CGI scripts can only read files in /var/www/ ?
am 24.09.2007 17:04:54 von Bennett HaseltonI have a test CGI perl script on a dedicated server that does nothing
except attempt to read a single file:
>>>
#!/usr/bin/perl
use IO::File;
use strict;
my $fh = IO::File->new("/var/test.txt") or die "Can't open file: $!";
close($fh);
print "Content-type: text/html\n\nDone\n";
>>>
When the test.txt file is located at /var/www/test.txt , the CGI
script reads it with no problem. But when it's located in /var/
test.txt , the CGI script dies trying to read it with "Can't open
file: Permission denied".
All of the files and directories in the path are world-readable, and
in fact I gave /var the most permissive permissions possible just to
see if that would fix it, but it didn't:
[root@sls-ce3p12 www]# ls -ld /var
drwxrwxrwx 19 root root 4096 Sep 24 09:59 /var
[root@sls-ce3p12 www]# ls -ld /var/www
drwxr-xr-x 6 root root 4096 Sep 24 09:48 /var/www
[root@sls-ce3p12 www]# ls -ld /var/test.txt
-rw-r--r-- 1 root root 0 Sep 24 09:59 /var/test.txt
[root@sls-ce3p12 www]# ls -ld /var/www/test.txt
-rw-r--r-- 1 root root 0 Sep 24 09:59 /var/www/test.txt
If permissions aren't the issue, does Apache have some "hidden" rule
that scripts can only read files contained under /var/www , and can't
read files anywhere else?
I am trying to write a CGI script that reads and displays data from /
var/log/httpd/access_log , ran into errors, and eventually narrowed it
down to this issue.
This is CentOS release 4.4 (Final), "Linux sls-ce3p12 2.6.9-42.EL #1
Sat Aug 12 09:17:58 CDT 2006 i686 i686 i386 GNU/Linux", and full
Apache and perl versions follow:
********
[root@sls-ce3p12 www]# perl -V
Summary of my perl5 (revision 5 version 8 subversion 5) configuration:
Platform:
osname=linux, osvers=2.6.9-42.elsmp, archname=i386-linux-thread-
multi
uname='linux build-i386 2.6.9-42.elsmp #1 smp sat aug 12 09:39:11
cdt 2006 i
686 i686 i386 gnulinux '
config_args='-des -Doptimize=-O2 -g -pipe -m32 -march=i386 -
mtune=pentium4 -
Dversion=5.8.5 -Dmyhostname=localhost -Dperladmin=root@localhost -
Dcc=gcc -Dcf_b
y=Red Hat, Inc. -Dinstallprefix=/usr -Dprefix=/usr -Darchname=i386-
linux -Dvendo
rprefix=/usr -Dsiteprefix=/usr -Duseshrplib -Dusethreads -Duseithreads
-Duselarg
efiles -Dd_dosuid -Dd_semctl_semun -Di_db -Ui_ndbm -Di_gdbm -Di_shadow
-Di_syslo
g -Dman3ext=3pm -Duseperlio -Dinstallusrbinperl -Ubincompat5005 -
Uversiononly -D
pager=/usr/bin/less -isr -Dinc_version_list=5.8.4 5.8.3 5.8.2 5.8.1
5.8.0'
hint=recommended, useposix=true, d_sigaction=define
usethreads=define use5005threads=undef useithreads=define
usemultiplicity=de
fine
useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
usemymalloc=n, bincompat5005=undef
Compiler:
cc='gcc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DDEBUGGING -fno-
strict-alias
ing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -
D_FILE_OFFSET_BITS=64 -I/usr
/include/gdbm',
optimize='-O2 -g -pipe -m32 -march=i386 -mtune=pentium4',
cppflags='-D_REENTRANT -D_GNU_SOURCE -DDEBUGGING -fno-strict-
aliasing -pipe
-I/usr/local/include -I/usr/include/gdbm'
ccversion='', gccversion='3.4.6 20060404 (Red Hat 3.4.6-3)',
gccosandvers=''
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
d_longlong=define, longlongsize=8, d_longdbl=define,
longdblsize=12
ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t',
lseeksize
=8
alignbytes=4, prototype=define
Linker and Libraries:
ld='gcc', ldflags =' -L/usr/local/lib'
libpth=/usr/local/lib /lib /usr/lib
libs=-lresolv -lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread -
lc
perllibs=-lresolv -lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
libc=/lib/libc-2.3.4.so, so=so, useshrplib=true,
libperl=libperl.so
gnulibc_version='2.3.4'
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -
Wl,-rpath,
/usr/lib/perl5/5.8.5/i386-linux-thread-multi/CORE'
cccdlflags='-fPIC', lddlflags='-shared -L/usr/local/lib'
Characteristics of this binary (from libperl):
Compile-time options: DEBUGGING MULTIPLICITY USE_ITHREADS
USE_LARGE_FILES PERL
_IMPLICIT_CONTEXT
Built under linux
Compiled at Aug 12 2006 17:09:08
@INC:
/usr/lib/perl5/5.8.5/i386-linux-thread-multi
/usr/lib/perl5/5.8.5
/usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.5
/usr/lib/perl5/site_perl/5.8.4
/usr/lib/perl5/site_perl/5.8.3
/usr/lib/perl5/site_perl/5.8.2
/usr/lib/perl5/site_perl/5.8.1
/usr/lib/perl5/site_perl/5.8.0
/usr/lib/perl5/site_perl
/usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.5
/usr/lib/perl5/vendor_perl/5.8.4
/usr/lib/perl5/vendor_perl/5.8.3
/usr/lib/perl5/vendor_perl/5.8.2
/usr/lib/perl5/vendor_perl/5.8.1
/usr/lib/perl5/vendor_perl/5.8.0
/usr/lib/perl5/vendor_perl
.
[root@sls-ce3p12 www]# httpd -V
Server version: Apache/2.0.52
Server built: Aug 13 2006 03:29:43
Server's Module Magic Number: 20020903:9
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
[root@sls-ce3p12 www]#