# Apache's 2 Suexec



## Seeker (Oct 15, 2009)

```
# suexec -V
 -D AP_DOC_ROOT="/usr/local/www/data"
 -D AP_GID_MIN=1000
 -D AP_HTTPD_USER="www"
 -D AP_LOG_EXEC="/var/log/httpd-suexec.log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=1000
 -D AP_USERDIR_SUFFIX="public_html"
```

Suexec works on my 7.2-p4 from ports. Without my intervention.
Now looking at: SuExec Docs
I can see that setup is quite complex.
So...

The only link to suexec itself in httpd.conf is this line:

```
LoadModule suexec_module libexec/apache22/mod_suexec.so
```
And nothing else related to suexec.

Global user and group is:

```
User www
Group www
```

And in virtual hosts there is NO entries related to suexec as User Group or SuexecUserGroup...

Also, each www folder, that contains public_html folder, from which pages are parsed and served are in *user's*(/home/..) dir and NOT in /usr/local/www/data

So why does it work??
Each script is executed AS user in whose home folder script resides.


----------



## Seeker (Oct 16, 2009)

My bad.

Actually, it hasn't worked at all.
I've used php function:

```
echo get_current_user();
```
Which always reported correct user name.

But that was user name of OWNER of php script being parsed.

```
exec('whoami');
```
Always returned www user.

Anyway, I've made suexec working now.


----------

