Hi Eric,
> On Tue, 25 Nov 2008, Eric Chatham wrote: > ... On Mon, 9 Feb 2009, Eric Chatham wrote: > I got back to trying to make this work. Wow! Nothing if not persistent! :) > ... still stuck on this error: > [Mon Feb 09 11:59:01 2009] [error] [client <IP removed>] Premature end of > script headers: smokeping.cgi > [Mon Feb 09 11:59:11 2009] [error] [client <IP removed>] (13)Permission > denied: exec of '/opt/smokeping/htdocs/smokeping.cgi' failed Apache says it won't execute that. Not the operating system, Apache. > Here is my output for ls -l. This is the directory in which Smokeping is > supposed to execute. > -rwxrwxrwx 1 root root 2719 Feb 9 11:45 /opt/smokeping/htdocs/smokeping.cgi Urgh! World write on a cgi script. Nasty. Please at least make that -rwxr-xr-x Anyway, I think it's in the wrong place. Security concerns mean that usually your .cgi files go in a directory called /some/thing/cgi-bin/ (for example /usr/local/apache/cgi-bin on most of my systems) and the cgi-bin directory is readable/writeable/searchable only by root. The scripts in there tend to get executed by the parent Apache process, it has root permissions, so anybody that can write to the scripts has in effect got root access to the box. Normally there are configuration directives in Apache's httpd.conf which tell it what to allow execute permission on and what to deny. If the configuration says that your scripts can only be executed if they're in cgi-bin, then if you put a script in htdocs (probably your 'document root') then Apache will say it refuses to execute them. If you've told it to allow the execution of scripts in the htdocs directory (there are several ways to do that) then there might be another explanation - the first line of the script might give us a clue. > I'm not sure who is authorized to run httpd process on the server, > but here is the process index for users using httpd at the moment. > > [~ smokeping]# ps -aux | grep httpd > > Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ You don't want the '-' in that command. It's historical. Never mind. > root 22551 0.0 0.1 17832 5616 ? Ss 11:56 0:00 > /usr/sbin/httpd > apache 22553 0.0 0.1 21092 4832 ? S 11:56 0:00 > /usr/sbin/httpd > ... That all looks normal. Just remind me, does this box have SELinux? (That's another way to prevent things from working. :) -- 73, Ged. _______________________________________________ smokeping-users mailing list [email protected] https://lists.oetiker.ch/cgi-bin/listinfo/smokeping-users
