Solved

shell-init: could not get current

Posted on 1997-09-08
5
229 Views
Last Modified: 2008-03-10
Hello there,

I was wondering if any of you could help me. My error_log from my
website came out with *loads* of lines that said this:

shell-init: could not get current directory: getwd: cannot access parent directories

what does it mean? Does anyone know what I am doing wrong?

I will be eternally grateful,

James.
0
Comment
Question by:jzpope
  • 3
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
dhm earned 150 total points
ID: 2006957
That's what bash says when you start it up and it can't determine its current working directory because the directory permissions prohibit it.  I'd guess you're using SSI or CGI, and that httpd's shell is set to "/bin/bash", and that one of the directories above where the daemon tries to start CGIs is protected.

Try cd'ing to the CGI directory and then su to the HTTP daemon owner (httpd?)  You'll probably get the same message.  Next, look at the permissions on each directory up the tree to the root.  If you add "read" permission to them, the warning message should go away.  Make sure your server is configured correctly, though, or you might accidentally make your CGI scripts available for download.  I like to put them in two completely separate directory trees:

.../web-server/directory/tree/docs/xxx.html
.../web-server/directory/tree/cgi/somescript.cgi

If your server document root is set to ".../web-server/directory/tree/docs", then users won't be able to retrieve files from the CGI directory.
0
 

Author Comment

by:jzpope
ID: 2006958
How do I change the permissions for a directory so that they the CGI scripts are set to read and not downloadable. Basically they have to be executed by the visitor so they cannot be hidden from the visitor. Also many of my directories have CGI scripts aswell as normal HTML files.

Thanks.
0
 
LVL 3

Expert Comment

by:dhm
ID: 2006959
If your scripts are in Perl or shell (i.e. not compiled C/C++ code) then you can't protect them if they're in the same directory as HTML files.  You should really separate them into document-only and program-only directories, but that's often impossible because there are just too many files to sort out.  In that case, all you can do is learn from the mistake.

If your "scripts" are written in C or C++ and then compiled, you can change the permissions to "a=x" and prevent people from downloading them.

There's no directory permission you can set that will allow a script in the directory to be executed but not downloaded. However, if you clear the "read" permissions on the directory (i.e. make it "a=x") then at least users won't be able to get a listing of the directory.  They can still download scripts if they know the exact name, though.
0
 

Author Comment

by:jzpope
ID: 2006960
Sorry,

One last comment. There is no way I can get rid of the error message then if I don't move files. If there is could you tell me exactly the permissions I have to set. Thanks again.
0
 
LVL 3

Expert Comment

by:dhm
ID: 2006961
I tried the different shells available on my Linux machine; all of them give some sort of error when they're started in a directory for which they don't have read/execute permissions.  I think that if you set the permissions on directory trees where you have CGI scripts to "755" or "go+rx", then the error message will stop.  Note that you have to set all the parent directories, too.  (I.e. if your scripts are in "/usr/httpd/docs/dir1", then you need to make sure all these directories are read/executable:

      /
      /usr
      /usr/httpd
      /usr/httpd/docs
      /usr/httpd/docs/dir1

You can check this yourself by cd'ing to the directory containing the scripts and doing "su httpd".  (If you're running the server as httpd.  If you're running as some other user, then "su" to that user instead.)  If you try that before changing permissions, you'll see the error message on your terminal.  After you change permissions (and if you do it right!) you should be able to "su" without any errors.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
netstat -a in AIX unix 8 36
Bad Block Relocation for Synchronous GLVM AIX 7.1 2 65
cron job says it ran, no results 25 114
LINUX ZIP - UNCOMPRESS WINDOWS PATH 3 86
Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now