On Fri, Oct 15, 2010 at 05:19:36AM -0600, [email protected] wrote:
>
> fat...@nikko:~$ ls -l ~/http/fossils/
> total 1232
> -rw-r--r-- 1 fatman fatman 1231 2010-10-08 14:30 manifest
> -rw-r--r-- 1 fatman fatman 41 2010-10-08 14:30 manifest.uuid
> drwxr-xr-x 8 fatman fatman 4096 2010-10-08 14:18 RegexValidator
> -rwxr-xr-x 1 fatman fatman 78 2010-10-08 14:12 regexvalidator.cgi
> -rw-rw-r-- 1 fatman www-data 78848 2010-10-14 17:33 reg[...]tor.fossil
> drwxr-xr-x 9 fatman fatman 4096 2010-09-29 15:24 Reu2
> -rwxr-xr-x 1 fatman www-data 68 2010-10-06 12:58 reu2.cgi
> -rw-rw-r-- 1 fatman www-data 1060864 2010-10-14 17:34 reu2.fossil
> -rwxr-xr-x 1 fatman fatman 70 2010-10-12 23:57 vprint.cgi
> -rw-rw-r-- 1 fatman www-data 67584 2010-10-12 23:58 vprint.fossil
> fat...@nikko:~$
If you serve with a CGI not having root access, I imagine you won't be able to
"give" the group ownership to www-data. So I imagine you made a root-trick to
get that www-data in the group ownership.
What I did to get proper CGI working on GNU/Linux, I compiled a C program like
this, rss.c, for my 'rss' project:
#include <unistd.h>
int main()
{
return execl("/path/to/fossil",
"/path/to/fossil",
"cgi",
"rss.ref");
}
I gave setuid permissions to the resulting program:
$ gcc -o rss rss.c
$ chmod u+s rss
And finally I created the file rss.ref with these contents:
repository: /home/viric/fossil/rss.fossil
I'd have liked to avoid the rss.ref file, but looking at the fossil source code
I could not find a way to.
Setuid does not work on scripts (#!...), that's why I had to compile the C
program.
I hope this information is useful for someone wanting the CGI serving without
having root access in the web server.
Regards,
Lluís.
_______________________________________________
fossil-users mailing list
[email protected]
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
