Is it possible for the apache2 user, http, to have environment variables like normal users do? How would I go about setting those up, if possible?
Your question is not clear about how you want to use the environment variables.
For consideration: if in /etc/httpd/conf/httpd.conf, you put
SetEnv MYVAR 10
then that environment variable should be available in your scripting language (PHP for example). In PHP, it can be accessed by $_SERVER['MYVAR']
Well, if your http user has a login shell, which most don't, you could put it in there. But that's still probably not going to do what you really want. I usually accomplish what you're trying to do by putting the environment variables in /etc/init.d/httpd.
Related
I am still an Apache noob, and I am trying to set an environment variable that will be used by my Rails application.
I've read https://httpd.apache.org/docs/2.4/mod/mod_env.html#setenv and done some google and SO searches. I have at least determined that the value to be assigned must be in quotes. However, when I run sudo service apache2 restart, the value of SECRET_KEY_BASE is still not correct (viewed via printenv). I don't know what I don't know. Is there some step i'm missing?
In my apache configuration I have:
SetEnv SECRET_KEY_BASE "e10e721..."
# Tell Apache and Passenger where your app's 'public' directory is
DocumentRoot /var/www/some_path
Please let me know what other information I might need to share. Thanks for looking.
There are a few subtle pitfalls here.
First: You can't check it in the terminal you ran that command from. "SetEnv" sets a per-request internal variable that will be copied to CGI-like processes that the server subsequently executes.
Secondly, even if you set a real native environment variable (in e.g. /etc/apache2/envvars) you should not do a restart operation since that will not necessarily reload that particular file. You should do a stop and a start. You still won't see the variable in the command you start the server from, since it was only in the webserver process.
If you want to see the environment of a running process, you can write a basic CGI to dump the environment that was passed down to the CGI script. If you're a PHP user, a basic script with phpinfo() will dump it.
Or, you can determine Apache's process ID with ps and then check /proc/$thepid/env (on Linux).
I using Apache 2.2 and mod_perl 2.0.4. I want to retrieve the value of an environment variable named "A_VARIABLE" in a mod_perl handler which was set in an Apache configuration file as:
SetEnv A_VARIABLE "some value"
In the mod_perl documentation about the PerlSetEnv configuration option, it says the following:
PerlSetupEnv On will allow you to access the environment variables like $ENV{REQUEST_URI}, which are available under CGI. However, when programming handlers, there are always better ways to access these variables through the Apache API. Therefore, it is recommended to turn it Off except for scripts which absolutely require it. See PerlSetupEnv Off.
Is there a way to access to read that variable without using the %ENV hash as the documentation implies? If so, please provide a short example on how to do so.
I am wondering if you call setenv() on a shared web host, in general, is this allowed? Or would such a feature be disabled on most hosts as you are setting a global environment variable. I.e. if you have a cgi program, on most web hosts would setenv actually work?
Wondering if it is a security issue and they have it disabled..
Reason I ask is because for some programs, setting up PATH variables as a setenv call would be very useful, but if this feature is not portable to all servers and some servers disable this then it would not be very portable code if you ever change servers.
And I do not mean a cgi variable or post variable, I mean an actual operating system setenv call that really sets a real environment variable on unix, not just an apache server variable or http variable or such.
Yes, it's allowed but note that it will only have an effect on processes that your CGI script launches.
This is true in general and not specific to CGI. setenv() only affects the current program's environment and (in general) the environment of any child processes. Setting of "systemwide" environment variables is done in various startup scripts, etc.
I would like to remove the password from mysql db code of my application and insert it into the server, i would not be seen by users of the shell. I thought to put it as environment variable of apache user (user running the php code) is possible ?
Yes, it's possible. You can use PassEnv directive to pass OS environment variables to CGI scripts.
In PHP you can use $_ENV to get the value of required variables.
I'm trying to read the operating system variable HOMEPATH from apache but the getenv() doesn't work in the browser but works in command line.
I have read several articles and they say it's a permission issue. But is there a way to propagate the operating system variable to be an apache env variable when apache starts?
I'm assuming you are on linux, and if you aren't I'm just posting this here for record (my search was fruitless, I'm on CentOS 6.5)
From what I understand, there's no way to provide apache any direct access to the environment variables including variables from the environment of the user that started the apache process and global environment variables you've specified within /etc/profile.d startup scripts.
Since I'm using bash, I have a variables.bashrc file that I source from my ~/.bashrc. This variables.bashrc declares my user environment variables. Within my apache startup script (/etc/init.d/httpd) I have added a line
. /path/to/variables.bashrc
that sources the same variables as my user has access to. This makes these environment variables available to apache.
Apache may receive the variables but it can also block the variables unless you explicitly say to pass them on to your scripts. This uses mod_env so you must ensure this module is loaded So you'll have to add
PassEnv VARIABLE_NAME
to the directory/virtual host you are configuring. For example...
<Directory "/path/to/cgi/scripts/">
AllowOverride None
Options None
Order allow,deny
Allow from all
PassEnv VARIABLE_NAME
</Directory>
This will make it available to your CGI scripts, or whatever script may be trying to access environment variables.
I'm not sure if this is the most elegant way to solve this, so I would be interested to see what other people have done to solve this issue... perhaps some automated way (mod_something) to make these variables visible.
Thanks.