[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: suexec permissions



nodata wrote:
<discussion of User directive in VirtualHost elided>

nodata wrote:

Ah this would explain things more - but then shouldn't running
http://website/cgi-bin/test.pl work? I get the same search permissions
error..

Er, yep, as far as I can see, it should.  suEXEC can be a little...
finicky :)

What does /var/log/apache/suexec.log say?


Nothing :/

But the error log for this host has the "failed because search permissions
are missing on a component of the path" error.

A couple of things.

The suEXEC wrapper itself does setuid() before most of the path/file checks,
so that's probably not the problem.  The absence of anything in the log file
also indicates that Apache itself is having trouble reading things, not the
suEXEC wrapper.

You might want to try loosening the read permissions on the CGI + path to the
CGI, and verify (by perhaps touching a file in /tmp) that it is running as the
user you intended it to.  Then try tightening the read permissions on the CGI
itself, and then along the path to it.

The other thing to check is that your scripts are physically located under
suEXEC's DOC_ROOT (/var/www on Sarge, I think).

Regards,

   Blair.

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: