You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Vladislav Sekulic <vl...@utoronto.ca> on 2005/03/07 22:00:59 UTC
[users@httpd] Scripts not suEXEC'd after URL rewrite
Hi everyone, I'm running Apache 2.0.53 on NetBSD 2.0. suEXEC was
compiled and installed together with Apache through the NetBSD package
system (pkgsrc) with mostly default config settings (tailored to the
particular filesystem tree).
Regarding the problem, the subject line says it all. Here are some
more details, put as directly as possible. I've created a user
"foouser" and put a script "foo.cgi" in its public_html directory that
simply prints what user it was run as.
If I access the script in the following manner,
http://server/~foouser/foo.cgi
all is well and we get "foouser" as the running user. However, if
we add the following RewriteRule to httpd.conf:
RewriteRule ^/~foouser/([[:alnum:]]+)(/?.*) /~foouser/public_html/foo.cgi
which simply maps all requests of the form /~foouser/whatever to
the CGI script foo, and then we access the script using this method
(e.g., "http://server/~foouser/bar"), the script displays the Apache
webuser, *not* "foouser" as it should.
Furthermore, when running foo.cgi as outlined above, there are no
error entries in suexec.log and we don't get a 500 response; to
reiterate, the script itself runs but as the Apache webuser.
I've noticed that there have been similar issues on this mailing
list in the past, for example the thread from 2003-06-19 entitled,
"Suexec and apache 2.0.46 - scripts not run with suexec" which
details the exact same problem I am having. Unfortunately the
issue in that thread remained unresolved.
I could not uncover any further information on this either through
the Apache docs, Google, ASF bugzilla, etc.
Any help will be greatly appreciated.
Regards,
Vlad S.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Scripts not suEXEC'd after URL rewrite
Posted by Joshua Slive <js...@gmail.com>.
On Mon, 7 Mar 2005 16:00:59 -0500, Vladislav Sekulic
<vl...@utoronto.ca> wrote:
> If I access the script in the following manner,
>
> http://server/~foouser/foo.cgi
>
> all is well and we get "foouser" as the running user. However, if
> we add the following RewriteRule to httpd.conf:
>
> RewriteRule ^/~foouser/([[:alnum:]]+)(/?.*) /~foouser/public_html/foo.cgi
>
> which simply maps all requests of the form /~foouser/whatever to
> the CGI script foo, and then we access the script using this method
> (e.g., "http://server/~foouser/bar"), the script displays the Apache
> webuser, *not* "foouser" as it should.
suexec will only be called if mod_userdir processes the request. In
your case, you appear to be using mod_rewrite to dodge mod_userdir,
and therefore suexec will not be called. (You may be able to fix this
by removing the public_html, which will cause the internal redirect to
go through suexec -- you may also need to use the [PT] flag -- but
that is just a guess.)
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org