[smokeping-users] Re: Cannot get DYNAMIC target?
smokeping at leos.cz
Tue Aug 23 13:55:15 MEST 2005
Marc Haber wrote:
> On Tue, Aug 23, 2005 at 01:16:32PM +0200, Leos Bitto wrote:
>>Marc Haber wrote:
>>>On my system, the directories are smokeping:www-data 755, and the rrd
>>>files are smokeping:www-data 644. However, this doesn't explain why
>>>the web server is able to write the rrd file. How does the web server
>>>gain access to the rrd files? Does it escalate privileges to smokeping
>>>by some funky way?
>>The rrd files are written by the smokeping daemon only (which runs under
>>user smokeping in your installation, I suppose). The cgi script only
>>reads them, and creates the appropriate images in the directory
>>specified as imgcache in the configuration file.
> You're right of course. I mixed up the png and rrd directories, how
> embarassing. However, there is no *.adr file in the imgcache directory
> (which is /var/www/smokeping on Debian).
>>>I have made the directory with the rrd files writeable for www-data
>>>(smokeping:www-data 755), but still no *.adr file shows up in the
>>>directory. What might be going wrong here?
>>Many things. First, 755 is not writeable by group - but that's probably
>>just a typo.
> Yes, it's a typo.
OK, so how does it really look? What user, what group, what permissions?
Is it smokeping:www-data 775 or something else?
>>Second, your cgi script might not run with privileges
>>including group www-data - that might happen for example because you
>>Apache lacks access to this group, or because your Apache uses suexec.
> I cannot verify this since the directory the web server writes to,
> /var/www/smokeping, is of course www-data:www-data 755, and the
> presence of *.png files shows that the web server can write there.
> However, no .adr file here.
The presence of *.png files there says that the cgi script runs under
user www-data. However, that doesn't say that it has access to the group
www-data (which might be needed to access that other directory). Please
run the following cgi script to check the actual permissions:
echo "Content-Type: text/plain"
Additionally, please check whether your Apache uses suexec or not. That
would make a big difference.
Unsubscribe mailto:smokeping-users-request at list.ee.ethz.ch?subject=unsubscribe
Help mailto:smokeping-users-request at list.ee.ethz.ch?subject=help
More information about the smokeping-users