mkdir and others fail
mkdir and others fail
(OP)
I have created a cgi-bin bash script that runs a treat from the commandline but fails when run from http
i think it's lacking write permissions, how can i overcome this ?
can i run the http as root to confirm that it's permission related?
some of the commands are
mkisofs
cryptsetup
losetup
mkdir
cp
mksquashfs
i think it's lacking write permissions, how can i overcome this ?
can i run the http as root to confirm that it's permission related?
some of the commands are
mkisofs
cryptsetup
losetup
mkdir
cp
mksquashfs
RE: mkdir and others fail
Better give us details on this one :
- Any error message in the browser ?
- HTTP response code indicating an error ?
- Something in the web server's error log ? ( By the way, what kind of web server you use ? )
Regarding the permissions, better run whoami and/or id from a CGI script, then su to the user they displayed before running the script from the command line. Running a CGI script with root permission is not a good idea.Feherke.
http://free.rootshell.be/~feherke/
RE: mkdir and others fail
uid=33(www-data) gid=33(www-data) groups=33(www-data)
/usr/lib/cgi-bin
DOCUMENT_ROOT=/var/www
GATEWAY_INTERFACE=CGI/1.1
HTTP_ACCEPT=application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
HTTP_ACCEPT_ENCODING=gzip, deflate
HTTP_ACCEPT_LANGUAGE=en-us
HTTP_CONNECTION=keep-alive
HTTP_HOST=172.30.100.53
HTTP_USER_AGENT=Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-us) AppleWebKit/533.19.4 (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4
PATH=/usr/local/bin:/usr/bin:/bin
PWD=/usr/lib/cgi-bin
QUERY_STRING=
REMOTE_ADDR=172.24.43.197
REMOTE_PORT=55708
REQUEST_METHOD=GET
REQUEST_URI=/cgi-bin/test2.cgi
SCRIPT_FILENAME=/usr/lib/cgi-bin/test2.cgi
SCRIPT_NAME=/cgi-bin/test2.cgi
SERVER_ADDR=172.30.100.53
SERVER_ADMIN=webmaster@localhost
SERVER_NAME=172.30.100.53
SERVER_PORT=80
SERVER_PROTOCOL=HTTP/1.1
SERVER_SIGNATURE=<address>Apache/2.2.14 (Ubuntu) Server at 172.30.100.53 Port 80</address>
SERVER_SOFTWARE=Apache/2.2.14 (Ubuntu)
i can see now that im using www-data as my id and when i su that user i don't have the permissions
how best to lift that users permissions to the right level or make the commands require less permissions ?
RE: mkdir and others fail
I would try to set up sudo to allow user www-data to run the strictly necessary.
However I am not familiar with sudo so I can not help configuring it.
Feherke.
http://free.rootshell.be/~feherke/
RE: mkdir and others fail
cheers