Hi Kevin,
Just wanted to thank you for your help.
Figured out the problem -- it was partly permission problem (that you helped
to solve). I tried a simpler script, testing to see whether I could simply
write to a file. I could. It would even append. But back in the
"graffiti.php" it still wouldn't recognize or pass the variable.
I looked at phpinfo() output and noticed that:
register_globals=off and register_argc_argv= off
No wonder it wasn't passing the variable. The php.ini told it not to. Changed
both to "on", and bingo - a working script!
Thanks again,
Andre
On Sunday 10 February 2002 01:42, you wrote:
> Andre,
>
> Yes, your problem is testing the script as root. As a rule of thumb, never
> write scripts or test stuff as root. The root user should only be used
> when you need to install something new, or perform system maintenance.
>
> Kevin
> ----- Original Message -----
> From: "Andre Dubuc" <[EMAIL PROTECTED]>
> To: "Kevin Old" <[EMAIL PROTECTED]>
> Sent: Saturday, February 09, 2002 10:25 PM
> Subject: Re: [newbie] Permissions: Nobody in Apache + PHP
>
> > Kevin,
> >
> > My tmp directory was set to drwxrwxr-t -- I changed it, as well as the
> > graffiti.dat in /htdocs. The file in both /tmp and /htdocs was not
> > apache: apache but root:root. Is this where the problem lies? I'm testing
> > the
>
> script
>
> > while in root (Btw, I wrote it in root: I can't seem to get any script to
> > work as user).
> >
> > Where would I find "errors in my browser"?
> >
> > Thanks for your advice!
> >
> > Andre
> >
> > On Saturday 09 February 2002 23:00, you wrote:
> > > Andre,
> > >
> > > I copied the code and executed it and worked fine for me.
> > >
> > > Make sure your tmp directory is set like this
> > >
> > > drwxrwxrwt 4 root root 1024 Feb 9 16:41 tmp/
> > >
> > > This is how the file was created
> > >
> > > -rw-r--r-- 1 apache apache 0 Feb 9 16:38 graffiti.dat
> > >
> > > Are you getting any errors back in your browser from PHP?
> > >
> > > Kevin
> > > ----- Original Message -----
> > > From: "Andre Dubuc" <[EMAIL PROTECTED]>
> > > To: "Kevin Old" <[EMAIL PROTECTED]>
> > > Cc: <[EMAIL PROTECTED]>
> > > Sent: Saturday, February 09, 2002 9:26 PM
> > > Subject: Re: [newbie] Permissions: Nobody in Apache + PHP
> > >
> > > > Thanks Kevin,
> > > >
> > > > You're right it's a permission thing, but it doesn't make any
>
> difference
>
> > > sinc
> > >
> > > > I palced Grafiti.dat and graffiti.php in the same directory (htdocs).
>
> I
>
> > > also
> > >
> > > > tried it in /tmp, setting the permissions the same. No go. Since this
>
> is
>
> > > > a tutorial script, (PHP 101 - Part 5 from DevShed.com) I wonder if
> > > > there's a mistake in it: the variable $graffiti does not seem to be
> > > > defined except
> > >
> > > by
> > >
> > > > the name=graffiti function in the form section.
> > > >
> > > > My error log is a mess! Primary error: $graffiti not defined, and,
> > > > no permission to grafiti.php. The script is simple and should work: I
> > >
> > > included
> > >
> > > > it below. If you would be so kind as to scan for errors (particularly
>
> for
>
> > > > $graffiti definition):
> > > >
> > > > <html>
> > > > <head>
> > > > <basefont face="Arial">
> > > > </head>
> > > > <body>
> > > >
> > > > <?php
> > > > // set the file name
> > > > $filename = "/tmp/graffiti.dat";
> > > >
> > > > // open the file
> > > > $handle = fopen ($filename, "a+");
> > > >
> > > > // write the string to the file handle
> > > > fputs ($handle, $graffiti);
> > > >
> > > > // close the file
> > > > fclose ($handle);
> > > > ?>
> > > >
> > > > <form action=graffiti.php method=get> [I changed graffiti.php4 to
> > > > php] <input type=text size=30 name=graffiti>
> > > > <input type=submit name=submit value="Add your two bits!">
> > > > </form>
> > > >
> > > > <?php
> > > > // Display current contents of file if available
> > > > if (file_exists ($filename))
> > > > {
> > > > echo "<b>Current graffiti reads: </b>";
> > > > readfile ($filename);
> > > > }
> > > > else
> > > > {
> > > > echo "File not found!";
> > > > }
> > > >
> > > > ?>
> > > > </body>
> > > > </html>
> > > >
> > > > Somehow, I think there's a boo-boo in here (but then again, I'm a
>
> newbie!
>
> > > :>)
> > > >
> > > > Tia, (and thanks for your help!)
> > > > Andre
> > > >
> > > > On Saturday 09 February 2002 20:47, you wrote:
> > > > > Andre,
> > > > >
> > > > > Yes, it has to be a permissions issue. Here's one thing that has
> > > > > gotten
> > >
> > > me
> > >
> > > > > in the past. Make sure that the directory (and ones above it) for
> > > > > grafitti.dat have the same permissions and are owned and grouped
> > > > > exactly
> > >
> > > as
> > >
> > > > > grafitti.dat is. Try that and let me know what happens. Also,
>
> check
>
> > > your
> > >
> > > > > Apache error_log for error messages and they might help you
> > > > > pinpoint the problem.
> > > > >
> > > > > As for your original question, nobody is just an ordinary user like
>
> any
>
> > > > > other. The only thing is that the nobody account is disabled so
>
> that
>
> > > > > nobody can log in in the normal way. The purpose of having such an
> > > > > account is to limit the power of processes that run as this user
> > > > > and
>
> to
>
> > > > > partition them off to some extent from other users although there
>
> seems
>
> > > > > to be something of a trend nowadays to run various services as
> > > > > their own separate users (eg, in Debian: www-data for Apache, proxy
> > > > > for squid, et al.)
> > > > >
> > > > > If you want to know why 'nobody' is not singled out as a specially
> > > > > restricted user then I can only give you my explanation and I don't
> > > > > know how authoritative that is. Firstly the Unix model says there
>
> are
>
> > > > > two types of users: superusers (uid=0) and ordinary users (uid!=0).
> > > > > Many would argue that this approach is the reason Unix security is
>
> such
>
> > > > > a problem so the question of whether introducing a new users with
> > > > > varying privileges would actually help or not would need to be
> > > > > considered carefully. Perhaps the main reason why it hasn't been
>
> done
>
> > > > > so far is that there is little need. If you and I both have an
>
> account
>
> > > > > on the system, can I delete your files? Hopefully not -- unless
> > > > > you have specifically given a group I am in this privilege (or,
> > > > > heaven forbid, the dreaded 'other'). If you have private files
> > > > > then
>
> hopefully
>
> > > > > you have set the permissions/umask appropriately hence I can't read
> > > > > these either. Consequently, we are both unprivileged users and
> > > > > only ourselves (or, more correctly, processes with our uid) can do
> > > > > any damage to our files (unless permission is granted otherwise).
> > > > > Hence use of the nobody limits the damage that can be done to
> > > > > 'nobody': a user who owns virtually nothing and can only access
> > > > > (read/write)
>
> files
>
> > > > > to which r/w permission has been granted to "other" -- how more
> > > > > unprivileged could this be? (Perhaps rlimits could be permanently
> > > > > enforced but in some ways perhaps this is the responsiblity of the
> > > > > application process, not the user id it runs as.) As I said, this
>
> is
>
> > > > > just my opinion and someone else can probably provide a better
>
> answer.
>
> > > > > :)
> > > > >
> > > > > Hope this helps,
> > > > > Kevin
> > > > > ----- Original Message -----
> > > > > From: "Andre Dubuc" <[EMAIL PROTECTED]>
> > > > > To: <[EMAIL PROTECTED]>
> > > > > Sent: Saturday, February 09, 2002 2:14 PM
> > > > > Subject: [newbie] Permissions: Nobody in Apache + PHP
> > > > >
> > > > > > Finally, I have working copies of Apache 1.3.22 and PHP 4.1.1 on
>
> my
>
> > > LM8.0
> > >
> > > > > > box. Apache has been set up with "nobody' permissions, and I
> > > > > > write
> > >
> > > test
> > >
> > > > > > scripts as root and place them in /home/web/apache/htdocs.
> > > > > >
> > > > > > I can read scripts from this directory, but I've tried to use:
> > > > > > . . . excerpt . . .
> > > > > >
> > > > > > $filename = "/tmp/graffiti.dat";
> > > > > > $handle = fopen ($filename, "a+");
> > > > > > fputs ($handle, $graffiti); [I've also tried fwrite]
> > > > > > fclose($handle);
> > > > > >
> > > > > > . . . followed by a form that takes $graffiti as input . . . and
> > > > > > then
> > >
> > > a
> > >
> > > > > php
> > > > >
> > > > > > script that displays the contents of the appended $filename . . .
> > > > > >
> > > > > > And no matter what I try, nothing is written to "graffiti.dat" --
> > > > > > I've checked that it is writeable. Somehow, I think it's related
>
> to
>
> > > > > > permissions and the group "nobody". I've written the script as
>
> root,
>
> > > and
> > >
> > > > > > another as
> > > > >
> > > > > user.
> > > > >
> > > > > > Neither works. Apache (temporarily) is run at root -- I'm just
> > >
> > > learning
> > >
> > > > > > Apache and PHP -- this is a developmental setup, not connected to
>
> the
>
> > > > > outside.
> > > > >
> > > > > > If there are any gurus that can help me, I'd appreciate it.
> > >
> > > Permissions
> > >
> > > > > are
> > > > >
> > > > > > set otherwise to 755.
> > > > > >
> > > > > > I'm obviously not clear on the concept of "nobody" and how it
>
> affects
>
> > > > > running
> > > > >
> > > > > > of scripts. Who cn arun these, if it's set to "nobody"?
> > > > > >
> > > > > > Tia,
> > > > > > Andre
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Please pray the Holy Rosary to end the holocaust of abortion.
> > > > > > Remember in your prayers the suffering souls in Purgatory.
> > > > > >
> > > > > > May God bless you abundantly in His love!
> > > > > >
> > > > > > For a free Cenacle Scriptural Rosary Booklet --
> > > > >
> > > > > http://www.webhart.net/csrb/
> >
> > -------------------------------------------------------------------------
> >
> > > >-
> > >
> > > -
> > >
> > > > >- ----
> > > > >
> > > > > > Want to buy your Pack or Services from MandrakeSoft?
> > > > > > Go to http://www.mandrakestore.com
> > > >
> > > > ----------------------------------------
> > > > Content-Type: text/plain; charset="iso-8859-1"; name="message.footer"
> > > > Content-Transfer-Encoding: 8bit
> > > > Content-Description:
> > > > ----------------------------------------
> > > >
> > > > --
> > > > Please pray the Holy Rosary to end the holocaust of abortion.
> > > > Remember in your prayers the suffering souls in Purgatory.
> > > >
> > > > May God bless you abundantly in His love!
> > > >
> > > > For a free Cenacle Scriptural Rosary Booklet --
> > >
> > > http://www.webhart.net/csrb/
> >
> > --
> > Please pray the Holy Rosary to end the holocaust of abortion.
> > Remember in your prayers the suffering souls in Purgatory.
> >
> > May God bless you abundantly in His love!
> >
> > For a free Cenacle Scriptural Rosary Booklet --
>
> http://www.webhart.net/csrb/
--
Please pray the Holy Rosary to end the holocaust of abortion.
Remember in your prayers the suffering souls in Purgatory.
May God bless you abundantly in His love!
For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
