2

I'm currently administrating a Gentoo server hosting a few dozen websites for friends and people with common interests. I may be moving to a new server soon, and with that comes the possibility to switch to another OS. I've enjoyed Gentoo's ability to let me tinker with USE flags and automatically patch upstream source code right before it's compiled and installed, but it does have some quirks (tail and cron having subtly broken behavior, deadlocks in kernel cgroups code, files being installed with randomly broken permissions), and the upkeep can be considerable (I can't seem to update perl without breaking half the system).

I conjecture that for a shared hosting system, two things are of most importance: security and stability. While I generally trust my users not to do something intentionally malicious, I can't trust them to never allow their accounts to be compromised (e.g. by installing and not updating a web app for which a vulnerability has been found). A user should not be able to access other users' data, interfere with the accessibility of other websites, or trash the server.

CentOS seems to be very popular on servers, although my personal limited experience with rpm/yum was rather discouraging (took me an hour to install one package). I heard nice things about Ubuntu Server as well. Or should I just stick to what I'm familiar with, and hope that my Gentoo problems are simply a result of misconfiguration or accumulated cruft that won't manifest in a clean install? (CentOS and Ubuntu Server come with SELinux/AppArmor, Gentoo has the Hardened Gentoo project.)

There's also the question of Apache configuration... running mod_php with a standard MPM is out of the question, as it'll allow scripts access to all users' data. CGI is a lot slower. I'm using the itk MPM right now, and it seems to work okay, but I wonder if there's a better solution - how do the big shared hosting providers (DreamHost etc.) do it?

Community
  • 1
Vladimir Panteleev
  • 1,737
  • 5
  • 20
  • 34
  • Something I should add about Apache... it's very easy for one vhost to hog all the resources of a default Apache setup, making all other vhosts inaccessible (e.g. 100 slow file downloads = 100 slots stolen from quickly-executing scripts). This is very hard to fix, and usually requires 3rd-party limiting modules - mainly because Apache won't know the vhost until it accepted and processed the connection. – Vladimir Panteleev May 18 '11 at 22:54
  • So what if I run one Apache instance per user, with a very lightweight proxy in front of it? This has the benefit to naturally limit resource usage (including memory) per user, and also allow users to fully configure their server without any security risks. Is this crazy? – Vladimir Panteleev May 18 '11 at 22:55
  • Above thoughts in diagram form: http://www.gliffy.com/pubdoc/2691834/L.png – Vladimir Panteleev May 19 '11 at 15:15

2 Answers2

2

CentOS is very popular because of the upstream support by a lot of enterprise vendors and the rock-solid nature of the system. A move to any system like this is going to make you feel like you are trapped in a cage. You're clearly someone who enjoys tweaking (which I can agree with!). That being said, I think for a shared hosting system CentOS or Ubuntu Server is definitely a better approach as it simplifies management a lot.

In either case you'll need to invest some time (far less than the time required to learn Gentoo, IMHO) in learning it's tools and quirks. Once you get used to using apt or yum they're both quite tolerable for simple software installation.

In either case if your focus is PHP/Apache webhosting you could simply build a system using CentOS or Ubuntu and custom build your own Apache/PHP to meet your exact requirements. If I were you I'd spend some time seeing if the system packages offer anything like the configuration you're looking for (I know they both offer various MPM modules, for example).

In RedHat EL5 at least the mod_php default installation runs all PHP scripts as the www-data user, which would not allow access to all users' files (there may be something I'm missing here).

Kyle Smith
  • 9,683
  • 1
  • 31
  • 32
  • Hi, thanks for the detailed answer. I think the `www-data` user is created to only have access inside `/var/www`, which is often used for dedicated web servers. In that case, `www-data` really has no need to read anything from `/home`. In my current setup, users store web files in `/home/username/web/` (I have one user per vhost), and I can think of no way to securely accommodate that setup by running all Apache/PHP processes under a single user. – Vladimir Panteleev May 19 '11 at 01:49
  • @CyberShadow: Have you looked into suPHP? I've never set it up but it's supposed to exec .php files as the user who owns them, instead of the webserver user. It sounds exactly like what you want? – Kyle Smith May 19 '11 at 01:56
  • I've actually used suPHP before switching to the itk MPM. The performance improvement I got after switching was so ridiculous, turning back would be insane. – Vladimir Panteleev May 19 '11 at 13:03
  • Using a per-user MPM like itk is also more secure, as Apache itself is also running as the user (in case of a vulnerability in Apache or one of its modules). – Vladimir Panteleev May 19 '11 at 13:09
  • Cyber, thanks for the info. Unfortunately in my current role I don't get as much exposure to web servers as I might like. The itk MPM sounds very interesting. – Kyle Smith May 24 '11 at 14:47
0

Your problem seems like misconfiguration to me. I've been using Gentoo for several years now and so far the only issue I've came upon was with temporary broken dependencies on the unstable branch, which was fixed in a matter of days. My advise is to stick with Gentoo. You won't get much benefit in terms of cpu power, but will have high maintenance time, which will educate you in the way Linux works out as a system.

If you handle a huge amount of servers, you should consider keeping away a few machines so that you can compile and make binary packages for easy distribution. later on. This will speed updates deployment to the rest of the servers and in the same time will give you the flexibility to maintain your very own versions of the server software.

As for the php, I would stick to whatever works for you and your users. The itk mpm choice highly depends on running the php in nts mode.

Nikola Petkanski
  • 101
  • 2