This one time, at band camp, Peter Rundle wrote: >Mike Lake scribed: >>What about if the apache script writes a small file in /tmp/matlab/ >>directory and the user process is looking at that directory every 30 >>seconds. If the user script sees the file, reads it, gets params from >>the file and run. It drops the plot into a directory apache can read. >> >>Cludgy but I'm sure that would work. > >Definitely, and I've considered it as a last resort, but I'd like to be >able to update the users web view with the new image. I.E when the user >clicks on submit, it runs a php, which calls the script that runs matlab, >when control returns to php it produces a page with the resulting image in >it. All works perfectly except the user gets a page full of licencing >errors because the script that runs matlab is executing as apache not >matlab :-( > >I have looked at the idea of using ssh, I.E the script ssh's onto localhost >as matlab and runs the command. That might work but I need to put >.ssh/dsa_id keys in apaches home directory???? looks like a cludge. Seems
The only possibly dodgy part about that is the network stack overhead, but it's certainly a reasonable solution; You will need ssh keys, not in apache's home directory though. At the target end (matlab user) you can put in something like this in the .ssh/authorized_keys: from="localhost",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,command="/usr/bin/matlab" ssh-dss key...= some comment about this key and then on the server: ssh -a -e none -x -C -T -i /path/to/key localhost /usr/bin/matlab whereever you need to get there. (This is clagged from something dodgy internal here, but you should be able to work out what the options all do from the manpage, right? :) >that apaches suexec was designed for this problem, just not sure I want to >put that RPM on my running server. suexec is designed to run CGIs that aren't owned by the apache user, sure, but getting that set up the way you want may require rebuilding suexec itself, which you don't really want to do. It has lots of hardcoded caveats the ensure the security of the system. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
