Re: [users@httpd] Permission to enable CGI Scripts to do an I/O on the file system

[Marat Khalili]

> So, there's no way of creating a log file in the default directory or some 
> special directory ?

Apache usually logs stderr of CGI scripts to its error log, you can use this. 
If you give any file or directory the permissions you observe on your /tmp file 
(something like writeable by group www-data), it might work for debugging, or 
not if SELinux or apparmor gets in the way.

Better solution for debugging Python scripts is cgitb: it will show everything 
but syntax errors in browser window, and syntax errors will still be visible in 
Apache logs. In production you can configure cgitb to create tracefiles in a 
predefined directory.

(Also, typical initial problem with CGI scripts is forgetting to write HTTP 
headers.)
-- 

With Best Regards,
Marat Khalili

On August 11, 2017 9:20:19 PM GMT+03:00, Kiorp Pilu  wrote:
>Hello Marat,
>
>Thanks for the comment.
>Yes, I am in the linux environment on a cluster. Tested your idea.
>
>1. The script works, but no output file is written on the cluster i.e.
>earlier I can't see anything in the console of my browser, now I see
>that
>the script executes successfully read off from the console.
>[  ]
>
>2. So, there's no way of creating a log file in the default directory
>or
>some special directory ?
>
>However, I have set it up in Xampp and it works great, just worked out
>of
>the box.
>
>On Fri, Aug 11, 2017 at 12:59 AM, Marat Khalili  wrote:
>
>> You didn't specify system, so I assume it's a standard Linux
>installation.
>> CGI scripts by default run with permissions of the web server, which
>are
>> intentionally limited. However, you can create new files and
>directories in
>> /tmp, possibly using tempfile module. If you want more than just a
>> temporary file then you should consider using database since writing
>> arbitrary files from CGI scripts would otherwise cause concurrency
>and
>> security problems.
>> --
>>
>> With Best Regards,
>> Marat Khalili
>>
>> On 11/08/17 00:29, Kiorp Pilu wrote:
>>
>> Hello,
>>
>> I have written a python script that will spit out a log file. This
>python
>> script will be executed as a CGI script.
>>
>> I am able to run the python program, but not able to make it write to
>an
>> output file. How can I enable Apache web server to do so ?
>>
>> Thanks,
>> Dann
>>
>>
>>
>
>Virus-free.
>> www.avast.com
>>
>
>>
>>
>>

Re: [users@httpd] Permission to enable CGI Scripts to do an I/O on the file system

[Kiorp Pilu]

Hello Marat,

Thanks for the comment.
Yes, I am in the linux environment on a cluster. Tested your idea.

1. The script works, but no output file is written on the cluster i.e.
earlier I can't see anything in the console of my browser, now I see that
the script executes successfully read off from the console.
[  ]

2. So, there's no way of creating a log file in the default directory or
some special directory ?

However, I have set it up in Xampp and it works great, just worked out of
the box.

On Fri, Aug 11, 2017 at 12:59 AM, Marat Khalili  wrote:

> You didn't specify system, so I assume it's a standard Linux installation.
> CGI scripts by default run with permissions of the web server, which are
> intentionally limited. However, you can create new files and directories in
> /tmp, possibly using tempfile module. If you want more than just a
> temporary file then you should consider using database since writing
> arbitrary files from CGI scripts would otherwise cause concurrency and
> security problems.
> --
>
> With Best Regards,
> Marat Khalili
>
> On 11/08/17 00:29, Kiorp Pilu wrote:
>
> Hello,
>
> I have written a python script that will spit out a log file. This python
> script will be executed as a CGI script.
>
> I am able to run the python program, but not able to make it write to an
> output file. How can I enable Apache web server to do so ?
>
> Thanks,
> Dann
>
>
> 
>  Virus-free.
> www.avast.com
> 
>
>
>

[users@httpd] Running cluster side commands via Apache CGI scripts

[Kiorp Pilu]

Hello,

I am in a linux environment. In my python code, I am trying to do :
myScript.py
- subprocess.call(["ls", "-l"])

This command is inside my CGI script. The script is called successfully,
but this command wont run.

How can I make the CGI script process server side commands ? Any special
modules to incorporate ?

Thanks,
Dann

Re: [users@httpd] Disable Autoindex module

[David Wright - NOAA Affiliate]

Thanks for your help I managed to solve it I had to comment out
 #IndexOptions FancyIndexing HTMLTable VersionSort
plus a load of AddIcon

Seems to work OK now
Thanks Again

On Fri, Aug 11, 2017 at 11:09 AM, Yehuda Katz  wrote:

> The server might not start because removing the module leaves an invalid
> configuration somewhere.
> If you run httpd -t or look in the error log, it should tell you where the
> problem is.
>
> - Y
>
> On Fri, Aug 11, 2017 at 12:01 PM, David Wright - NOAA Affiliate <
> david.e.wri...@noaa.gov> wrote:
>
>> Dear Experts
>>
>> Hi I am new to Apache configuration. I have been tasked to set up a
>> Development and Production Apache Server running on RHEL to run a Drupal
>> website.
>> I now have it up and working but now I have to secure the server we use
>> NESSUS vulnerability scanner to to find vulnerability's in the server.
>> One of the scans came up with this
>>
>> 1.2.5 Disable Autoindex module
>> Info
>> The Apache autoindex module automatically generates web page listing the
>> contents of directories on the server, typically used so that an index.html
>> does not have to be generated.
>> Solution
>> Perform the following to determine if the module is enabled. Run the
>> httpd server with the -M option to list enabled modules:
>> # httpd -M | grep autoindex_module
>>
>>
>> The module is there but if I go into the etc/httpd/conf.modules.d folder
>> i find
>> 00-base.conf when i edit this file I can go in and disable the auto index
>> module. But when i restart Apache it fails Any one no why this happens? Am
>> i disabling the module correctly?
>>
>> Any help would be great thanks in adavance
>> David
>>
>> Running Red Hat 7 and Apache 2.4
>>
>> --
>> David Wright
>>
>>
>


-- 
David Wright
Web Developer III
Radar Operations Center
National Weather Service
405/573-8 <(405)%20573-8884>868 work
405/ <(405)%20208-2995>905-8250 mobile

Re: [users@httpd] Disable Autoindex module

[Yehuda Katz]

The server might not start because removing the module leaves an invalid
configuration somewhere.
If you run httpd -t or look in the error log, it should tell you where the
problem is.

- Y

On Fri, Aug 11, 2017 at 12:01 PM, David Wright - NOAA Affiliate <
david.e.wri...@noaa.gov> wrote:

> Dear Experts
>
> Hi I am new to Apache configuration. I have been tasked to set up a
> Development and Production Apache Server running on RHEL to run a Drupal
> website.
> I now have it up and working but now I have to secure the server we use
> NESSUS vulnerability scanner to to find vulnerability's in the server.
> One of the scans came up with this
>
> 1.2.5 Disable Autoindex module
> Info
> The Apache autoindex module automatically generates web page listing the
> contents of directories on the server, typically used so that an index.html
> does not have to be generated.
> Solution
> Perform the following to determine if the module is enabled. Run the httpd
> server with the -M option to list enabled modules:
> # httpd -M | grep autoindex_module
>
>
> The module is there but if I go into the etc/httpd/conf.modules.d folder i
> find
> 00-base.conf when i edit this file I can go in and disable the auto index
> module. But when i restart Apache it fails Any one no why this happens? Am
> i disabling the module correctly?
>
> Any help would be great thanks in adavance
> David
>
> Running Red Hat 7 and Apache 2.4
>
> --
> David Wright
>
>

[users@httpd] Disable Autoindex module

[David Wright - NOAA Affiliate]

Dear Experts

Hi I am new to Apache configuration. I have been tasked to set up a
Development and Production Apache Server running on RHEL to run a Drupal
website.
I now have it up and working but now I have to secure the server we use
NESSUS vulnerability scanner to to find vulnerability's in the server.
One of the scans came up with this

1.2.5 Disable Autoindex module
Info
The Apache autoindex module automatically generates web page listing the
contents of directories on the server, typically used so that an index.html
does not have to be generated.
Solution
Perform the following to determine if the module is enabled. Run the httpd
server with the -M option to list enabled modules:
# httpd -M | grep autoindex_module


The module is there but if I go into the etc/httpd/conf.modules.d folder i
find
00-base.conf when i edit this file I can go in and disable the auto index
module. But when i restart Apache it fails Any one no why this happens? Am
i disabling the module correctly?

Any help would be great thanks in adavance
David

Running Red Hat 7 and Apache 2.4

-- 
David Wright

Re: [users@httpd] Unreliable Fedora 26 installation using a kickstart file

[Yehuda Katz]

I think you might have the wrong list...

Sent from a device with a very small keyboard and hyperactive autocorrect.

On Aug 11, 2017 2:56 AM, "fedora"  wrote:

> Dear listers
> I never had such an unreliable installation as the one for fedora 26. I am
> a long time user of fedora (at least since 2003).
>
> The HW here:
> 1. Workstation with two disks, each having its own fedora installation. On
> each fedora bare-metal installation there is a fedora installation under
> VirtualBox. All four installations are of MBR type.
> 2. Laptop with UEFI type installation.
> There are 5 installations to be done.
>
> My fedora installation:
> I am an Xfce4 user, so i don't use any of the worksation spins of fedora.
> I install fedora in the following way:
>
> - write the Fedora-Server-netinst-x86_64-26-1.5.iso to an USB stick
> - prepare a ks file on a local web for a minimal install
> - boot from the USB stick with the ks file specified to the kernel
> - run the installation
> - dnf update
> - dnf groupinstall "Xfce Desktop"
> - dnf install sddm
> - systemctl enable --force sddm
> - reboot
> - with the Xfce Desktop being activ install all needed packages and do the
> final system setup
>
> My problems:
> During the download process, the installation broke down at different
> stages:
> - while downloading packet metadata (i.e. at the very beginning)
> - while downloading group metadata
> - while downloading the packages (mainly past 50 %)
> Anaconda then showed a window saing that it could not download such and
> such package, and that the failure was fatal. The only choice left was Stop
> Install.
> While this window was shown I tried to get into terminal mode
> (CTRL-ALT-F2) to find a reason for the breakdown, but I couldn't find any
> log.
> Once, the download process went through successfully but then the
> installation hung when Installing Boot-Loader. This was on the Laptop with
> UEFI.
>
> In about 30 to 35 retrials I finally could realize the 5 installations.
>
> When searching around for work-arounds I found a discussion (in a blog?)
> of the above problem, that the installation of fedora 26 becomes unreliable
> when using a kickstart file. But no work-around was offered.
>
> suomi
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

[users@httpd] Unreliable Fedora 26 installation using a kickstart file

[fedora]

Dear listers
I never had such an unreliable installation as the one for fedora 26. I 
am a long time user of fedora (at least since 2003).


The HW here:
1. Workstation with two disks, each having its own fedora installation. 
On each fedora bare-metal installation there is a fedora installation 
under VirtualBox. All four installations are of MBR type.

2. Laptop with UEFI type installation.
There are 5 installations to be done.

My fedora installation:
I am an Xfce4 user, so i don't use any of the worksation spins of 
fedora. I install fedora in the following way:


- write the Fedora-Server-netinst-x86_64-26-1.5.iso to an USB stick
- prepare a ks file on a local web for a minimal install
- boot from the USB stick with the ks file specified to the kernel
- run the installation
- dnf update
- dnf groupinstall "Xfce Desktop"
- dnf install sddm
- systemctl enable --force sddm
- reboot
- with the Xfce Desktop being activ install all needed packages and do 
the final system setup


My problems:
During the download process, the installation broke down at different 
stages:

- while downloading packet metadata (i.e. at the very beginning)
- while downloading group metadata
- while downloading the packages (mainly past 50 %)
Anaconda then showed a window saing that it could not download such and 
such package, and that the failure was fatal. The only choice left was 
Stop Install.
While this window was shown I tried to get into terminal mode 
(CTRL-ALT-F2) to find a reason for the breakdown, but I couldn't find 
any log.
Once, the download process went through successfully but then the 
installation hung when Installing Boot-Loader. This was on the Laptop 
with UEFI.


In about 30 to 35 retrials I finally could realize the 5 installations.

When searching around for work-arounds I found a discussion (in a blog?) 
of the above problem, that the installation of fedora 26 becomes 
unreliable when using a kickstart file. But no work-around was offered.


suomi

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Permission to enable CGI Scripts to do an I/O on the file system

[Marat Khalili]

You didn't specify system, so I assume it's a standard Linux 
installation. CGI scripts by default run with permissions of the web 
server, which are intentionally limited. However, you can create new 
files and directories in /tmp, possibly using tempfile module. If you 
want more than just a temporary file then you should consider using 
database since writing arbitrary files from CGI scripts would otherwise 
cause concurrency and security problems.


--

With Best Regards,
Marat Khalili

On 11/08/17 00:29, Kiorp Pilu wrote:

Hello,

I have written a python script that will spit out a log file. This 
python script will be executed as a CGI script.


I am able to run the python program, but not able to make it write to 
an output file. How can I enable Apache web server to do so ?


Thanks,
Dann

 
	Virus-free. www.avast.com