mod_php and suphp at same time

/etc/suphp.conf

[global]
logfile=/var/log/httpd/suphp_log
loglevel=warn
webserver_user=apache
docroot=/home
env_path=/bin:/usr/bin
umask=0077
min_uid=500
min_gid=500
; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=false
;Send minor error messages to browser
errors_to_browser=true
[handlers]
;Handler for php-scripts
;x-httpd-php=php:/usr/bin/php
x-httpd-php="php:/usr/bin/php-cgi"
;Handler for CGI-scripts
x-suphp-cgi=execute:!self

/etc/httpd/conf.d/su.php

# This is the Apache server configuration file providing suPHP support.
# It contains the configuration directives to instruct the server how to
# serve php pages while switching to the user context before rendering.
LoadModule suphp_module modules/mod_suphp.so
# This option tells mod_suphp if a PHP-script requested on this server (or
# VirtualHost) should be run with the PHP-interpreter or returned to the
# browser "as it is".
#suPHP_Engine on
# Disable php when suphp is used, to avoid having both.
#<IfModule mod_php5.c>
#php_admin_flag engine off
#</IfModule>
#<IfModule mod_php4.c>
#php_admin_flag engine off
#</IfModule>
# To use suPHP to parse PHP-Files
#AddHandler x-httpd-php .php
#AddHandler x-httpd-php .php .php4 .php3 .phtml
# This option tells mod_suphp which path to pass on to the PHP-interpreter
# (by setting the PHPRC environment variable).
# Do *NOT* refer to a file but to the directory the file resides in.
#
# E.g.: If you want to use "/path/to/server/config/php.ini", use "suPHP_Config
# /path/to/server/config".
#
# If you don’t use this option, PHP will use its compiled in default path.
# suPHP_ConfigPath /etc
# If you compiled suphp with setid-mode "force" or "paranoid", you can
# specify the user- and groupname to run PHP-scripts with.
# Example: suPHP_UserGroup foouser bargroup
# suPHP_UserGroup apache apache
# This option tells mod_suphp to handle requests with the type <mime-type>.
# Please note this only works, if an action for the handler is specified
# in the suPHP configuration file.
#suPHP_AddHandler x-httpd-php
# This option tells mod_suphp to NOT handle requests with the type <mime-type>.
# suPHP_RemoveHandler <mime-type>

Usege example

<VirtualHost 192.168.1.10:80>
SuexecUserGroup "#500" "#500"
ServerName example.com
ServerAlias www.example.com
DocumentRoot /home/example.com/public_html
suPHP_Engine on
AddHandler x-httpd-php .php
AddHandler x-httpd-php .php .php4 .php3 .phtml
suPHP_AddHandler x-httpd-php
suPHP_UserGroup example.com example.com
<Directory /home/example.com/public_html>
allow from all
</Directory>
DirectoryIndex index.htm index.html index.php
</VirtualHost>

suPHP parents directory is not own by defined user or root

root at server1:/root/suPHP/suphp-0.6.3/src# diff -u ./Application.cpp
./Application.cpp-dist
— ./Application.cpp 2008-04-24 15:21:20.000000000 -0700
+++ ./Application.cpp-dist 2008-03-30 04:43:38.000000000 -0700
@@ -492,14 +492,12 @@
directory = directory.getParentDirectory();

UserInfo directoryOwner = directory.getUser();
-#ifndef OPT_USERGROUP_OWNER
if (directoryOwner != owner && !directoryOwner.isSuperUser()) {
std::string error = “Directory ” + directory.getPath()
+ ” is not owned by ” + owner.getUsername();
logger.logWarning(error);
throw SoftException(error, __FILE__, __LINE__);
}
-#endif

if (!directory.isSymlink()
&& !config.getAllowDirectoryGroupWriteable()

Originally found at https://lists.marsching.com/pipermail/suphp/2008-April/001831.html

Install SSL certificate on postfix and dovecot

Make key file

#openssl genrsa -des3 -out example.com.key 2048
Generating RSA private key, 1024 bit long modulus
…………..++++++
..++++++
e is 65537 (0x10001)
Enter pass phrase for example.com.key:
Verifying – Enter pass phrase for example.com.key:
# openssl req -new -key example.com.key -out example.com.csr
Enter pass phrase for example.com.key:
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
A challenge password []:
An optional company name []:

Get CRT (GeoTrust, verisign etc)

Remove pass phrase

#openssl rsa -in example.com.key -out example.com.pem

edit /etc/postfix/main.cf

smtpd_use_tls = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_key_file = /etc/pki/tls/certs/example.com.pem
smtpd_tls_cert_file = /etc/pki/tls/certs/example.com.crt

edit /etc/dovecot.conf

ssl_disable = no
ssl_cert_file = /etc/pki/tls/certs/example.com.crt
ssl_key_file = /etc/pki/tls/certs/example.com.pem

restart postfix and dovecot

Reinstall yum package

as you might know, yum does not provide re-install functionality,

for re-installing yum installed application following methods may useful

yum install yum-utils
yumdownloader package
rpm -Uvh –force downloadedpackages

Google Mobile htaccess for japan region

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^DoCoMo.* [OR]

RewriteCond %{HTTP_USER_AGENT} ^KDDI.* [OR]

RewriteCond %{HTTP_USER_AGENT} ^Vodafone.* [OR]

RewriteCond %{HTTP_USER_AGENT} ^SoftBank.* [OR]

RewriteCond %{HTTP_USER_AGENT} ^J-PHONE.* [OR]

RewriteCond %{HTTP_USER_AGENT} ^Mozilla.+DDIPOCKET.* [OR]

RewriteCond %{HTTP_USER_AGENT} ^Mozilla.+WILLCOM.*

RewriteRule ^$ http://www.google.com/gwt/n?u=http://www.example.com [R,L]

automated network folder mount script for mac

set myip to do shell script “ifconfig | grep ‘broadcast’ | awk ‘{print $6}'”
if myip = “10.168.1.255” then
mount volume “smb://workgroup;username:password@10.168.1.254/path/”
else
display dialog “Not able to connect server” buttons {“ok”} default button “ok”
end if

gdm error after while…..

ns2 ~ # /usr/bin/gdm

/usr/bin/gdm: error while loading shared libraries: libdirectfb-0.9.so.25: cannot open shared object file: No such file or directory

Revdep-rebuild should find out the problem for you, the most obvious reason whyit might not is if a previous run of revdep-rebuild did not complete and thetemporary files were still present.  Please try running “revdep-rebuild -i” toensure that the temporary files are cleaned out.  If you do this before trying to re-emerge totem-pl-parser, you can test whether it spots, it and then againwhether totem-pl-parser fixes the problem.

If after you’ve got the results the problem hasn’t been fixed, orrevdep-rebuild wasn’t correctly finding the issue, then please feel free to reopen this bug…  5:)

safari 4 extra tips

$ strings /Applications/Safari.app/Contents/MacOS/Safari | grep DebugSafari4
DebugSafari4TabBarIsOnTop
DebugSafari4IncludeToolbarRedesign
DebugSafari4IncludeFancyURLCompletionList
DebugSafari4IncludeGoogleSuggest
DebugSafari4LoadProgressStyle
DebugSafari4IncludeFlowViewInBookmarksView
DebugSafari4TopSitesZoomToPageAnimationDimsSnapshot
DebugSafari4IncludeTopSites

How to use example
defaults write com.apple.Safari DebugSafari4TabBarIsOnTop -bool NO
defaults delete com.apple.Safari DebugSafari4TabBarIsOnTop
defaults write com.apple.Safari DebugSafari4LoadProgressStyle -bool NO