[solved] Cloudlinux PHP LSAPI "say no to suexec"

[JVQ]

I know this is an old thread, but this type if set up is almost exactly what I am looking for - with one issue. Could there be a way to have this set up be valid on a particular script handler or external app. Essentially: I am looking to do something similar on cloudlinux and cagefs but am not in a position to have all user's on the server run under such a mode. It would however be great to be possible to enable it individually on a particular external app. Now I can create an external app and set a uid/guid, then set this as the php handler but when running under that user it is not in cagefs at all.

 

[scysys]

I know this is an old thread, but this type if set up is almost exactly what I am looking for - with one issue. Could there be a way to have this set up be valid on a particular script handler or external app. Essentially: I am looking to do something similar on cloudlinux and cagefs but am not in a position to have all user's on the server run under such a mode. It would however be great to be possible to enable it individually on a particular external app. Now I can create an external app and set a uid/guid, then set this as the php handler but when running under that user it is not in cagefs at all.

I know its an old thread again, but im also here for this request. It would be great if there would be a way to disable suexec just for specific users. Actually the only way to give users which are asking for real chmod permissions on their installations is to setup an other system with litespeed in mode "cagefs without suexec"

 

[skhristich]

I know its an old thread again, but im also here for this request. It would be great if there would be a way to disable suexec just for specific users. Actually the only way to give users which are asking for real chmod permissions on their installations is to setup an other system with litespeed in mode "cagefs without suexec"

Hello,
For one user, cagefs will not work without suexec. Without it, it will be impossible to understand in whose cell to direct the process that starts the Apache.
LiteSpeed has CageFS mode without suexes. This mode has been added in LSWS 4.2 with PHP suEXEC daemon mode.
http://blog.litespeedtech.com/2012/09/11/lsws-4-2-introduces-php-suexec-daemon-mode/Once enabled PHP suEXEC daemon mode, you can change "Enable LVE" configuration to "CageFS without suEXEC". If cagefs is disabled for that user or failed to enter the cage, PHP will change user ID (back to default suEXEC mode).