Solved

shell-init: could not get current

Posted on 1997-09-08
5
228 Views
Last Modified: 2008-03-10
Hello there,

I was wondering if any of you could help me. My error_log from my
website came out with *loads* of lines that said this:

shell-init: could not get current directory: getwd: cannot access parent directories

what does it mean? Does anyone know what I am doing wrong?

I will be eternally grateful,

James.
0
Comment
Question by:jzpope
  • 3
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
dhm earned 150 total points
ID: 2006957
That's what bash says when you start it up and it can't determine its current working directory because the directory permissions prohibit it.  I'd guess you're using SSI or CGI, and that httpd's shell is set to "/bin/bash", and that one of the directories above where the daemon tries to start CGIs is protected.

Try cd'ing to the CGI directory and then su to the HTTP daemon owner (httpd?)  You'll probably get the same message.  Next, look at the permissions on each directory up the tree to the root.  If you add "read" permission to them, the warning message should go away.  Make sure your server is configured correctly, though, or you might accidentally make your CGI scripts available for download.  I like to put them in two completely separate directory trees:

.../web-server/directory/tree/docs/xxx.html
.../web-server/directory/tree/cgi/somescript.cgi

If your server document root is set to ".../web-server/directory/tree/docs", then users won't be able to retrieve files from the CGI directory.
0
 

Author Comment

by:jzpope
ID: 2006958
How do I change the permissions for a directory so that they the CGI scripts are set to read and not downloadable. Basically they have to be executed by the visitor so they cannot be hidden from the visitor. Also many of my directories have CGI scripts aswell as normal HTML files.

Thanks.
0
 
LVL 3

Expert Comment

by:dhm
ID: 2006959
If your scripts are in Perl or shell (i.e. not compiled C/C++ code) then you can't protect them if they're in the same directory as HTML files.  You should really separate them into document-only and program-only directories, but that's often impossible because there are just too many files to sort out.  In that case, all you can do is learn from the mistake.

If your "scripts" are written in C or C++ and then compiled, you can change the permissions to "a=x" and prevent people from downloading them.

There's no directory permission you can set that will allow a script in the directory to be executed but not downloaded. However, if you clear the "read" permissions on the directory (i.e. make it "a=x") then at least users won't be able to get a listing of the directory.  They can still download scripts if they know the exact name, though.
0
 

Author Comment

by:jzpope
ID: 2006960
Sorry,

One last comment. There is no way I can get rid of the error message then if I don't move files. If there is could you tell me exactly the permissions I have to set. Thanks again.
0
 
LVL 3

Expert Comment

by:dhm
ID: 2006961
I tried the different shells available on my Linux machine; all of them give some sort of error when they're started in a directory for which they don't have read/execute permissions.  I think that if you set the permissions on directory trees where you have CGI scripts to "755" or "go+rx", then the error message will stop.  Note that you have to set all the parent directories, too.  (I.e. if your scripts are in "/usr/httpd/docs/dir1", then you need to make sure all these directories are read/executable:

      /
      /usr
      /usr/httpd
      /usr/httpd/docs
      /usr/httpd/docs/dir1

You can check this yourself by cd'ing to the directory containing the scripts and doing "su httpd".  (If you're running the server as httpd.  If you're running as some other user, then "su" to that user instead.)  If you try that before changing permissions, you'll see the error message on your terminal.  After you change permissions (and if you do it right!) you should be able to "su" without any errors.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now