Re: apache and suexec breaks my cgi script
On Sat, Jun 08, 2002 at 12:20:27AM -0500, Derrick 'dman' Hudson wrote: | I've been beating my head into a wall trying to figure out why my | hello world cgi script won't run. It turns out that disabling | suexec (which is enabled by default in the apache package) makes the | problems vanish. Now I want to know what is causing the problem. The prize for identifying the cause of the problem goes to Simon Tneoh Chee-Boon. He mailed me off-list with this snippet (and the corresponding comment) from suexec.h : #ifndef USERDIR_SUFFIX #define USERDIR_SUFFIX public_html #endif Well, I had changed the user dir to ~/public/html in httpd.conf, but apparently suexec has the old path hard-wired in. That causes it to bomb. I also can't change the binary at all or else apache doesn't enable it. I could _probably_ rebuild the whole apache package and install that, but that seems like too much work. At least disabling suexec makes the problem go away. For those that are curious, I chose the ~/public/* organization to allow for other public stuff to be put in ~/public. Eg ~/public/samba, ~/public/ftp, ~/public/whatever-else-I-find-that-isn't-served-by-apache. -D -- Come to me, all you who are weary and burdened, and I will give you rest. Take my yoke upon you and learn from me, for I am gentle and humble in heart, and you will find rest for your souls. For my yoke is easy and my burden is light. Matthew 11:28-30 GnuPG key : http://dman.ddts.net/~dman/public_key.gpg pgpdvLjskb4wH.pgp Description: PGP signature
Re: apache and suexec breaks my cgi script
* Derrick 'dman' Hudson ([EMAIL PROTECTED]) [020607 22:10]: [2002-06-07 23:55:40]: emerg: cannot get docroot information (/home/dman) drwx--x--x 92 dman dman 4096 Jun 8 00:13 /home/dman These 2 lines seem to make me think the problem is somehow related to not having +r on /home/dman. Does changing that permission alleviate the problem? IIRC, it does something like traverse back up the directory tree to see if the request is within a ~userdir, to see if it matches a Directory directive, I think. Just a shot in the dark. A look at the source would reveal exactly what the problem is (or at least where that error message comes from). good times, Vineet -- Currently seeking opportunities in the SF Bay Area Please see http://www.doorstop.net/resume.shtml pgp6ga4nE0UKm.pgp Description: PGP signature
Re: apache and suexec breaks my cgi script
Last Sat, Jun 08, 2002 at 01:03:19AM -0700, Vineet Kumar wrote: * Derrick 'dman' Hudson ([EMAIL PROTECTED]) [020607 22:10]: [2002-06-07 23:55:40]: emerg: cannot get docroot information (/home/dman) drwx--x--x 92 dman dman 4096 Jun 8 00:13 /home/dman These 2 lines seem to make me think the problem is somehow related to not having +r on /home/dman. Does changing that permission alleviate the problem? IIRC, it does something like traverse back up the directory tree to see if the request is within a ~userdir, to see if it matches a Directory directive, I think. Just a shot in the dark. A look at the source would reveal exactly what the problem is (or at least where that error message comes from). docroot info can't be read because of the missing read bit in the group permissions. Making the directory permissions to at least 0751 might solve the problem. -- --paolo Paolo Alexis Falcone [EMAIL PROTECTED] GnuPG KeyID 0xEADFF6F4 ___ I think ideology sucks. This world would be a much better place if people had less ideology, and a whole lot more I do this because it's FUN and because others might find it useful, not because I got religion. -- Linus Torvalds -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: apache and suexec breaks my cgi script
On Sat, Jun 08, 2002 at 01:03:19AM -0700, Vineet Kumar wrote:
| * Derrick 'dman' Hudson ([EMAIL PROTECTED]) [020607 22:10]:
| [2002-06-07 23:55:40]: emerg: cannot get docroot information
| (/home/dman)
|
| drwx--x--x 92 dman dman 4096 Jun 8 00:13 /home/dman
|
| These 2 lines seem to make me think the problem is somehow related to
| not having +r on /home/dman. Does changing that permission alleviate the
| problem?
No, I've tried making it group and world readable, but I get the same
error messages.
| IIRC, it does something like traverse back up the directory tree to see
| if the request is within a ~userdir, to see if it matches a Directory
| directive, I think. Just a shot in the dark. A look at the source would
| reveal exactly what the problem is (or at least where that error message
| comes from).
Here's the relevant source from suexec.c :
if (userdir) {
if (((chdir(target_homedir)) != 0) ||
((chdir(USERDIR_SUFFIX)) != 0) ||
((getcwd(dwd, AP_MAXPATH)) == NULL) ||
((chdir(cwd)) != 0)) {
log_err(emerg: cannot get docroot information (%s)\n,
target_homedir);
exit(112);
}
}
else {
if (((chdir(DOC_ROOT)) != 0) ||
((getcwd(dwd, AP_MAXPATH)) == NULL) ||
((chdir(cwd)) != 0)) {
log_err(emerg: cannot get docroot information (%s)\n, DOC_ROOT);
exit(113);
}
}
(nice that both branches give the exact same error message =p)
I tried adding some more logging into the source and rebuilt it, but
apache won't enable suexec with that new binary. If it would, then I
could figure out which check is failling.
TIA,
-D
--
Q: What is the difference betwee open-source and commercial software?
A: If you have a problem with commercial software you can call a phone
number and they will tell you it might be solved in a future version.
For open-source sofware there isn't a phone number to call, but you
get the solution within a day.
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
pgpPxx7JcqyFR.pgp
Description: PGP signature
