Watch out, latest httpd rpm on centos 3 breaks Plesk 8 servers

[Hostasaurus@]

On servers running CentOS 3 you'll find that an update to the httpd rpm came out last night; it's httpd-2.0.46-61.ent.centos3. If your server is also running Plesk 8 or 8.0.1, the rpm replaces the /usr/sbin/suexec binary with the redhat version and will break all the cgi scripts on your server until you copy the correct one back manually from /usr/local/psa/suexec/ This same RPM was applied to servers running Plesk 7.5.3 and 7.5.4 and did not produce this error.

My understanding is that there is some type of trigger that is supposed to be in the rpm database so that when httpd is updated, it either ignores /usr/sbin/suexec or the psa-suexec is copied back over it again; not sure which but the effect is the same. Apparently on the CentOS 3 platform this is no longer working when Plesk 8 is installed but continues to work correctly with Plesk 7.5.3 and 7.5.4.

If anyone who has more knowledge of how the Plesk suexec replacement/protection is supposed to work and why it may not anymore please let me know; I've got a ticket open with swsoft as well.

If you're running CentOS 3 and Plesk 8, I'd recommend not running up2date or yum update until this problem is resolved, or it could break your sites. If you have your servers to automatically update, then you're probably already broken.

 

[thewolf]

Hi,

Did you find out any more info about this issue?

Any reply from SWsoft?

Thanks.

 

[Hostasaurus@]

Yeah, it took quite a bit of work to convince them that they had introduced a bug since the front-line support swore that it was normal for me to have to replace the suexec with the psa-suexec every time I upgraded httpd but then when I asked them to explain why identical servers, one running psa 7.5, one 8.0, behaved differently they dug a little deeper and found that the trigger that is supposed to be in the rpm database to protect /usr/sbin/suexec from replacement was lost in Plesk 8. There's an open bug now and it's being fixed.