You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Robert Heller <he...@deepsoft.com> on 2003/12/05 17:34:49 UTC
[users@httpd] Problems with suEXEC and userdir cgi-bin...
I am trying to set up Apache 2.0.40 on a RH9 system and I am having
troubles with suEXEC and userdir cgi scripts.
Apache seems to be NOT using suEXEC, even though it is installed and
enabled:
[Fri Dec 05 09:39:43 2003] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Dec 05 09:39:43 2003] [notice] Digest: generating secret for digest authentication ...
[Fri Dec 05 09:39:43 2003] [notice] Digest: done
[Fri Dec 05 09:39:44 2003] [notice] Apache/2.0.40 (Red Hat Linux) configured -- resuming normal operations
Here are the relavent parts of my config file:
LoadModule suexec_module modules/mod_suexec.so
#
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.
#
# The path to the end user account 'public_html' directory must be
# accessible to the webserver userid. This usually means that ~userid
# must have permissions of 711, ~userid/public_html must have permissions
# of 755, and documents contained therein must be world-readable.
# Otherwise, the client will only receive a "403 Forbidden" message.
#
# See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden
#
<IfModule mod_userdir.c>
#
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).
#
#UserDir disable
#
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disable" line above, and uncomment
# the following line instead:
#
UserDir public_html
ScriptAliasMatch ~([a-z]+)/cgi-bin/(.*) /home/zathras/$1/public_html/cgi-bin/$2
<Directory ~ "/home/zathras/[a-z0-9]+/public_html/cgi-bin">
AllowOverride None
Options ExecCGI
</Directory>
</IfModule>
zathras.cs.umass.edu% sudo /usr/sbin/suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/httpd/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=100
-D AP_USERDIR_SUFFIX="public_html"
zathras.cs.umass.edu% sudo /usr/sbin/apachectl -V
Server version: Apache/2.0.40
Server built: Dec 5 2003 09:14:59
Server's Module Magic Number: 20020628:0
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Sample URL:
http://zathras.cs.umass.edu/~heller/cgi-bin/env.cgi
/home/zathras/heller/public_html/cgi-bin/env.cgi:
#!/usr/bin/tclsh
source /nfs/libra/heller/public_html/TclIncludes/cgi.tcl
cgi_html {
cgi_head {
cgi_title {The Environment}
}
cgi_body bgcolor=white {
global env
cgi_parray env
p "whoami: [exec whoami]"
}
}
zathras.cs.umass.edu% grep heller /etc/passwd
heller:x:5125:100:Robert Heller,A211 LGRC,413-545-0528,:/home/zathras/heller:/bin/tcsh
This seems to a case of bug#18156: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18156
Is there a fix for this?
\/
Robert Heller ||InterNet: heller@cs.umass.edu
http://vis-www.cs.umass.edu/~heller || heller@deepsoft.com
http://www.deepsoft.com /\FidoNet: 1:321/153
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org