11.38.2, Apache 2.4.6, PHP 5.4.17, mod_ruid2 and shared SSL/SNI certificates

[movielad]

Hello,

Is it still the case that sites hanging off a single IP with shared certificates in SNI configuration, with mod_ruid2 enabled, will see Apache requests come from nobody? Does PHP still run as user:user in this instance?

Regards,

Martyn

 

[cPanelMichael]

Hello

The following document should be helpful to you:

Mod_Ruid2

Mod_ruid2 allows requests to a domain to run as the owner of that domain instead of as the Apache user. You mentioned there was a previous case where this did not happen on websites using a shared certificate with SNI. Could you let us know the thread, or ticket number where this was referenced in the past? PHP requests are run as the user.

Thank you.

 

[movielad]

The cPanel documentation I was looking at seems to have mysteriously vanished. Probably just me - however, things do appear to be working as described in the current Mod_Ruid2 documentation on cpanel.net - and indeed, I've tested this by creating make.php in the root directory of a site with shared SSL certificate/SNI-enabled host:

<?php
mkdir('ruidtest');
file_put_contents('ruidtest/test.txt', 'Hello!'); 
?>

(sourced from Mod ruid2 - Webhosting, BTW)

Comparing the user and group names, alongside the permissions, all is working just fine (the directory and file is created and all inherit the correct username and groupname of the cPanel account) when that script is viewed through SSL or standard HTTP request.

I think the main issue I was having is that since httpd still primarily runs as 'nobody', and the PHP scripts I'm running are executed far too quickly to see from a process list POV.

Martyn

 

[quizknows]

You could always add a sleep command at the beginning of the PHP process if you want to see it in a process list (ps).

<?php
// sleep for 10 seconds
sleep(10);
mkdir('ruidtest');
file_put_contents('ruidtest/test.txt', 'Hello!');
?>