Re: [PHP] Re: php cgi question
Okies, FINALLY I think I have the reason (though not the solution as yet) Marco, you were spot on, which I hadn't pursued properly, only looking at the immediate parent directory permissions. In fact the whole ~vpopmail structure down to the individual users directory has a VERY restrictive set of permissions only the owner (vpopmail) can list read and write to any of the directories leading down to the ~vpopmail/domains/some.email.domain/some.user/ etc.. etc... no group permissions at ALL. I have asked on the vpopmail list what the effect may be of re-setting group list access (at least) to the structure may be as I dont want to break anything on a running server... lol... so yep.. permissions it was indeed (apparantly anyways), I reckon this is a proven case now, just got to work out the solution as I can't setuid for a web enabled cgi to the vpopmail user without getting stuck in suEXEC etc... I dont know why the heck I hadnt tried just cat'ing the file.. lack of sleep perhaps.. lol Will let you know how it goes (if you are interested) Regards, and thanks for all the help David Cook "Marco Tabini" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Ok, that's a big step forward then. It's possible that your user does > not have access to the directory tree where the file resides? Have you > tried listing that directory and or opening the file (for example with > cat) while using that file? If you can narrow it down to a permission > problem (and, at this point, I think that's exactly where the problem > is), that it should just be a matter of trying a few things out. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: php cgi question
Ok, that's a big step forward then. It's possible that your user does not have access to the directory tree where the file resides? Have you tried listing that directory and or opening the file (for example with cat) while using that file? If you can narrow it down to a permission problem (and, at this point, I think that's exactly where the problem is), that it should just be a matter of trying a few things out. On Sun, 2002-10-13 at 23:23, David Cook wrote: > hmmm safe mode is disabled - for the apache module version > > from phpinfo() > safe_mode Off Off > > > Just out of curiosity--have you tried su-ing to the Apache user and > > executing your script as that user? > yep, same result (although I had to change the apache user for a few minutes > so it had a shell.. lol) as if I ran it off the web (file does not exist), > this still seems to tie into permissions perhaps, but I am having trouble > nailing enough data down so far to point to specifics. > > I didnt make this server from scratch, it came pre-installed with a lot of > the items on it as part of a co-lo deal, the next few I build however will > be from the ground up even if it takes longer... and probably without using > RPM's for a lot of it... I've learned a fair bit the last 9 months or so > about the shortcomings as well as the benefits of using RPM's. > > Thanks again for the thoughts, will test out some more stuff (this is just > plain getting me determined to work it out... stubborn I spose) > > Regards > > David > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: php cgi question
hmmm safe mode is disabled - for the apache module version from phpinfo() safe_mode Off Off > Just out of curiosity--have you tried su-ing to the Apache user and > executing your script as that user? yep, same result (although I had to change the apache user for a few minutes so it had a shell.. lol) as if I ran it off the web (file does not exist), this still seems to tie into permissions perhaps, but I am having trouble nailing enough data down so far to point to specifics. I didnt make this server from scratch, it came pre-installed with a lot of the items on it as part of a co-lo deal, the next few I build however will be from the ground up even if it takes longer... and probably without using RPM's for a lot of it... I've learned a fair bit the last 9 months or so about the shortcomings as well as the benefits of using RPM's. Thanks again for the thoughts, will test out some more stuff (this is just plain getting me determined to work it out... stubborn I spose) Regards David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: php cgi question
I think you might be unable to access documents outside the root if you're in safe mode. Just out of curiosity--have you tried su-ing to the Apache user and executing your script as that user? On Sun, 2002-10-13 at 21:36, David Cook wrote: > Hi again all > > Just a bit more info, trying to track some more things down. > > I made a few changes, changed getmail so that it would allow the getmailrc > file to be group writable, made a few changes to the user/group structure > (including making apache a member of a specific new group, and then setting > that group read/write on the getmailrc file (in theory now, apache should > have read/write permissions to the file via the group), and did a bit more > testing. > > Results, > > Executing the cgi script from command line still works (in that it displays > results, whereas from the web the cgi STIL says that the file doesnt exist > (this is via a quick if(file_exists($getmailfile)) etc.. etc..(least I didnt > break anything else) :) > > I find this interesting, as the file definately DOES exist, and further, > theoretically the web server should have access via the group permissions. > > I was a little curious if this may be a bahaviour of the apache php module, > in that it is incapable of working with files outside docroot? this should > not be the case though, as with a number of the other modules I am using, > and have written, files get written to temp (while they are being uploaded) > and other files are written outside docroot for other purposes, without any > real problems so far, this is getting curiouser and curiouser as Alice said > > Any suggestions or thoughts anyone? > > Puzzled. > > David Cook > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
