1

I am trying to setup a a django (mod-wsgi) app on a server on the subdomain accounts.mysite.com (D.O. Droplet). When I try to reload apache, I get the following errors:

AH00526: Syntax error on line 2 of /etc/apache2/sites-enabled/dev.mysite.com.conf: 
SuexecUserGroup configured, but suEXEC is disabled: Invalid owner or file mode for /usr/lib/apache2/suexec

I didn't initially set this up so I am in the "i don't want to break it" mindset - perhaps being too cautious.

That being said I want to run the config by serverfault to see if anything stands out - I haven't worked with fcgi in a few years, It looks ok to me, but there are multiple simlinks. And the original dev seems to be setting the suexec group by user/group id.

/usr/lib/apache2/suexec has the following chmod settings:

lrwxrwxrwx 1 root root 24 Aug 25 2014 suexec -> /etc/alternatives/suexec

which takes me to here

lrwxrwxrwx 1 root root 30 Aug 25 2014 suexec -> /usr/lib/apache2/suexec-custom

(another simlink to)

-rwsr-xr-- 1 root www-data 18472 Jul 22 2014 suexec-custom

The line 2 in question is this:

SuexecUserGroup "#1002" "#1002"

As mentioned above, this the id of the "dev" user,

I have tried multiple different user group combos here and it hasn't worked.

Also...

I confirmed suexec has been enabled.

I have tried changing the owner/group of the process.

I haven't tried anything else I wanted to ask advice first.

Thanks.

user114253
  • 131
  • 3
  • Since mod_wsgi has got nothing to do with FASTCGI, if you disable all the mod_wsgi configuration and module do you still have the issue? This will at least show you that this is nothing to do with mod_wsgi and your Django site and avoid any confusion due to mod_wsgi also being mentioned in the question. – Graham Dumpleton Jul 06 '15 at 02:59
  • Hi Graham, mod_wsgi was already enabled and running I haven't enabled any new modules, if I disable the new site, or mod_wsgi, the error persists, which leads me to believe it was existing prior. The only chnage I have made to any apache conf is the new site which is a fairly vanilla wsgi setup. – user114253 Jul 06 '15 at 03:34
  • Given that permissions on ``suexec-custom`` look okay, the only other reason I can see that Apache code would override ``Suexec`` being enabled is if that isn't actually the location compiled into Apache as to where ``suexec`` should reside. Find the ``httpd`` or ``apache2`` program and run it with the ``-V`` option. It may get cranky and require you to set certain environment variables for Apache user and group. It should output what ``SUEXEC_BIN``, being the location of ``suexec``, is that it it expects. – Graham Dumpleton Jul 06 '15 at 04:34
  • Also ensure that the ``Suexec`` directive comes before that for ``SuexecUserGroup``. – Graham Dumpleton Jul 06 '15 at 04:35

0 Answers0