I uploaded a basic python script to my shared hosting at Dreamhost, and changed the permissions to 777. It ran fine from the shell (via SSH) but would display a 'Server Error' when called from the browser.
In the error.log, the error was 'Premature end of script headers'.
I wrote to DreamHost, who (surprisingly quickly) replied by changing the permissions to 755, and the script started working properly in apache (I could see the output in the browser).
But this doesn't seem right - how can adding extra lenient permissions break anything from functioning?
Allowing anyone to edit a CGI script means that it would be easy to insert a backdoor into the system. httpd is correctly disallowing a suspect program to be run.
Related
I'm running MarkLogic 8 (developer edition) on Mac OS 10.10.1.
I'm a beginner with ML, and I'm reading the "Getting Started" material in the online docs, in particular the section "Sample XQuery Application that Runs Directly Against an App Server."
I created the "TestServer" app server just fine, following the instructions. I then copied and pasted the text for the four XQuery files in the exercise, load.xqy, dump.xqy etc.
My local copies of the four .xqy files are under ~/Library/MarkLogic/Apps/Test, per the instructions. Read and execute permissions are open along the entire filepath, down to the .xqy files themselves.
When I request http://localhost:8005/Test/load.xqy, as instructed, I get a 404 Not Found response.
lsof -i :8005 indicates that MarkLogic is indeed listening on port 8005.
I checked the TestServer configuration against the instructions, disabled and re-enabled TestServer, stopped and re-started ML--always with the same result: 404 Not Found.
I haven't been able to find anything in either the ML mail archives or Stackoverflow to get me past this sticking point.
Any ideas or suggestions would be very much appreciated. Thank you!
This seems like a permission issue. Does it work when you run it as the admin user?
Have check to make sure the files are loaded into the modules database?
Also check the permission got set with the correct role for those file.
Check to see that user that is running the app has the role that you used when setting permission on those file.
This worked for us:
In the TestServer configuration instead of just putting Test in root field, put Apps/Test/ which is the location of the 4 files (load.xqy,dump.xqy, update-form.xqy and update-write.xqy relative to the MarkLogic installation directory -- in our case, centos, this was at /opt/MarkLogic/)
And then issued this command
chmod +r *.xqy
If you follow all the instructions correctly just remove the Test from the url. If yours is "http://localhost:8005/Test/load.xqy" make it "http://localhost:8005/load.xqy"
On a mac in terminal when executing:
chown apache uploads/
I get the error:
chown: apache: Invalid argument
The foder is on a shared web server. I need to change the owner of the folder because otherwise my PHP script for creating simple text files will return a permission denied error. Please don't suggest chmodding the folder to 777 (which does work), since almost all advice against it.
Is it possible that the server doesn't run scripts as the user 'apache'? How can I find this out?
"Invalid argument" makes me think this directory is on an HFS+ volume with owners disabled; you won't be able to change it in that case. You may be able to switch owners on, although it's possible that requires reformatting.
(The advice to check /etc/passwd is wrong, or at least inaccurate, on OS X; you need dscl . list /Users.)
There are two things you might want to check:
1) Is there a user called apache? Maybe it's httpd. You can search /etc/passwd. (Or whatever your platform uses to store user names, you didn't mention your operating system.)
2) What user do scripts run as? You can check this by running a test script. For example:
#/bin/bash
echo Content-Type: text/plain
echo
id -a
If you save this as test.cgi and put it in a CGI directory, you should be able to run it and get it to tell you what user it's running as.
Under Windows7 I am running CentOS-6.2-x86_64-server (on VM) having Apache2 with php5 and mysql installed. The vm is working fine, apache and mysql are started.
Now I want to access a webpage on the vm host being opened by a browser under Windows7.
I get following message:
"Forbidden. You don't have permission to access /index.html on this server."
My windows firewall is activated. Via Windows console I pinged the VM server successfully.
What am I doing wrong or what I have to do?
This is almost certainly an issue of either permissions for the path you're trying to access, or the mode in which you are running Apache. If, in your httpd.conf or ssl.conf files, you have a directive like SSLRequireSSL for this path, it will show a forbidden message when you attempt to access it via http rather than https.
Another reason this can happen is if you have http basic auth set up or some such, and cancel the login process.
Probably the most likely reason though, is simply having too strict permissions set on the folder or files that Apache is attempting to serve. If you go to the path where index.html lives, and make sure that both the directory and the files you want, are set to chmod 644 and make sure that you set things as being executable if there are scripts to be run, then you should be able to serve via apache as expected. You may also then need to chown apache.apache the files in question if they need to be writable by apache as well, but the former should get you going at least.
EDIT: Fixed a typo.
Trying to setup a Cron task that gets a file via FTP however seems to fail due to file permissions.
Code runs perfect in the browser, ie when apache is the owner, however fails when Cron runs the same page.
I'm assuming this is a directory/file permission error, if so who should I set the directory owner too for Cron jobs?
Most likely Dan's thought is going to be your problem. However if it works from a browser you can also call the page like this:
wget -q "http://www.domain.com/path/to/script/script.whatever" >/dev/null 2>&1
if you still get errors you can remove the >/dev/null 2>&1 part & [if your email address is in the domain administrator account correctly] output, including errors should get emailed to you.
As for the correct permissions, don't change the default plesk ones or you will get issues with normal ftp.
Defaults are:
everything under httpdocs = ftpuser.psacln
anything written by php/apache = apache.apache ~ unless you are running php as a cgi on that domain,, then they will belong to the ftp user as well.
-sean
cron jobs will run as the user that created them. More likely than a permissions error is a path error. If you're not specifying full absolute paths to the program/script to run, and to any files you reference, you'll likely have problems as cron won't have the same PATH in its environment as Apache does or you do at your shell prompt.
I run a django application over apache with mod_wsgi, using WAMP.
A certain URL allows me to stream the content of image files, the paths of which are stored in database.
The files can be located whether on local machine or under network drive (\\my\network\folder).
With the development server (manage.py runserver), I have no trouble at all reading and streaming the files.
With WAMP, and with network drive files, I get a IOError : obviously because the httpd instance does not have read permission on said drive.
In the task manager, I see that httpd.exe is run by SYSTEM. I would like to tell WAMP to run the server as [myself] as I have read and write permissions on the shared folder. (eventually, the production server should be run by a 'www-admin' user having the permissions)
Mapping the network shared folder on a drive letter (Z: for instance) does not solve this at all.
The User/Group directives in httpd.conf do not seem to have any kind of influence on Apache's behaviour.
I've also regedited : I tried to duplicate the HKLM\[...]\wampapache registry key under HK_CURRENT_USER\ and rename the original key, but then the new key does not seem to be found when I cmd this
> httpd.exe -n wampapache -k start
or when I run WAMP.
I've run out of ideas :)
Has anybody ever had the same issue?
Win+R, services.msc
edit wampapache and wampmysqld to log on as some user.
the tray icon is a convenient front end to "net start wampapache" and "net start wampmysqld"
The User/Group directives in httpd.conf do not seem to have any kind of influence on Apache's behaviour.
httpd.exe is started by the root user (this is probably why you see it running under SYSTEM). The user and group lines in httpd.conf determine what user the child processes (that httpd spawns) will run under. These forks are what actually handle page requests, etc. so it is possible that your configuration is already doing what you want it to, it is just unclear from looking at task manager.
You could also try using runas to start WAMP/Apache, though your mileage may vary.
I've just found that executing httpd.exe myself works for me... I just loose all the funky WAMP tray icon, and the "restart apache" menu item, really handy whenever I update my application code...
I'll have to make do with this for the moment...