/euclid/logs/error_log
SuexecUserGroup fastcgi www_euclid
FastCgiExternalServer /var/www/euclid/htdocs/cgi-bin -socket /var/run/php-fpm/euclid.sock -user fastcgi -group www_euclid
AddHandler php-fastcgi .php
Action php-fastcgi /cgi-bin
Alias /cgi-bin /var/www/euclid/htdocs/cgi-bin
<Location /cgi-bin>
Order Deny,Allow
Deny from All
# Prevent accessing this path directly
Allow from env=REDIRECT_STATUS
Options +ExecCGI +FollowSymLInks +SymLinksIfOwnerMatch
</Location>
DocumentRoot /var/www/euclid/htdocs
<Directory /var/www/euclid/htdocs>
AllowOverride all
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
我似乎無法找出就是爲什麼我需要有非此即彼/兩SuexecUserGroup的FastCGI www_euclid和FastCgiExternalServer與-user FastCGI的-group www_euclid標誌。 FPM啓用了池並且每個池都在其自己的用戶/組下運行。這工作正常,沒有問題。如果我刪除了SuexecUserGroup和/或-user fastcgi -group www_euclid參數,我得到以下錯誤,我不知道爲什麼。另外,通過fastcgi訪問套接字文件的是什麼uid和gid?它當然不是fastcgi:ww_euclid。
(13)Permission denied: FastCGI: failed to connect to server
"/var/www/euclid/htdocs/cgi-bin": connect() failed FastCGI:
incomplete headers (0 bytes) received from server
"/var/www/euclid/htdocs/cgi-bin"