Actually, it appears this is the source of the problem [2014-02-20 12:00:19]: user mismatch (www-data instead of www) not sure what it means On Thu, Feb 20, 2014 at 11:48 AM, Roman Gelfand <rgelfand2@xxxxxxxxx> wrote: > I am trying to setup forms/ldap based authentication for an existing > site. I am getting an error with suexec. Not sure what is causing > it. Below, are log and configuration. > > Log > > [Thu Feb 20 10:47:35.867218 2014] [core:notice] [pid 26384] AH00094: > Command line: '/usr/sbin/apache2' > [Thu Feb 20 10:47:51.311666 2014] [authz_core:debug] [pid 26392] > mod_authz_core.c(802): [client 192.168.0.209:55675] AH01626: > authorization result of Require valid-user : denied (no authenticated > user yet) > [Thu Feb 20 10:47:51.311744 2014] [authz_core:debug] [pid 26392] > mod_authz_core.c(802): [client 192.168.0.209:55675] AH01626: > authorization result of <RequireAny>: denied (no authenticated user > yet) > [Thu Feb 20 10:47:51.333617 2014] [authnz_ldap:debug] [pid 26392] > mod_authnz_ldap.c(501): [client 192.168.0.209:55675] AH01691: > auth_ldap authenticate: using URL > ldap://192.168.0.22:389/ou=People,dc=doman,dc=local?mail?sub > [Thu Feb 20 10:47:51.334139 2014] [ldap:debug] [pid 26392] > util_ldap.c(372): AH01278: LDAP: Setting referrals to On. > [Thu Feb 20 10:47:51.339220 2014] [authnz_ldap:debug] [pid 26392] > mod_authnz_ldap.c(593): [client 192.168.0.209:55675] AH01697: > auth_ldap authenticate: accepting user@domain.local > [Thu Feb 20 10:47:51.339335 2014] [authz_core:debug] [pid 26392] > mod_authz_core.c(802): [client 192.168.0.209:55675] AH01626: > authorization result of Require valid-user : granted > [Thu Feb 20 10:47:51.339426 2014] [authz_core:debug] [pid 26392] > mod_authz_core.c(802): [client 192.168.0.209:55675] AH01626: > authorization result of <RequireAny>: granted > [Thu Feb 20 10:47:51.342397 2014] [cgi:error] [pid 26392] [client > 192.168.0.209:55675] AH01215: suexec policy violation: see suexec log > for more details > [Thu Feb 20 10:47:51.342765 2014] [cgi:error] [pid 26392] [client > 192.168.0.209:55675] End of script output before headers: dspam.cgi > [Thu Feb 20 10:47:51.364314 2014] [core:debug] [pid 26392] > util_cookies.c(59): [client 192.168.0.209:55675] AH00007: ap_cookie: > user 'user@domain.local' set cookie: > 'session=5NdUE0kHQSGYA+ui0Q3tfOQ9Xe6nEXQIi2bINcDzE5QGKSFto6pcNFFvQFZK4yW+fz9zCqCgK02ibacwHPH+84uyEbqwwuq2h2ZzgD/DvJU9s4g/NUUk13SfoVQdFwyDoFqFxjY2CJYKTUP6dJ9AfoWDMD/EN4uYPQ7/+TzccJ0=;path=/' > > > Directory /var/www/dspam Permissions > > drwxr-xr-x 2 dspam dspam 4096 Feb 20 10:10 . > drwxr-xr-x 3 root root 4096 Feb 19 19:34 .. > -rwxr-xr-x 1 dspam dspam 29602 Apr 4 2013 admin.cgi > -rwxr-xr-x 1 dspam dspam 5853 Apr 4 2013 admingraph.cgi > -rwxr-xr-x 1 dspam dspam 562 Feb 11 15:47 authenticate.php > -rwxr-xr-x 1 dspam dspam 3179 Feb 7 10:17 base.css > -rwxr-xr-x 1 dspam dspam 7137 Feb 7 10:17 configure.pl > -rw-r--r-- 1 dspam dspam 1394 Feb 6 18:52 default.prefs > -rw-r--r-- 1 dspam dspam 4792 Feb 7 10:17 dspam-logo-small.gif > -rwxr-xr-x 1 dspam dspam 55543 Feb 11 13:07 dspam.cgi > -rw-r--r-- 1 dspam dspam 822 Feb 7 10:17 dspam.js > -rw-r--r-- 1 dspam dspam 15774 Feb 6 18:52 favicon.ico > -rwxr-xr-x 1 dspam dspam 4655 Apr 4 2013 graph.cgi > -rwxr-xr-x 1 dspam dspam 61390 Feb 6 18:52 htmlize.pl > -rwxr-xr-x 1 dspam dspam 20 Feb 19 19:01 info.php > -rw-r--r-- 1 root root 416 Feb 11 17:16 login.html > -rw-r--r-- 1 root root 337 Feb 11 15:37 loginb.html > -rwxr-xr-x 1 dspam dspam 718 Feb 6 18:52 logout.cgi > -rwxr-xr-x 1 dspam dspam 1192 Feb 20 10:05 logout.php > -rwxr-xr-x 1 dspam dspam 245 Feb 11 13:34 logout2.php > -rw-r--r-- 1 dspam dspam 17168 Feb 6 18:52 rgb.txt > -rw-r--r-- 1 dspam dspam 589 Feb 6 18:52 rtl.css > > > > site config > > > <VirtualHost *:80> > > > LogLevel debug > SuexecUserGroup dspam dspam > Addhandler cgi-script .cgi > Options +ExecCGI -Indexes > > DocumentRoot /var/www/dspam > > ErrorDocument 401 /login.html > > Session On > SessionCookieName session path=/ > SessionCryptoPassphrase secret > > <Location /> > AuthFormProvider ldap > AuthType form > AuthName "DSPAM Authentication" > AuthFormLoginRequiredLocation http://192.168.0.36/login.html > AuthLDAPURL > "ldap://192.168.0.22:389/ou=People,dc=domain,dc=local?mail?sub"; > AuthLDAPBindDN "CN=LDAP Lookup,OU=Service > Accounts,OU=People,DC=domain,DC=local" > AuthLDAPBindPassword "password" > Require valid-user > </Location> > > <Location /login.html> > Order allow,Deny > Allow from all > require all granted > </Location> > > <location /logout> > SetHandler form-logout-handler > AuthName "DSPAM Authentication" > AuthFormLogoutLocation http://192.168.0.36/login.html > </location> > > <Location /dologin.html> > SetHandler form-login-handler > AuthType form > AuthName "DSPAM Authentication" > AuthFormProvider ldap > AuthFormLoginRequiredLocation http://192.168.0.36/login.html > </Location> > > # ErrorLog logs/DSPAMError_log > # CustomLog logs/DSPAMAccess_log common > </VirtualHost> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|