>Number: 3361
>Category: suexec
>Synopsis: Suexec always report the following error "command not in
>docroot"
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Sat Nov 7 00:20:01 PST 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: Apache/1.3.3 (Unix)
>Environment:
BSD/OS main.ls.barrhead.ab.ca 3.1 BSDI BSD/OS 3.1 Kernel #0: Sat Nov 1 20:27:06
MST 1997 [EMAIL PROTECTED]:/usr/src/sys/compile/Nov01-1997 i
386, with all patches.
>Description:
I have made a very basic installation of Apache using the following command
./configure --sysconfdir=/usr/var/www/conf \
--logfiledir=/usr/var/log/httpd \
--runtimedir=/usr/var/run \
--datadir=/usr/var/www \
--enable-suexec \
--suexec-caller=www \
--suexec-userdir=/usr/var/www \
--suexec-uidmin=100 \
--suexec-gidmin=85 \
--suexec-safepath="/bin:/usr/bin"
Prior to this, I have edit ../src/support/suexec.h my modifying the following
line
/*
* DOC_ROOT -- Define as the DocumentRoot set for Apache. This
* will be the only hierarchy (aside from UserDirs)
* that can be used for suEXEC behavior.
*/
#ifndef DOC_ROOT
#define DOC_ROOT "/usr/var/www"
#endif
I know that apache loaded suexec when started as per following error_log entry
[Sat Nov 7 00:45:46 1998] [notice] Apache/1.3.3 (Unix) configured -- resuming n
ormal operations
[Sat Nov 7 00:45:46 1998] [notice] suEXEC mechanism enabled (wrapper: /usr/loca
l/apache/sbin/suexec)
However, everytime I try to start a cgi (Count.cgi) in this case I get the same
error messages
One error message in error_log
[Sat Nov 7 01:05:09 1998] [error] [client 206.75.114.41] Premature end of scrip
t headers: /usr/var/www/docs/cgi-bin/Count.cgi
and one in suexec_log
[1998-11-07 01:05:09]: uid: (lcroteau/lcroteau) gid: (mall/mall) cmd: Count.cgi
[1998-11-07 01:05:09]: command not in docroot (/usr/var/www/docs/cgi-bin/Count.c
gi)
My previous version of Apache (Server: Apache/1.2.4) works without any problem
for suexec
Let me know if you would like any other information about my system.
>How-To-Repeat:
If you would like, I can reload 1.3.3 and run any scripts that would help you
figure out the problem. Just let me know what you would like.
>Fix:
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request ]
[from a developer. ]
[Reply only with text; DO NOT SEND ATTACHMENTS! ]
