Hi Paul, This looks great! I've read through it and understand. I'll give it a try later today. From my initial scan of you email, it looks like the ../CGI-Executables directory is there for just the executables (hence the name) and all data files accessed by the executables should be in a separate directory, and not a sub-directory or the CGI-Executables. So, after making the changes, when a script in CGI-Executables trys to open a file for appending/writing in the CGI-Data directory, and there is no file by that name, Perl will create one, yes?
Thanks again for your help, Mark ----- Original Message ----- From: "Paul Hoffman" <[EMAIL PROTECTED]> To: "Mark Wheeler" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, September 25, 2003 9:08 AM Subject: Re: File write/read problem > Mark, > > Leave the permissions on httpd.conf as they are, in case you're tempted > to change them. :-) After you've read this message, I suggest you > read up on UNIX permissions -- maybe someone else can recommend a good > source of information. > > The key is that your CGI script runs as user www and group www. All > the permissions have to take that into account. I'll describe one way > to accomplish what (I think) you want; there may be others. > > What you need to do is change the owner and/or group of any directories > to which your CGI script will be adding files, and of any *existing* > files which your CGI script will be modifying. > > It sounds like you have the following setup: > > / > Library/ > WebServer/ > CGI-Executables/ > write.cgi > file1.txt > file2.txt > ... > > First, it's not a good idea to create or modify files within the > CGI-Executables (a.k.a. cgi-bin) directory, so I would *definitely* put > any data files in a separate directory, called (say) CGI-Data: > > % cd /Library/WebServer > % chmod o-w . # make sure permissions on /Library/WebServer are > sane > % sudo mkdir CGI-Data > % ls -l > drwxr-xr-x 2 root admin 68 Sep 25 11:40 CGI-Data > > (I'll continue to edit the output of `ls -l' as I've done here.) > > If there are any existing files to move here, go ahead and move (or > copy) them now: > > % sudo mv file1.txt file2.txt CGI-Data > > As it stands now, your CGI script won't be able to do anything in this > directory or to its files -- you created it as root so, by default, > root is its owner. I'm assuming that you want to be able to read and > write things in this directory yourself, so what you can do is make > yourself the owner and www the group. Let's say by some strange chance > your user id is the same as mine, nkuitse: > > % sudo chown -R nkuitse:www CGI-Data > % ls -l > drwxr-xr-x 2 nkuitse www 68 Sep 25 12:05 CGI-Data > > OK, so now you (nkuitse) can do anything you want to do in this folder, > and (because of the -R option, which means "and do the same to the > directory's contents, recursively") you can do anything to the files > within it. > > But your CGI script still can't touch them, because the group > permissions are still r-x. That's easy to fix: > > % chmod -R 775 CGI-Data > % ls -l > drwxrwxr-x 2 nkuitse www 68 Sep 25 12:05 CGI-Data > > Note two things: > > 1. sudo wasn't needed because now you're the owner, and you have > write permission (unless you took away write permission from the files > you moved, before you moved them) > > 2. chmod also has an -R option with the same effect as chown's > > Now all you have to do is modify your script so it writes to > ../CGI-Data/file1.txt, etc. instead of just file1.txt, etc. Or you can > use absolute paths like /Library/WebServer/CGI-Data/file1.txt if you > prefer (this is less portable but that may not matter in your case). > > If you want to get fancy, you can set up individual subdirectories > within CGI-Data, setting the permissions for one so your CGI script can > only modify *existing* files, and setting them for the other so your > CGI script can modify existing files *and* add files. > > HTH, > > Paul. > > On Thursday, September 25, 2003, at 10:08 AM, Mark Wheeler wrote: > > > In just checked the httpd.conf file and, yes, the user/group is set to > > www/www. So I need to change it to what? > > > > Mark > > > > ----- Original Message ----- > > From: "Paul Hoffman" <[EMAIL PROTECTED]> > > To: "John Delacour" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Thursday, September 25, 2003 5:23 AM > > Subject: Re: File write/read problem > > > > > >> On Wednesday, September 24, 2003, at 10:44 PM, > >> [EMAIL PROTECTED] wrote: > >> > >>> OK, that makes perfect sense, but it is not working here. Here is a > >>> basic script which, when run, should create a new file called > >>> example.txt because it is not there when the open statement is used. > >>> > >>> #!/usr/bin/perl > >>> > >>> print "Content-type: text/html\n\n"; > >>> > >>> print "Creating new file..."; > >>> > >>> my $newtext = "newtext from old"; > >>> > >>> open (USER,"> example.txt"); > >>> print USER $newtext; > >>> close USER; > >>> > >>> exit; > >>> > >>> As you've said, it should create the file in the same directory, in > >>> this case the cgi-bin, as the script (which is called write.cgi). I > >>> run the call the script from the browser and the script runs fine, > >>> except, no file is created. I added a "|| die ($!)" at the file open > >>> call and add the CGI::CARP qw(fatalToBowser) at the top and get the > >>> following. > >>> > >>> Permission denied at /Library/WebServer/CGI-Executables/write.cgi > >>> > >>> All the permissions for each of these directories are 755. Something > >>> is a miss. So what can I do?! I'm very confused. > >> > >> Who owns the directories? The Web server runs as user www (unless > >> you're not running the stock httpd). That's probably your problem. > >> > >> HTH, > >> > >> Paul. > >> > >> -- > >> Paul Hoffman :: Taubman Medical Library :: Univ. of Michigan > >> [EMAIL PROTECTED] :: [EMAIL PROTECTED] :: http://www.nkuitse.com/ > >> > > > > > -- > Paul Hoffman :: Taubman Medical Library :: Univ. of Michigan > [EMAIL PROTECTED] :: [EMAIL PROTECTED] :: http://www.nkuitse.com/ >
