我有一个Debian莱尼networking服务器。 它使用libapache2-mod-suphp运行apache2。 不幸的是,suphp不能使用phpmyadmin,因为phpmyadmin安装在/ usr / share / phpmyadmin中,并由root拥有,suphp禁用它的引擎:
$ cat /etc/apache2/mods-enabled/suphp.conf <IfModule mod_suphp.c> AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-php <Directory /> suPHP_Engine on </Directory> # By default, disable suPHP for debian packaged web applications as files # are owned by root and cannot be executed by suPHP because of min_uid. <Directory /usr/share> suPHP_Engine off </Directory> </IfModule> 是否有可能启用系统phpmyadmin(可能通过标准的libapache2-mod-php5),而使用suphp? 怎么样?
在/etc/apache2/mods-available/suphp.conf中有两行:
AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-php
应改为:
AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-suphp
然后,在/etc/suphp/suphp.conf行
application/x-httpd-php=php:/usr/bin/php-cgi
应改为:
application/x-httpd-suphp=php:/usr/bin/php-cgi
然后,/etc/apache2/mods-available/php5.conf中的内容应该从:
<IfModule mod_php5.c> AddType application/x-httpd-php .php .phtml .php3 AddType application/x-httpd-php-source .phps </IfModule>
至:
<Directory /usr/share> <IfModule mod_php5.c> AddType application/x-httpd-php .php .phtml .php3 AddType application/x-httpd-php-source .phps </IfModule> </Directory>
这样,所有的PHP脚本都被分配了由suphp处理的x-httpd-suphptypes。 由于suphp在/ usr / share文件中被禁用,在php5.conf中为这个目录php脚本得到x-httpd-php的types并且由mod_php5来处理。 这样,除了系统安装在/ usr / share中的所有其他脚本,您将保留suphp。
自原来的答复时间以来,configuration文件已经改变。
这些文件不再需要更改:
/etc/apache2/mods-available/suphp.conf /etc/suphp/suphp.conf
这个文件:
/etc/apache2/mods-available/php5.conf
只需要当前文件的<Directory /usr/share>包装器。
例如:
<Directory /usr/share> {original php5.conf contents} </Directory>
== ==的文件的当前副本
NAME="Ubuntu" VERSION="14.04.5 LTS, Trusty Tahr" Linux anon 4.2.0-27-generic #32~14.04.1-Ubuntu SMP Fri Jan 22 15:32:26 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
root @ local [〜]#cat /etc/apache2/mods-available/suphp.conf
<IfModule mod_suphp.c> <FilesMatch "\.ph(p3?|tml)$"> SetHandler application/x-httpd-suphp </FilesMatch> suPHP_AddHandler application/x-httpd-suphp <Directory /> suPHP_Engine on </Directory> # By default, disable suPHP for debian packaged web applications as files # are owned by root and cannot be executed by suPHP because of min_uid. <Directory /usr/share> suPHP_Engine off </Directory> # # Use a specific php config file (a dir which contains a php.ini file) # suPHP_ConfigPath /etc/php5/cgi/suphp/ suPHP_ConfigPath /etc/php5/apache2 # # Tells mod_suphp NOT to handle requests with the type <mime-type>. # suPHP_RemoveHandler <mime-type> </IfModule>
root @ local [〜]#cat /etc/suphp/suphp.conf
[global] ;Path to logfile logfile=/var/log/suphp/suphp.log ;Loglevel loglevel=info ;User Apache is running as webserver_user=www-data ;Path all scripts have to be in docroot=/var/www:${HOME}/public_html ;Path to chroot() to before executing script ;chroot=/mychroot ; Security options allow_file_group_writeable=false allow_file_others_writeable=false allow_directory_group_writeable=false allow_directory_others_writeable=false ;Check wheter script is within DOCUMENT_ROOT check_vhost_docroot=true ;Send minor error messages to browser errors_to_browser=false ;PATH environment variable env_path="/bin:/usr/bin" ;Umask to set, specify in octal notation umask=0077 ; Minimum UID min_uid=100 ; Minimum GID min_gid=100 [handlers] ;Handler for php-scripts application/x-httpd-suphp="php:/usr/bin/php-cgi" ;Handler for CGI-scripts x-suphp-cgi="execute:!self"
root @ local [〜]#cat /etc/apache2/mods-available/php5.conf
<FilesMatch ".+\.ph(p[345]?|t|tml)$"> SetHandler application/x-httpd-php </FilesMatch> <FilesMatch ".+\.phps$"> SetHandler application/x-httpd-php-source # Deny access to raw php sources by default # To re-enable it's recommended to enable access to the files # only in specific virtual host or directory Order Deny,Allow Deny from all </FilesMatch> # Deny access to files without filename (eg '.php') <FilesMatch "^\.ph(p[345]?|t|tml|ps)$"> Order Deny,Allow Deny from all </FilesMatch> # Running PHP scripts in user directories is disabled by default # # To re-enable PHP in user directories comment the following lines # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it # prevents .htaccess files from disabling it. <IfModule mod_userdir.c> <Directory /home/*/public_html> php_admin_flag engine Off </Directory> </IfModule>
fwiw在Ubuntu的12.04我采取了以下步骤:添加
:/usr/share/phpmyadmin
到/etc/suphp/suphp.conf文件的末尾
添加
<Directory /usr/share/phpmyadmin> suPHP_Engine on </Directory>
到/etc/apache2/mods-enabled/suphp.conf
创build了一个新的虚拟主机
<VirtualHost *:80> ServerName phpmyadmin.example.com DocumentRoot /usr/share/phpmyadmin DirectoryIndex index.php <Directory /usr/share/phpmyadmin> Options FollowSymLinks </Directory> <directory /usr/share/phpmyadmin/setup> Order Deny,Allow Deny from All </directory> <directory /usr/share/phpmyadmin/libraries> Order Deny,Allow Deny from All </directory> </VirtualHost>
没有
chown pmauser:pmauser /usr/share/phpmyadmin chown pmauser:pmauser /usr/share/phpmyadmin/*.php chmod og-r /usr/share/phpmyamdin chmod og-r /usr/share/phpmyamdin/*.php
这主要是工作。
我一直无法弄清楚如何摆脱要求blowfish_secret的错误消息。 Ubuntu通过几个目录和/etc/phpmyadmin/apache.conf分散configuration文件
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/
我不愿意将所有这些path添加到suphp文件根目录,并且pma不能识别/usr/share/phpmyadmin/config.inc.php