Sunday, April 6, 2008

UID of script is smaller than min_uid

I just spent almost two hours trying to figure out what this error meant for suPHP.
I couldn't figure out whether it applied to the UID of the file itself, or the user the process was running as when it started just going by what I found through searching.

So I ended up installing suPHP on my Ubuntu box just to find out for myself.
I went ahead and installed the Apache2 module, to make things easy.
sudo apt-get install libapache2-mod-suphp

Once that was installed it restarted Apache by itself & the first PHP script I accessed in my browser worked like a charm. Reason being, the PHP script was already owned by the user I usually use to test stuff out with, a non-root user with a UID of 100.

Now when I chowned the file to be owned by root,
sudo chown root /var/www/test.php

I got the following error showing up in /var/log/suphp/suphp.log.
[Sun Apr 06 07:45:22 2008] [warn] UID of script "/var/www/test.php" is smaller than min_uid

As soon as I gave the file back to myself it worked fine however.
sudo chown joebert /var/www/test.php

Update: Now that I read this post a few months later, I'm not sure what the actual problem was is clear enough. It's not soo much who owns the file as much as it is what their system UID is.

When a user account is created on the system it's generally given an ID number. Usually when you create a user account which will actually get logged into by a human, such as "bob" or "arlene", rather than a system/service account such as "www-data" or "postfix", the UID will tend to be 100+. However with a system/service account the UID will tend to be below 100.

So, if you chown the problematic file to "root", "www-data", or similar, you're likely going to get the min_uid error since those accounts tend to be system/service accounts.

The point of suPHP is to make sure scripts are running as the person who owns them. If you need to assign ownership of scripts to services, you'll have to modify the suPHP configuration file so that min_uid is as low as the UID of the account you wish to assign ownership of the file to.


esteve said...

Thanks m8! :)

surfer said...

Very nice article. I was struggling with this problem you saved my day :)

toby said...

Cheers for this, helped me sort out a similar issue.

Anonymous said...

thanks for this post. perfect solution. chown & chgrp to vs. root for files I had copied as root solved the problem.