notes: lighttpd/virtual-hosting-individual-php@1c1f40be923d (annotated)

7 222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	1	http://redmine.lighttpd.net/projects/1/wiki/HowToSetupFastCgiIndividualPermissions
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	2
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	3	1. Add users to the operating system
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	4
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	5	(This is only needed if you haven't added users yet.)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	6
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	7	You must add a user account to the operating system for each user that you want
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	8	to give separate user permissions, in order to deny access to other users'
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	9	source code.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	10
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	11	2. Add user groups to the operating system
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	12
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	13	You need to add one user group for each user added above. To keep things
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	14	simple, we just name the user groups similar:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	15
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	16	Now you need to add users to each of these user groups. For each user group,
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	17	there must be two members: the corresponding user and the lighttpd daemon user.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	18
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	19	You configure the user groups by editing /etc/group with your favourite text editor.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	20
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	21	The file must look something like this (group numbers may vary):
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	22
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	23	..... [lots of stuff above]
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	24	fred:x:441:fred,lighttpd
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	25	george:x:442:george,lighttpd
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	26	ron:x:443:ron,lighttpd
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	27
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	28	You might also use a sed command like this:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	29
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	30	sed -i "s/^$fred.*$$/\1,fred,lighttpd/g" /etc/group
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	31	sed -i "s/^$george.*$$/\1,george,lighttpd/g" /etc/group
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	32	sed -i "s/^$ron.*$$/\1,ron,lighttpd/g" /etc/group
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	33
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	34	These commands add the user and the lighttpd user to the groups.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	35
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	36	3. Set up filesystem structure
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	37
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	38	Let's assume that you want to keep all files associated with the web-server's
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	39	virtual hosts under the directory ''/var/www''. (Of course you can choose
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	40	another location, just make sure that the users created above have read and
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	41	execute rights to the directory. (I.e. ''chmod 755 /var/www && chown root:root
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	42	/var/www'').
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	43
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	44	3.1 Create server root directory
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	45
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	46	Now, create two directories: One for some start-up scripts that only root have
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	47	access to, and another for all your virtual hosts:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	48
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	49	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	50	# cd /var/www
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	51	# mkdir fastcgi
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	52	# mkdir vhosts
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	53	# chown lighttpd:lighttpd *
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	54	# chmod 755 *
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	55
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	56	# ls -l /var/www
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	57
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	58	drwxr-xr-x 2 lighttpd lighttpd 4096 Feb 15 12:17 fastcgi
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	59	drwxr-xr-x 9 lighttpd lighttpd 4096 Feb 15 11:21 vhosts
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	60
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	61	3.2 Create a directory for each virtual host
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	62
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	63	Now create a directory for each virtual host in the directory
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	64	''/var/www/vhosts'', and set up appropriate user rights to them:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	65
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	66	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	67	# cd /var/www/vhosts
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	68	# mkdir fred-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	69	# mkdir george-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	70	# mkdir ron-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	71	# chown fred:fred fred-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	72	# chown george:george george-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	73	# chown ron:ron ron-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	74	# chmod 750 *
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	75
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	76	# ls -l /var/www/vhosts
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	77
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	78	drwxr-x--- 7 fred fred 4096 Feb 15 20:18 fred-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	79	drwxr-x--- 6 george george 4096 Feb 15 11:02 george-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	80	drwxr-x--- 6 ron ron 4096 Feb 15 11:23 ron-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	81
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	82	Now we have created three directories where the three users cannot see each
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	83	others' files; however, the lighttpd daemon user can see it all.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	84
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	85	3.3 Create directory structure for each virtual host
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	86
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	87	Now, we want to create the directory struture needed for each virtual host:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	88
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	89	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	90	# cd /var/www/vhosts/fred-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	91	# mkdir html
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	92	# mkdir includes (optional)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	93	# mkdir logs
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	94	# chown fred:fred *
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	95	# chown lighttpd:fred logs
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	96	# chmod 750 *
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	97
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	98	# ls -l /var/www/vhosts/fred-weasley.com
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	99
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	100	drwxr-x--- 14 fred fred 4096 Feb 17 11:55 html
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	101	drwxr-x--- 2 fred fred 4096 Feb 15 12:05 includes
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	102	drwxr-x--- 2 lighttpd fred 4096 Feb 15 11:11 logs
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	103
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	104	You need to repeat this for each virtual host, replacing the user name
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	105	'fred' with the appropriate user name.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	106
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	107	3.4 Create a FastCGI directory for each user
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	108
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	109	Now we have to do all the fun stuff!
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	110
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	111	Now, go to the ''/var/www/fastcgi'' directory where we want to create a
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	112	directory for each user. (When we're finished, these directories will hold the
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	113	sockets to the FastCGI server processes):
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	114
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	115
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	116	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	117	# cd /var/www/fastcgi
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	118	# mkdir fred
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	119	# mkdir george
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	120	# mkdir ron
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	121	# chown fred:fred fred
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	122	# chown george:george george
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	123	# chown ron:ron ron
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	124	# chmod 750 *
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	125
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	126	# ls -l /var/www/fastcgi
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	127
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	128	drwxr-x--- 7 fred fred 4096 Feb 15 20:18 fred
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	129	drwxr-x--- 6 george george 4096 Feb 15 11:02 george
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	130	drwxr-x--- 6 ron ron 4096 Feb 15 11:23 ron
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	131
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	132	(Note that the lighttpd user can read all directories, while the three users
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	133	can only access their own directory.)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	134
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	135	4. Create a FastCGI start-up script for each user
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	136
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	137	Create a directory that will hold all your FastCGI start-up scripts:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	138
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	139	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	140	# cd /var/www/fastcgi
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	141	# mkdir startup
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	142	# chmod 750 startup
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	143
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	144	# ls -l /var/www/fastcgi
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	145
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	146	drwxr-x--- 7 fred fred 4096 Feb 15 20:18 fred
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	147	drwxr-x--- 6 george george 4096 Feb 15 11:02 george
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	148	drwxr-x--- 6 ron ron 4096 Feb 15 11:23 ron
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	149	drwxr-x--- 6 root root 4096 Feb 15 11:23 startup
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	150
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	151	Now, go to the ''/var/www/fastcgi/startup'' directory, create a start-up script
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	152	for fred (let's call it fred-startup.sh, using your favourite text editor:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	153
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	154	#!sh
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	155	#!/bin/sh
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	156
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	157	## ABSOLUTE path to the spawn-fcgi binary
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	158	SPAWNFCGI="/usr/bin/spawn-fcgi"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	159
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	160	## ABSOLUTE path to the PHP binary
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	161	FCGIPROGRAM="/usr/bin/php-cgi"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	162
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	163	## bind to tcp-port on localhost
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	164	FCGISOCKET="/var/www/fastcgi/fred/fred.socket"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	165
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	166	## uncomment the PHPRC line, if you want to have an extra php.ini for this user
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	167	## store your custom php.ini in /var/www/fastcgi/fred/php.ini
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	168	## with an custom php.ini you can improve your security
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	169	## just set the open_basedir to the users webfolder
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	170	## Example: (add this line in you custom php.ini)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	171	## open_basedir = /var/www/vhosts/fred/html
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	172	##
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	173	#PHPRC="/var/www/fastcgi/fred/"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	174
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	175	## number of PHP childs to spawn in addition to the default. Minimum of 2.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	176	## Actual childs = PHP_FCGI_CHILDREN + 1
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	177	PHP_FCGI_CHILDREN=5
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	178
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	179	## number of request server by a single php-process until is will be restarted
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	180	PHP_FCGI_MAX_REQUESTS=1000
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	181
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	182	## IP adresses where PHP should access server connections from
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	183	FCGI_WEB_SERVER_ADDRS="127.0.0.1"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	184
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	185	# allowed environment variables sperated by spaces
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	186	ALLOWED_ENV="PATH USER"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	187
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	188	## if this script is run as root switch to the following user
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	189	USERID=fred
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	190	GROUPID=fred
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	191
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	192	################## no config below this line
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	193
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	194	if test x$PHP_FCGI_CHILDREN = x; then
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	195	PHP_FCGI_CHILDREN=5
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	196	fi
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	197
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	198	export PHP_FCGI_MAX_REQUESTS
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	199	export FCGI_WEB_SERVER_ADDRS
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	200	export PHPRC
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	201
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	202	ALLOWED_ENV="$ALLOWED_ENV PHP_FCGI_MAX_REQUESTS FCGI_WEB_SERVER_ADDRS PHPRC"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	203
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	204	# copy the allowed environment variables
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	205	E=
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	206
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	207	for i in $ALLOWED_ENV; do
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	208	E="$E $i=$(eval echo "\$$i")"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	209	done
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	210
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	211	# clean environment and set up a new one
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	212	env - $E $SPAWNFCGI -s $FCGISOCKET -f $FCGIPROGRAM -u $USERID -g $GROUPID -C $PHP_FCGI_CHILDREN
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	213
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	214	chmod 770 $FCGISOCKET
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	215
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	216	Please be careful with the paths, USERID and GROUPID.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	217
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	218	Note that, in this example, the php process runs as the user we created above
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	219	('fred'). This means that the php code will have write access to the html and
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	220	php files. This can be convenient, but might be a security risk.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	221	Alternatively, you could set USERID to 'nobody' (or any other user without any
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	222	specific permissions), to deny write access to the php process.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	223
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	224	You need to repeat the process and create a startup-script for each user in the
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	225	''/var/www/fastcgi/startup'' directory. (Just copy the file and replace
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	226	FCGISOCKET, USERID and GROUPID with the correct values).
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	227
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	228	Remember to set execute permissions on all your startup-scripts:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	229
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	230
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	231	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	232	# cd /var/www/fastcgi/startup
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	233	# chmod 750 *
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	234
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	235	5. Check your PHP configuration
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	236
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	237	If you're uncertain about the location of your php.ini, just run the following
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	238	command:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	239
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	240
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	241	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	242	$ php-cgi -i \| grep php.ini
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	243	Please check, that you have the following line in your php.ini:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	244
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	245
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	246	cgi.fix_pathinfo=1
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	247
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	248	If you have uncommented the PHPRC line in the shell script under issue 4., be
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	249	sure that the php.ini has the correct owner an rights. To get things work this
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	250	must be
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	251
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	252	chmod 644 php.ini
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	253	chown root:root php.ini
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	254
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	255	6. Execute all FastCGI start-up scripts
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	256
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	257	Now, fire up all your FastCGI server processes:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	258
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	259	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	260	# /var/www/fastcgi/startup/fred-startup.sh
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	261	spawn-fcgi.c.170: child spawned successfully: PID: xxxxx
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	262	# /var/www/fastcgi/startup/george-startup.sh
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	263	spawn-fcgi.c.170: child spawned successfully: PID: xxxxx
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	264	# /var/www/fastcgi/startup/ron-startup.sh
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	265	spawn-fcgi.c.170: child spawned successfully: PID: xxxxx
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	266
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	267	If you get any error messages, please re-check your startup-scripts and the
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	268	permissions to the ''/var/www/fastcgi'' directory, including all user
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	269	sub-directories.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	270
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	271	7. Configure virtual hosts in the lighttpd server
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	272
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	273	Edit ''/etc/lighttpd.conf'' in your favourite text-editor:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	274
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	275
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	276	.....[lots of configuration stuff above].....
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	277
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	278	$HTTP["host"] =~ "(^\|\.)fred-weasley.com$" {
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	279	server.document-root = "/var/www/vhosts/fred-weasley.com/html"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	280	accesslog.filename = "/var/www/vhosts/fred-weasley.com/logs/access_log"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	281	fastcgi.server = ( ".php" =>
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	282	(
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	283	( "socket" => "/var/www/fastcgi/fred/fred.socket",
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	284	"broken-scriptfilename" => "enable"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	285	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	286	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	287	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	288	}
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	289
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	290	$HTTP["host"] =~ "(^\|\.)george-weasley.com$" {
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	291	server.document-root = "/var/www/vhosts/george-weasley.com/html"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	292	accesslog.filename = "/var/www/vhosts/george-weasley.com/logs/access_log"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	293	fastcgi.server = ( ".php" =>
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	294	(
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	295	( "socket" => "/var/www/fastcgi/george/george.socket",
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	296	"broken-scriptfilename" => "enable"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	297	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	298	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	299	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	300	}
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	301
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	302	$HTTP["host"] =~ "(^\|\.)ron-weasley.com$" {
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	303	server.document-root = "/var/www/vhosts/ron-weasley.com/html"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	304	accesslog.filename = "/var/www/vhosts/ron-weasley.com/logs/access_log"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	305	fastcgi.server = ( ".php" =>
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	306	(
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	307	( "socket" => "/var/www/fastcgi/ron/ron.socket",
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	308	"broken-scriptfilename" => "enable"
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	309	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	310	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	311	)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	312	}
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	313
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	314	Please note the paths to the FastCGI sockets for each virtual host.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	315
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	316	'''server.errorlog is NOT working in conditionals, all errors go to the last
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	317	logfile specified. So just use one global error log.'''
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	318
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	319	8. Restart the lighttpd daemon process
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	320
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	321	Simply run this command:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	322
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	323	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	324	# /etc/init.d/lighttpd restart
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	325	If you get any errors, please re-check your ''/etc/lighttpd.conf'' configuration file.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	326
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	327	9. Hello World!
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	328
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	329	Now, log in as the user fred and create a PHP script file in his virtual host
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	330	(e.g. ''/var/www/vhosts/fred-weasley.com/html/index.php''):
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	331
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	332
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	333	#!php
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	334	<?php
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	335	echo "<h1>Hello World!</h1>";
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	336	echo "<p>Current User ID is: ". posix_getuid();
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	337	echo "<p>Current Group ID is: ". posix_getgid();
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	338	?>
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	339	Also, make sure to set the file permissions:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	340
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	341
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	342	#!ShellExample
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	343	# chown fred:fred /var/www/vhosts/fred-weasley.com/html/index.php
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	344	# chmod 640 /var/www/vhosts/fred-weasley.com/html/index.php
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	345
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	346	# ls -l /var/www/vhosts/fred-weasley.com/html
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	347
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	348	-rw-r----- 1 fred fred 116 Jul 25 2004 index.php
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	349
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	350	Now fire up your web-browser and check the output of your PHP script. (Here:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	351	http://www.fred-weasley.com/index.php)
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	352
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	353	If everything went well, you will see an output showing the User ID of the user
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	354	fred, and the Group ID of the user group fred. (You can see these IDs in the
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	355	files ''/etc/passwd_ and _/etc/group'').
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	356
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	357	10. Automatically start the FastCGI startup scripts
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	358
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	359	Optionally, you may also create a crontab entry to automatically execute the
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	360	FastCGI startup scripts when your server boots.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	361
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	362	Use the following command to edit your crontab:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	363
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	364
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	365	# crontab -e
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	366	Now add the following line:
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	367
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	368
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	369	@reboot for i in /var/www/fastcgi/startup/*.sh; do $i; done
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	370	And finally type ":x" to save and exit.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	371
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	372	This crontab entry will execute all .sh files found in the
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	373	/var/www/fastcgi/startup directory after the server has booted.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	374
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	375	Congratulations! You now have a working fast server configuration with
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	376	individual (separate) user rights.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	377
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	378	Limitations
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	379
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	380	Using this model you are creating a separate pool of fastcgi processes for each
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	381	user. This means that no memory will be shared between these processes.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	382	Therefore, if you use this model for a machine with a large number of users you
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	383	will need a significant amount of available RAM. Also, if you use any PHP
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	384	opcode cache such as xcache, apc or eaccelerator, this model means that each
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	385	user will get their own dedicated cache (which is a good thing from a security
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	386	perspective, but bad for memory usage). You can tailor the memory used by
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	387	having different php.ini files that configure the accelerator with differing
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	388	cache sizes, and by altering the value of PHP_FCGI_CHILDREN in each user's
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	389	startup.sh script.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	390
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	391	In FreeBSD (6.2) every user can be in a maximum of 14 groups. This is the upper
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	392	bound for webhost-fastcgi-instances, as your lighty-user (www) needs access to
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	393	those sockets. I installed my webhost 1-2 years ago in this way and run in
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	394	trouble a few weeks ago while adding www to it's 15th group. No error-msg gaves
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	395	a hint. Go, and google for it. By the way: Is there a solution? ;) - Yes,
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	396	FreeBSD 8.0 will raise this limitation to 1024.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	397
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	398	Permissions
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	399
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	400	mod_fastcgi has an option: check-local. When enabled, Lighty uses his user to
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	401	check if the file exists in document-root. If you want Lighty's user to not
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	402	have access to the document-root, this option must be disabled.
222d58b81ced lighttpd/virtual-hosting-individual-php: each virt. host runs php under own uid Tomas Zeman <tzeman@volny.cz> parents: diff changeset	403

author	Tomas Zeman <tzeman@volny.cz>
	Tue, 12 Nov 2013 16:06:45 +0100
changeset 35	1c1f40be923d
parent 7	222d58b81ced
permissions	-rw-r--r--