I'm trying to set up per-user trac instances, using fcgid. The problem is that trac requires rw access to the trac instance, so I need the fcgi process to run under the respective user.
I have the suexec, fcgid, and userdir Apache modules installed (on Debian). I put up vhost directive
ScriptAliasMatch /~(.*)/trac /home/$1/public_html/trac.fcgi
This works insofar as trac.fcgi is run, but unfortunately, under the www-data user. How can I make fcgid launch it under the $1 user?
Trac is written in Python and supports running under mod_wsgi (per an item in the FAQ), so I'd drop several of those moving parts and switch to the fantastic mod_wsgi, which supports specifying a user for a script to run as. I use this functionality for another project and it works well.
Checking for the official mod_wsgi docs, to point you at how this is done, I see that the docs include a page on Trac integration which has many examples, including specifying particular users to run as. So your best bet is just to read:
http://code.google.com/p/modwsgi/wiki/IntegrationWithTrac
I'm using the IUS RPMs from Rackspace, and suexec came compiled and configured by default.
Here are the pertinent parts of my mod_fcgid config:
I suggest removing the "ScriptAliasMatch" Directive and using the AddHandler directive globally or in the UserDir section. Under my setup, any UserDir folder (i.e. ~/public_html) would automatically use suexec for the user in question.
With mod_fastcgi, you can use the following to enable Suexec execution of FastCGI script:
FastCgiSuexec '/usr/lib/apache2/suexec'The path to suexec may need to be modified, this example comes from a Debian system.