There are 3 bugs that i have run into with mpm-peruser. These maybe upstream bugs but I am unsure so i am reporting them anyway. 1) mpm-peruser no longer uses the jail parameter correctly. For example: if you setup something like this you always get a 403 error. I have played with the document root and permissions and everything should work. Note that if you remove the jail path from ServerEnvironment and Processor everything works just no jail. DocumentRoot /htdocs ServerName site1.domain.com Processor apache site1 /siteroot/site1 ServerEnvironment apache site1 /siteroot/site1 2) Peruser will segfault on demand if your jail path specified in ServerEnvironment and/or Processor does not exist. Processor apache site1 /mia_folder/site1 ServerEnvironment apache site1 /mia_folder/site1 3) Peruser seems to ignore if you have -D PERUSER in your /etc/conf.d/apache2 file. It will always try to load it and if you do not have the ServerEnvironment and/or Processor information in your config file it will fail to start. Reproducible: Always Steps to Reproduce: 1) Setup vhost with following info DocumentRoot /htdocs ServerName site1.domain.com Processor apache site1 /siteroot/site1 ServerEnvironment apache site1 /siteroot/site1 2) Setup vhost with missing jail folder. Processor apache site1 /mia_folder/site1 ServerEnvironment apache site1 /mia_folder/site1 3) removed -D PERUSER from /etc/conf.d/apache2 file Actual Results: 1) 403 Access denied by configuration error. 2) apache child process segfaults. 3) <IfModule mpm_peruser_module> returns true. Expected Results: 1) Page loads 2) some type of error is displayed when config file is checked. 3) <IfModule mpm_peruser_module> returns false. I know peruser is new and buggy and not really supported. Some of these features worked in 2.0.
(In reply to comment #0) > 3) Peruser seems to ignore if you have -D PERUSER in your /etc/conf.d/apache2 > file. It will always try to load it and if you do not have the > ServerEnvironment and/or Processor information in your config file it will fail > to start. there is no such thing as -D PERUSER, MPMs are statically linked into apache.
(In reply to comment #0) > 1) mpm-peruser no longer uses the jail parameter correctly. For example: if > you setup something like this you always get a 403 error. I have played with > the document root and permissions and everything should work. Note that if you > remove the jail path from ServerEnvironment and Processor everything works just > no jail. works for me. make sure to set the DocumentRoot relative to your chroot, so if your chroot is /var/www/localhost, then set DocumentRoot to "/htdocs". (apache will warn that /htdocs does not exist, but i guess you have to live with that) > 2) Peruser will segfault on demand if your jail path specified in > ServerEnvironment and/or Processor does not exist. > Processor apache site1 /mia_folder/site1 > ServerEnvironment apache site1 /mia_folder/site1 I was not able to reproduce a segfault, but if the chroot does not exist it will just terminate the child, and the request hangs in the multiplexer. To prevent this at least during startup, i have added a patch to 2.2.4-r11 for peruser that checks if the given chroot dir actually exists. if the dir disappears during apache runtime, you're screwed...