Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

shell-init: could not get current

Posted on 1997-09-08
5
Medium Priority
?
236 Views
Last Modified: 2008-03-10
Hello there,

I was wondering if any of you could help me. My error_log from my
website came out with *loads* of lines that said this:

shell-init: could not get current directory: getwd: cannot access parent directories

what does it mean? Does anyone know what I am doing wrong?

I will be eternally grateful,

James.
0
Comment
Question by:jzpope
  • 3
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
dhm earned 300 total points
ID: 2006957
That's what bash says when you start it up and it can't determine its current working directory because the directory permissions prohibit it.  I'd guess you're using SSI or CGI, and that httpd's shell is set to "/bin/bash", and that one of the directories above where the daemon tries to start CGIs is protected.

Try cd'ing to the CGI directory and then su to the HTTP daemon owner (httpd?)  You'll probably get the same message.  Next, look at the permissions on each directory up the tree to the root.  If you add "read" permission to them, the warning message should go away.  Make sure your server is configured correctly, though, or you might accidentally make your CGI scripts available for download.  I like to put them in two completely separate directory trees:

.../web-server/directory/tree/docs/xxx.html
.../web-server/directory/tree/cgi/somescript.cgi

If your server document root is set to ".../web-server/directory/tree/docs", then users won't be able to retrieve files from the CGI directory.
0
 

Author Comment

by:jzpope
ID: 2006958
How do I change the permissions for a directory so that they the CGI scripts are set to read and not downloadable. Basically they have to be executed by the visitor so they cannot be hidden from the visitor. Also many of my directories have CGI scripts aswell as normal HTML files.

Thanks.
0
 
LVL 3

Expert Comment

by:dhm
ID: 2006959
If your scripts are in Perl or shell (i.e. not compiled C/C++ code) then you can't protect them if they're in the same directory as HTML files.  You should really separate them into document-only and program-only directories, but that's often impossible because there are just too many files to sort out.  In that case, all you can do is learn from the mistake.

If your "scripts" are written in C or C++ and then compiled, you can change the permissions to "a=x" and prevent people from downloading them.

There's no directory permission you can set that will allow a script in the directory to be executed but not downloaded. However, if you clear the "read" permissions on the directory (i.e. make it "a=x") then at least users won't be able to get a listing of the directory.  They can still download scripts if they know the exact name, though.
0
 

Author Comment

by:jzpope
ID: 2006960
Sorry,

One last comment. There is no way I can get rid of the error message then if I don't move files. If there is could you tell me exactly the permissions I have to set. Thanks again.
0
 
LVL 3

Expert Comment

by:dhm
ID: 2006961
I tried the different shells available on my Linux machine; all of them give some sort of error when they're started in a directory for which they don't have read/execute permissions.  I think that if you set the permissions on directory trees where you have CGI scripts to "755" or "go+rx", then the error message will stop.  Note that you have to set all the parent directories, too.  (I.e. if your scripts are in "/usr/httpd/docs/dir1", then you need to make sure all these directories are read/executable:

      /
      /usr
      /usr/httpd
      /usr/httpd/docs
      /usr/httpd/docs/dir1

You can check this yourself by cd'ing to the directory containing the scripts and doing "su httpd".  (If you're running the server as httpd.  If you're running as some other user, then "su" to that user instead.)  If you try that before changing permissions, you'll see the error message on your terminal.  After you change permissions (and if you do it right!) you should be able to "su" without any errors.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month15 days, 2 hours left to enroll

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question