--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apache2: Apache2 cannot run CGI scripts in "jessie"
- From: Leslie Rhorer <lrhorer@mygrande.net>
- Date: Wed, 01 Oct 2014 00:15:45 -0500
- Message-id: <20141001051545.9664.22983.reportbug@RAID-Server>
Package: apache2
Version: 2.4.10-2
Severity: grave
Justification: renders package unusable
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?
*** End of the template - remove these template lines ***
-- Package-specific info:
-- System Information:
Debian Release: jessie/sid
APT prefers testing-updates
APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.14-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages apache2 depends on:
ii apache2-bin 2.4.10-2
ii apache2-data 2.4.10-2
ii lsb-base 4.1+Debian13
ii mime-support 3.56
ii perl 5.20.0-6
ii procps 1:3.3.9-7
Versions of packages apache2 recommends:
ii ssl-cert 1.0.34
Versions of packages apache2 suggests:
ii apache2-doc 2.4.10-1
pn apache2-suexec-pristine | apache2-suexec-custom <none>
pn apache2-utils <none>
ii iceweasel [www-browser] 31.1.0esr-1
ii konqueror [www-browser] 4:4.14.1-1
ii w3m [www-browser] 0.5.3-17
Versions of packages apache2-bin depends on:
ii libapr1 1.5.1-3
ii libaprutil1 1.5.3-3
ii libaprutil1-dbd-sqlite3 1.5.3-3
ii libaprutil1-ldap 1.5.3-3
ii libc6 2.19-11
ii libldap-2.4-2 2.4.39-1.1+b1
ii liblua5.1-0 5.1.5-7
ii libpcre3 1:8.35-3
ii libssl1.0.0 1.0.1i-2
ii libxml2 2.9.1+dfsg1-4
ii perl 5.20.0-6
ii zlib1g 1:1.2.8.dfsg-2
Versions of packages apache2-bin suggests:
ii apache2-doc 2.4.10-1
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii iceweasel [www-browser] 31.1.0esr-1
ii konqueror [www-browser] 4:4.14.1-1
ii w3m [www-browser] 0.5.3-17
Versions of packages apache2 is related to:
ii apache2 2.4.10-2
ii apache2-bin 2.4.10-2
-- Configuration Files:
/etc/apache2/mods-available/alias.conf changed:
<IfModule alias_module>
Alias /icons/ "/usr/share/apache2/icons/"
<Directory "/usr/share/apache2/icons">
Options FollowSymlinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Alias "/DVD" "/RAID/DVD"
<Location "/DVD">
Options Indexes
Order allow,deny
Allow from all
</Location>
Alias "/RAID_Server" "/RAID/Recordings"
<Location "/RAID_Server">
Options Indexes
Order allow,deny
Allow from all
</Location>
</IfModule>
/etc/apache2/sites-available/000-default.conf changed:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/vidmgr">
Options +ExecCGI
AddHandler cgi-script .py
DirectoryIndex VidMgrWeb.py
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:8080>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/cgi-bin/TiVo
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/cgi-bin/TiVo>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias / /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin/TiVo">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
-- no debconf information
I upgraded my server a few days ago by installing a virgin copy of Debian "jessie" from scratch, and then copied over the configurations from the previous version which ran under "wheezy". After having done so, any plain html pages seem to load just fine, but I cannot run any scripts. I have several bash-based scripts in /var/www/cgi-bin/<PageName>, each with an index.cgi script as the entry point. Attempring to enter into any of these web pages results in a 403 error: "You don't have permission to access /cgi/bin/xxxxxx on this server. /var/log/apache2/error.log produces an entry like:
[Tue Sep 30 23:51:39.643085 2014] [authz_core:error] [pid 9530:tid 140346304423680] [client 192.168.1.121:59351] AH01630: client denied by server configuration: /usr/lib/cgi-bin/Thermostat/index.cgi
Meanwhile, I also have one directory that has a set of Python scripts in it, starting with /var/www/vidmgr/VidMgrWeb.py. When I try to access this directory, insted of running the script, the borwser starts downloading it to the PC. This was all working under "Wheezy", but now it is broken, and I cannot figure out what, if anything, is wrong in my configurations or how to fix it.
--- End Message ---
--- Begin Message ---
- To: 763582-done@bugs.debian.org
- Subject: Re: Bug#763582: Apache2 cannot run CGI scripts in "jessie"
- From: Stefan Fritsch <sf@sfritsch.de>
- Date: Sat, 28 May 2016 15:25:03 +0200 (CEST)
- Message-id: <alpine.DEB.2.11.1605281524350.9946@eru.sfritsch.de>
- In-reply-to: <5574C9E2.3000109@debian.org>
- References: <5574C9E2.3000109@debian.org>
It seems this was a configuration problem. Closing the report.
On Sun, 7 Jun 2015, Jean-Michel Vourgère wrote:
> Control: tags -1 moreinfo
>
> You wrote:
> > Feel free to take a look at fletchergeek.homelinux.net. So now what?
>
> I just did, and obviously you found what was wrong. :)
>
> Is that ok if I close this report, or do you have a specific problem
> with one of the directive that did not work as documented?
>
--- End Message ---