Solved

Can't Execute .cgi scripts in Apache

Posted on 2011-02-14
28
874 Views
Last Modified: 2012-05-11
Hi, I am running Red Hat Enterprise 5 server with Apache 2.2.3. I have set up a website www.abcd.com that also uses a cgi-bin directory to execute all of my .cgi and .pl scripts. I have a script called checkpath.cgi that basically when run shows you your hosting information etc...

When I run checkpath.cgi from the command line as in
server# perl checkpath.cgi it works perfectly fine.

when I run the same script by going to the Internet Explorer and typing in
www.abcd.com/cgi-bin/checkpath.cgi I get Inernal Server Error

I verified that Apache can interpret .cgi and .pl scripts by putting a test.pl script in the cgi-bin directory and executing it. The test.pl script contains this code:

#!/usr/bin/perl
print "Content-type: text/plain\n\n";
print "It's working.\n";

I have also renamed the test.pl to test.cgi script and it works fine too.

Here is the configuration of my sites.conf which is loaded by httpd.conf file that contains the www.abcd.com website:

<VirtualHost *:80>

        ServerName www.abcd.com
        ServerAlias www.abcd.com abcd.com
        DocumentRoot /var/www/html/abcd.com/
        DirectoryIndex index.php index.html index.htm index.shtml

        ErrorLog        /var/www/html/abcd.com/logs/error_log
        CustomLog       /var/www/html/abcd.com/logs/access_log combined

   <Directory "/var/www/html/abcd.com/cgi-bin/">
      AllowOverride None
      Options ExecCGI
      AddHandler cgi-script cgi pl
      Order allow,deny
      Allow from all
   </Directory>



</VirtualHost>

Does anyone know why the checkpath.cgi script is not working? Let me know if you need to see any other configuration files.
0
Comment
Question by:Turbowy
  • 12
  • 11
  • 4
  • +1
28 Comments
 
LVL 16

Expert Comment

by:sjklein42
ID: 34891319
Did you perchance forget to set Execute permission on the script file?
0
 

Author Comment

by:Turbowy
ID: 34891327
Hi, that is the first thing that i have checked, it is set to 755
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34891335
Also, check the web errlog which is where any Perl errors will be saved.
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34891358
It's really strange but when I try your link I get redirected to a site "abc.go,com" - with a comma!

Typo somewhere?
0
 

Author Comment

by:Turbowy
ID: 34891373
sorry, I should have said in the original question, the www.abcd.com is not real domain just a sample... im setting up this server for a client of mine, the real address is www.pcandnetworkservice.com
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34891380
And another thing, I think you may need dots on the AddHandler line:

AddHandler cgi-script .cgi .pl
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34891450
OK.  I think we're on the same page now (haha).  It sounds like it has to be a (1) a script compile problem which will be reflected in the web site errlog file, or (2) a problem with the path on the first line in the script file, or (3) the script is not generating valid header lines in the output stream which will also show up as a 500 error.

I'm betting on #3.  When you run the script locally, what output does it generate?  Want to post it so we can take a look?

0
 

Author Comment

by:Turbowy
ID: 34891474
Nothing in the error_logs pertaining to this problem, in the access_logs i only get this:

[14/Feb/2011:14:32:57 -0500] "GET /cgi-bin/test.pl HTTP/1.0" 200 14 "http://www.pcandnetworkservice.com" "Mozilla/4.75 [en] (WinNT; U)"
0
 

Author Comment

by:Turbowy
ID: 34891601
I added .cgi .pl and same issue

when I run the checkpath.cgi from the command line this is what I get:


Content-type:text/html

<html><head><title>Print Environment</title></head>
<body>
G_BROKEN_FILENAMES = 1<br>
HISTSIZE = 1000<br>
HOME = /root<br>
HOSTNAME = publicdns<br>
INPUTRC = /etc/inputrc<br>
LANG = en_US.UTF-8<br>
LESSOPEN = |/usr/bin/lesspipe.sh %s<br>
LOGNAME = root<br>
LS_COLORS = no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jpg=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.tif=00;35:<br>
MAIL = /var/spool/mail/root<br>
OLDPWD = /etc/httpd/conf.d<br>
PATH = /usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin<br>
PWD = /var/www/html/pcandnetworkservice.com/cgi-bin<br>
SHELL = /bin/bash<br>
SHLVL = 1<br>
SSH_ASKPASS = /usr/libexec/openssh/gnome-ssh-askpass<br>
TERM = xterm<br>
USER = root<br>
_ = /usr/bin/perl<br>
</body></html>

Open in new window

0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34891692
Something tells me a blank space is required after the ":" in the Content-Type header.

Content-type: text/html

Open in new window

0
 

Author Comment

by:Turbowy
ID: 34891762
Tried that and no go... Do you thing it could be something in the perl.conf file which is located in conf.d directory, here is the conf in it:
#
# Mod_perl incorporates a Perl interpreter into the Apache web server,
# so that the Apache web server can directly execute Perl code.
# Mod_perl links the Perl runtime library into the Apache web server
# and provides an object-oriented Perl interface for Apache's C
# language API.  The end result is a quicker CGI script turnaround
# process, since no external Perl interpreter has to be started.
#

LoadModule perl_module modules/mod_perl.so

# Uncomment this line to globally enable warnings, which will be
# written to the server's error log.  Warnings should be enabled
# during the development process, but should be disabled on a
# production server as they affect performance.
#

#PerlSwitches -w

# Uncomment this line to enable taint checking globally.  When Perl is
# running in taint mode various checks are performed to reduce the
# risk of insecure data being passed to a subshell or being used to
# modify the filesystem.  Unfortunately many Perl modules are not
# taint-safe, so you should exercise care before enabling it on a
# production server.
#
#PerlSwitches -T

# This will allow execution of mod_perl to compile your scripts to
# subroutines which it will execute directly, avoiding the costly
# compile process for most requests.
#
Alias /perl /var/www/perl
<Directory /var/www/perl>
    SetHandler perl-script
    PerlResponseHandler ModPerl::Registry
    PerlOptions +ParseHeaders
    Options +ExecCGI
</Directory>

# This will allow remote server configuration reports, with the URL of
#  http://servername/perl-status
# Change the ".example.com" to match your domain to enable.
#
#<Location /perl-status>
#    SetHandler perl-script
#    PerlResponseHandler Apache2::Status
#    Order deny,allow
#    Deny from all
#    Allow from .example.com
#</Location>

Open in new window

0
 
LVL 76

Expert Comment

by:arnold
ID: 34891806
You have a permissions access issue likely because you are using SELinux (403 Forbidden . check /var/log/messages for access
ls -lZ checkpath.cgi

Did you add a Handler outside the cgi-bin as well?
Create a .htaccess file in the root directory of this site
AddHandler cg-script .cgi
And see if it clears the issue up.
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34891834
I think that if there was a problem with the perl.conf file, then your test.cgi wouldn't have worked.

Did you add the missing space to the Content-Type header?

Running out of ideas unless you care to post the offending Perl script itself.
0
 
LVL 76

Expert Comment

by:arnold
ID: 34891913
The asker is getting a 403 forbiden error on access to the file and not a 5xx error dealing with the processing of the script.
The user may not have defined the cgi-script globally or outside the cgi-bin directory.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 16

Expert Comment

by:sjklein42
ID: 34891986
I don't think it is returning 403.

The URL in question www.pcandnetworkservice.com/cgi-bin/checkpath.cgi is returning this 500 error:

HTTP/1.1 500 Internal Server Error
Date: Mon, 14 Feb 2011 20:33:31 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Length: 628
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator,
 paulbe@bell.net and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
<p>More information about this error may be available
in the server error log.</p>
<hr>
<address>Apache/2.2.3 (Red Hat) Server at www.pcandnetworkservice.com Port 80</address>
</body></html>

Open in new window

0
 
LVL 76

Expert Comment

by:arnold
ID: 34892079
Hmm, was under the impression that the script was in another location.
check /var/log/audit/ in the event selinux is blocking the access.
The http error_log should indicate what the error is.
The Content-Type: would only affect the display in the browser and not the running of the script.
Are there any relative paths in the script dealing with executing commands or referencing files?
0
 

Author Comment

by:Turbowy
ID: 34892126
Guys, I will be back in few hours, leaving work now...
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34892214
I believe that any bad (malformed) HTTP header in the reply triggers a 500 error on the way out even if the script runs "successfully".

It is not clear if he's getting an access log file entry for the failing script or not.  He is able to run his test.cgi script just fine but not checkpath.cgi.  If I understand right, both scripts are in the same place.  I think it must be something inside his checkpath.cgi script that is bad.  

0
 
LVL 1

Expert Comment

by:leader716
ID: 34892415
Is this server running any kind of hosting software like cpanel or something similar?
0
 

Author Comment

by:Turbowy
ID: 34893274
hi All, ok I stopped Selinux and same issue
no, this server is not running any cpanel

I want to point out also this, before I have upgraded apache that ships with redhat to version 2.0 from www.apache.org, then I downloaded the latest apache software from redhat and upgraded the current version. I wander if I should just remove all instances of apache and reinstall again?
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 250 total points
ID: 34893511
The problem is that you might be looking in the wrong httpd.conf configuration.
Since you are only having issues with one .cgi file, you need to look what that file is trying to access. Note when it runs as a CGI in the browser it runs with rights from the apache user. The script  can not read /etc/ or other such location.
aAs root check whether the shell for apache is /bin/bash if not change it temporarily (record what it is usually /sbin/nologin) usermod -s /bin/bash apache
su - apache
cd /var/www/html/cgi-bin
perl checkpath.cgi and see what you get.
0
 

Author Comment

by:Turbowy
ID: 34893648
Arnold, did as you said and this is what I got:


[root@publicdns bin]# usermod -s /bin/bash apache
[root@publicdns bin]# su - apache
-bash-3.2$ whoami
apache
-bash-3.2$ cd /var/www/html/pcandnetworkservice.com/cgi-bin/
-bash-3.2$ ls
anymail  checkpath.cgi  index.pl  online  test.cgi  today
-bash-3.2$ perl checkpath.cgi
Content-type: text/html

<html><head><title>Print Environment</title></head>
<body>
G_BROKEN_FILENAMES = 1<br>
HISTSIZE = 1000<br>
HOME = /var/www<br>
HOSTNAME = publicdns<br>
INPUTRC = /etc/inputrc<br>
LANG = en_US.UTF-8<br>
LESSOPEN = |/usr/bin/lesspipe.sh %s<br>
LOGNAME = apache<br>
LS_COLORS = no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jpg=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.tif=00;35:<br>
MAIL = /var/spool/mail/apache<br>
OLDPWD = /var/www<br>
PATH = /usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin<br>
PWD = /var/www/html/pcandnetworkservice.com/cgi-bin<br>
SHELL = /bin/bash<br>
SHLVL = 1<br>
SSH_ASKPASS = /usr/libexec/openssh/gnome-ssh-askpass<br>
TERM = xterm<br>
USER = apache<br>
_ = /usr/bin/perl<br>
</body></html>-bash-3.2$

Open in new window

0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34893722
Try executing the script from the shell as Arnold had you do, but without the "perl" in front of it to be sure it has the right first line.
0
 

Author Comment

by:Turbowy
ID: 34893741
Hi sjklein42,

this is what I got

-bash-3.2$ ./checkpath.cgi
-bash: ./checkpath.cgi: /usr/bin/perl^M: bad interpreter: No such file or directory
-bash-3.2$
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34893807
Well there you go!

Is the first line in checkpath.cgi EXACTLY the same as the first line in your test.cgi script?
0
 

Author Comment

by:Turbowy
ID: 34893871
ok guys, I fixed this problem by following this article on redhat website.
Even though both of you Arnold and sjklein42 have provided great troubleshooting tips that I learned a lot from you guys so I would like to split the points between both of you 50/50 is that good?


How do I fix 'bad interpreter' error messages when trying to run shell scripts?Article ID: 6815 - Created on: Dec 18, 2003 6:00 PM - Last Modified:  Jul 15, 2004 6:00 PM More often than not, this error indicates that the script in question has been written on a machine which inserted CR/CRLF's into the script (old MS-DOS style newline/linefeeds). Sometimes they appear as ^M's in the file where a newline is defined. Try running the command:

 


dos2unix <script name>

 
The command should return a prompt after it completes. Try running the script again to see if the 'bad interpreter' error message has cleared.

 
Please note that depending on how your editor is configured, the CR/CRLF differences in a file may be invisible.
0
 
LVL 16

Accepted Solution

by:
sjklein42 earned 250 total points
ID: 34893887
Happy you fixed it.  I have been stung by exactly the same thing.  Glad to share the points.  Thanks.
0
 

Author Closing Comment

by:Turbowy
ID: 34893900
Thank you guys for your great help, it was really appreciated.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now