[smokeping-users] Can't find lib.pm in @INC
ged at jubileegroup.co.uk
Mon Feb 9 20:52:07 CET 2009
> On Tue, 25 Nov 2008, Eric Chatham wrote:
On Mon, 9 Feb 2009, Eric Chatham wrote:
> I got back to trying to make this work.
Wow! Nothing if not persistent! :)
> ... still stuck on this error:
> [Mon Feb 09 11:59:01 2009] [error] [client <IP removed>] Premature end of script headers: smokeping.cgi
> [Mon Feb 09 11:59:11 2009] [error] [client <IP removed>] (13)Permission denied: exec of '/opt/smokeping/htdocs/smokeping.cgi' failed
Apache says it won't execute that. Not the operating system, Apache.
> Here is my output for ls -l. This is the directory in which Smokeping is supposed to execute.
> -rwxrwxrwx 1 root root 2719 Feb 9 11:45 /opt/smokeping/htdocs/smokeping.cgi
Urgh! World write on a cgi script. Nasty. Please at least make that
Anyway, I think it's in the wrong place. Security concerns mean that
usually your .cgi files go in a directory called /some/thing/cgi-bin/
(for example /usr/local/apache/cgi-bin on most of my systems) and the
cgi-bin directory is readable/writeable/searchable only by root. The
scripts in there tend to get executed by the parent Apache process, it
has root permissions, so anybody that can write to the scripts has in
effect got root access to the box. Normally there are configuration
directives in Apache's httpd.conf which tell it what to allow execute
permission on and what to deny. If the configuration says that your
scripts can only be executed if they're in cgi-bin, then if you put a
script in htdocs (probably your 'document root') then Apache will say
it refuses to execute them. If you've told it to allow the execution
of scripts in the htdocs directory (there are several ways to do that)
then there might be another explanation - the first line of the script
might give us a clue.
> I'm not sure who is authorized to run httpd process on the server,
> but here is the process index for users using httpd at the moment.
> [~ smokeping]# ps -aux | grep httpd
> Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
You don't want the '-' in that command. It's historical. Never mind.
> root 22551 0.0 0.1 17832 5616 ? Ss 11:56 0:00 /usr/sbin/httpd
> apache 22553 0.0 0.1 21092 4832 ? S 11:56 0:00 /usr/sbin/httpd
That all looks normal.
Just remind me, does this box have SELinux? (That's another way to
prevent things from working. :)
More information about the smokeping-users