SuExec cannot execute scripts with "failed to setuid" error
1H Hive cannot execute certain scripts and I see "failed to setuid" errors in the log files. What should I do?
This issue is most commonly caused by the grsecurity set of patches for the Linux kernel. If you see similar records in the SuExec log files:
[2013-12-09 10:16:38]: emerg: failed to setuid (1065: index.php) user target/actual: (1065/testuser)
this may indicate that grsecurity has blocked the users in question. To make sure that this is the case use the following command to print the message buffer of the kernel:
dmesg | grep UID
Replace UID with the id of the user which is mentioned in the SuExec log files. If you see records similar to the following:
grsec: banning user with uid 1065 until system restart for suspicious kernel crash grsec: banning user with uid 1065 until system restart for suspicious kernel crash
this means that grsecurity has detected abnormal activity and that is why it has blocked the users in question. There are three ways to resolve the issue:
1. You can disable the grsecurity CONFIG_GRKERNSEC_KERN_LOCKOUT option. Please note that it is always better to find out why grsecurity has blocked certain users instead of simply disabling this option.
2. You can temporary change the ID of the affected user, so that grsecurity will not block the requests for the new ID.
3. You can use the grsecurity "gradm" command to remove the ban for a specific user. For example, to remove the ban for user ID 1065 you should use the following command:
gradm -M 1065
You should check the following link for more details how to use the grsecurity administration utility: