Permission problem with CGI script

Wed Jul 14 12:34:22 PDT 2010

On 14 July 2010 19:05, Lyle <webmaster at cosmicperl.com> wrote:

> Yeah, I think it's user apache. suEXEC will probably sort your problems, it
> executes the script as the proper owner instead of apache. Is your site in
> /var/www or /home? You might find you need to rebuild suexec if you're in
> /home, I did an old guide:-
> http://www.cosmicscripts.com/servers/suexec.html

The site is in /var/www/
I read that page ( and wondered if you had a hand in it, it being
cosmic* and all,)
when I check to see if suEXEC is compiled in I get..

[root at xyphen ~]# suexec -v
suexec policy violation: see suexec log for more details

I thought an easier way would be to change the user apache runs as to
my username, but I got his error message..

[Wed Jul 14 19:53:39 2010] [notice] SELinux policy enabled; httpd
running as context unconfined_u:system_r:httpd_t:s0
[Wed Jul 14 19:53:39 2010] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)

Partial success I made the full path into a variable...

        #print "you said ",(param('text')),p, #This line works, the
others below don't
        my $datafile = '/var/www/cgi-bin/data/data.txt';
        open (MYFILE, "$datafile") or die "couldn't open $datafile $!";

... and it could open it although didn't write anything to it, also I
had to create it first

[Wed Jul 14 19:19:47 2010] [error] [client 192.168.0.4] Filehandle
MYFILE opened only for input at /var/www/cgi-bin/MoSoSo.cgi line 22.,
referer: http://192.168.0.10/cgi-bin/MoSoSo.cgi

Full success (but cheating), I transferred the file to a debian
system, chown'd a directory for apache to put data.txt in and it
worked.
Sorry, I should have mentioned I had a debian system lying around
('lying around' being the keyword here, its on its side, no panels on
it and the hdd caddy is sitting on top of the frame but still
connected).

Oh, well, that's taught me never to use Fedora for a server.
Thanks for your help Tony And Lyle

Andy