Simon336697
asked on
Cannot write to a text file in my cgi-bin folder
Im going crazy guys.
I have a file called hi.txt that I have placed in my cgi-bin folder.
If I place this file in any other location thatn the cgi-bin folder, I can write to it.
I just cant if it is placed in my cgi-bin folder.
I have checked that this file has chmod 0777 permissions, along with the cgi-bin folder itself.
Is this an apache server config issue?
I have changed httpd.conf to include the following...
569 <Directory "/var/www/cgi-bin">
570 AllowOverride None
571 Options +ExecCGI
572 AddHandler cgi-script .cgi
573 Order allow,deny
574 Allow from all
575 </Directory>
Any help greatly appreciated.
I can execute cgi scripts from this folder, but cannot write to them.
[root@localhost www]# ls -ltra cgi-bin
total 1788
-rwxrwxrwx 1 root root 370997 Jun 10 18:13 filechucker.cgi
-rwxrwxrwx 1 root root 370996 Jun 16 04:56 filechucker_focushere.cgi
-rwxr-xr-x 1 root root 276 Jun 16 06:19 focushere_functions.php
-rwxrwxrwx 1 root root 150127 Jun 16 12:50 filechucker_focushere_pref s.cgi
drwxrwxrwx 3 root root 4096 Jun 16 12:52 menu4
drwxrwxrwx 2 root root 4096 Jun 16 13:17 templates
-rwxr-xr-x 1 root root 370997 Jun 16 17:29 filechucker.cgi.backup
-rwxr-xr-x 1 root root 149742 Jun 16 17:29 filechucker_prefs.cgi.back up
-rwxr-xr-x 1 root root 151466 Jun 17 08:19 filechucker_prefs.cgi.late st
drwxrwxrwx 8 apache apache 4096 Jun 17 08:39 ..
-rwxrwxrwx 1 root root 151466 Jun 17 08:43 filechucker_prefs.cgi
-rwxrwxrwx 1 root root 71 Jun 17 09:45 hi.txt
drwxrwxrwx 4 apache apache 4096 Jun 17 09:45 .
I have a file called hi.txt that I have placed in my cgi-bin folder.
If I place this file in any other location thatn the cgi-bin folder, I can write to it.
I just cant if it is placed in my cgi-bin folder.
I have checked that this file has chmod 0777 permissions, along with the cgi-bin folder itself.
Is this an apache server config issue?
I have changed httpd.conf to include the following...
569 <Directory "/var/www/cgi-bin">
570 AllowOverride None
571 Options +ExecCGI
572 AddHandler cgi-script .cgi
573 Order allow,deny
574 Allow from all
575 </Directory>
Any help greatly appreciated.
I can execute cgi scripts from this folder, but cannot write to them.
[root@localhost www]# ls -ltra cgi-bin
total 1788
-rwxrwxrwx 1 root root 370997 Jun 10 18:13 filechucker.cgi
-rwxrwxrwx 1 root root 370996 Jun 16 04:56 filechucker_focushere.cgi
-rwxr-xr-x 1 root root 276 Jun 16 06:19 focushere_functions.php
-rwxrwxrwx 1 root root 150127 Jun 16 12:50 filechucker_focushere_pref
drwxrwxrwx 3 root root 4096 Jun 16 12:52 menu4
drwxrwxrwx 2 root root 4096 Jun 16 13:17 templates
-rwxr-xr-x 1 root root 370997 Jun 16 17:29 filechucker.cgi.backup
-rwxr-xr-x 1 root root 149742 Jun 16 17:29 filechucker_prefs.cgi.back
-rwxr-xr-x 1 root root 151466 Jun 17 08:19 filechucker_prefs.cgi.late
drwxrwxrwx 8 apache apache 4096 Jun 17 08:39 ..
-rwxrwxrwx 1 root root 151466 Jun 17 08:43 filechucker_prefs.cgi
-rwxrwxrwx 1 root root 71 Jun 17 09:45 hi.txt
drwxrwxrwx 4 apache apache 4096 Jun 17 09:45 .
hi.txt is owned by root - what user does your PHP process run as? I.e. if you look at a similar file listing in another directory - is the owner something like "WEB" or still "root"? If your PHP process does not have root permissions that may be the issue.
ASKER
Hi trippy1976,
Mate thank you for your help on this im going nuts.
For this to work, should I be able to do a directory listing through a browser for the cgi-bin folder?
At the moment, i cant do that, even if change the cgi-bin folder to be owned by apache.
Mate thank you for your help on this im going nuts.
For this to work, should I be able to do a directory listing through a browser for the cgi-bin folder?
At the moment, i cant do that, even if change the cgi-bin folder to be owned by apache.
ASKER
Other folders are owned by the same user.
ASKER
Is the owner of the php process the same owner who runs apache?
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Hi trippy, guys,
It is my own server.
Ive tried changing the owner from:
chown -R root.root cgi-bin
chown -R apache.apache cgi-bin
Both dont work on the cgi-bin folder with regards to wrting to hi.txt.
But as soon as I try to write on hi.txt in a different location, it works.
In my question, you can see I have already done an ls on the cgi-bin folder :>)
It is my own server.
Ive tried changing the owner from:
chown -R root.root cgi-bin
chown -R apache.apache cgi-bin
Both dont work on the cgi-bin folder with regards to wrting to hi.txt.
But as soon as I try to write on hi.txt in a different location, it works.
In my question, you can see I have already done an ls on the cgi-bin folder :>)
ASKER
Is the cgi-bin a special folder where different permissions are set on this?
I was thinking there might be a problem with the cgi-bin folder in terms of apache and the httpd.conf file that Im overlooking perhaps?
I was thinking there might be a problem with the cgi-bin folder in terms of apache and the httpd.conf file that Im overlooking perhaps?
ASKER
Tintin, the code is php code that writes to a txt file in the cgi-bin folder.
Im getting a Permission denied writing to it.
But the folder and files within the fodler are owned by root....
Im getting a Permission denied writing to it.
But the folder and files within the fodler are owned by root....
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Adam, just testing your theory now....rebooting my server.
Im wondering guys if it could be because in my httpd.conf file, i have the following setup...
Document Root = /var/www/html
my cgi-bin folder = /var/www/cgi-bin
The cgi-bin folder is OUTSIDE the document root.
Could this be it?
Im wondering guys if it could be because in my httpd.conf file, i have the following setup...
Document Root = /var/www/html
my cgi-bin folder = /var/www/cgi-bin
The cgi-bin folder is OUTSIDE the document root.
Could this be it?
As far as I know, given an appropriate path, PHP can write a file anywhere on the server.
If you are getting a permissions issue, I think that is it.
What I suggested was to write a file NOT in the cgi-bin directory and ls that OTHER directory to see what permissions and owners are set. You should be able to replicate the same.
Have the PHP script write to a path like:
/root/mytest/hi.txt
Then
cd /root/mytest
ls -al
See what the permissions are.
What is the need to have the file in cgi-bin? Have you tried maybe a symlink or other method so that the "file" in cgi-bin is a symlink to file in some alternate, less problematic area?
Also go back one level in your directories and see what the permissions / owners are on the cgi-dir. That could be a snag too.
If you are getting a permissions issue, I think that is it.
What I suggested was to write a file NOT in the cgi-bin directory and ls that OTHER directory to see what permissions and owners are set. You should be able to replicate the same.
Have the PHP script write to a path like:
/root/mytest/hi.txt
Then
cd /root/mytest
ls -al
See what the permissions are.
What is the need to have the file in cgi-bin? Have you tried maybe a symlink or other method so that the "file" in cgi-bin is a symlink to file in some alternate, less problematic area?
Also go back one level in your directories and see what the permissions / owners are on the cgi-dir. That could be a snag too.
ASKER
Adam, no luck.
Im checking the apache logs and nothing recorded for it.
View source errors are:
<b>Warning</b>: fopen(../../cgi-bin/hi.txt ) [<a href='function.fopen'>func tion.fopen </a>]: failed to open stream: Permission denied in <b>/var/www/html/simeswiki /menu4_it_ hware_dell _focusHERE .php</b> on line <b>42</b><br />
<br />
<b>Warning</b>: fwrite(): supplied argument is not a valid stream resource in <b>/var/www/html/simeswiki /menu4_it_ hware_dell _focusHERE .php</b> on line <b>43</b><br />
<br />
<b>Warning</b>: fclose(): supplied argument is not a valid stream resource in <b>/var/www/html/simeswiki /menu4_it_ hware_dell _focusHERE .php</b> on line <b>44</b><br />
Tintin, here is my code....
========================== = /var/www/html/simeswiki/me nu4_it_hwa re_dell_fo cusHERE.ph p
See attach code snippet
If I try and go to the following page...
http://192.168.2.100/cgi-bin/
You don't have permission to access /cgi-bin/ on this server.
Im checking the apache logs and nothing recorded for it.
View source errors are:
<b>Warning</b>: fopen(../../cgi-bin/hi.txt
<br />
<b>Warning</b>: fwrite(): supplied argument is not a valid stream resource in <b>/var/www/html/simeswiki
<br />
<b>Warning</b>: fclose(): supplied argument is not a valid stream resource in <b>/var/www/html/simeswiki
Tintin, here is my code....
==========================
See attach code snippet
If I try and go to the following page...
http://192.168.2.100/cgi-bin/
You don't have permission to access /cgi-bin/ on this server.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.oxhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head><!-- Put IE into quirks mode -->
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="includes/menu.css" />
<?php
include("includes/sitewide.php");
?>
<title><?php echo $title ?></title>
<?php
function getFolderPath($filename) {
$fileparts = explode('_', $filename);
return '/simeswiki/'.implode(array_slice($fileparts, 1, count($fileparts)-2));
}
?>
<?php
// Part A:
//Get the folderPath variable for input into /cgi-bin/filechucker_prefs.cgi
$folderpath = getFolderPath($_SERVER['SCRIPT_FILENAME']);
?>
<?php
// Part B:
// With $folderpath, replace in /cgi-bin/filechucker_prefs.cgi
// $lines = file('/var/www/cgi-bin/filechucker_prefs.cgi');
$lines = file('/var/www/cgi-bin/hi.txt');
foreach($lines as $index => $line) {
if(trim($line) == '# ooPLACEHOLDERoo #') {
$lines[$index+1] = '$PREF{uploaded_files_dir} = \''.$folderpath."'\n";
break;
}
}
// $f = fopen('/var/www/cgi-bin/filechucker_prefs.cgi','w');
$f = fopen('/var/www/cgi-bin/hi.txt','w');
fwrite($f, implode('', $lines));
fclose($f);
?>
</head>
ASKER
Trippy,
Thank you mate.
I have done what you said, and the owner was root, and on the parent directories, as they are for cgi-bin.
I think im having an issue writing to the cgi-bin folder through a web page when the cgi-bin folder is outside the document root, but not sure what security other than having the owner of cgi-bin as root, or apache, and its parent folders.
Im stumped.
Thank you mate.
I have done what you said, and the owner was root, and on the parent directories, as they are for cgi-bin.
I think im having an issue writing to the cgi-bin folder through a web page when the cgi-bin folder is outside the document root, but not sure what security other than having the owner of cgi-bin as root, or apache, and its parent folders.
Im stumped.
ASKER
Here is my httpd.conf file (relevant parts )
DocumentRoot "/var/www/html"
#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
#
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.
#
# The path to the end user account 'public_html' directory must be
# accessible to the webserver userid. This usually means that ~userid
# must have permissions of 711, ~userid/public_html must have permissions
# of 755, and documents contained therein must be world-readable.
# Otherwise, the client will only receive a "403 Forbidden" message.
#
# See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden
#
<IfModule mod_userdir.c>
#
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).
#
UserDir disable
#
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disable" line above, and uncomment
# the following line instead:
#
#UserDir public_html
</IfModule>
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
# The index.html.var file (a type-map) is used to deliver content-
# negotiated documents. The MultiViews Option can be used for the
# same purpose, but it is much slower.
#
DirectoryIndex index.html index.html.var
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
ASKER
trippy1976, Tintin, Adam314
Guys thanks so much for your help.
The problem with writing to the cgi-bin folder was the following.....
From a command line, I ran the following...
# getenforce
Enforcing
My redhat server turns out that it is running selinux in enforcing mode.
As soon as I did the following.....
# setenforce 0
then
#getenforce
Permissive
and then service httpd restart.
I could write the cgi-bin folder
Thanks to all of you.
Guys thanks so much for your help.
The problem with writing to the cgi-bin folder was the following.....
From a command line, I ran the following...
# getenforce
Enforcing
My redhat server turns out that it is running selinux in enforcing mode.
As soon as I did the following.....
# setenforce 0
then
#getenforce
Permissive
and then service httpd restart.
I could write the cgi-bin folder
Thanks to all of you.