OpenBSD Apache and cgi
Hello. Is there anything special I need to do with OpenBSD to get scripts to run in /var/www/cgi-bin?
Here are my settings in httpd.conf
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
Allow from all
#AddHandler cgi-script .cgi
AddHandler cgi-script .cgi
-rwxr-xr-x 1 root daemon 250288 Sep 30 08:28 getin.cgi
-rwxr-xr-x 1 root bin 268 Mar 29 2004 printenv
-rwxr-xr-x 1 root bin 757 Mar 29 2004 test-cgi
-rwxr-xr-x 1 root daemon 97 Sep 30 08:35 test.cgi
None of the above scripts work. I am getting an internal server error.
here is the log
[Thu Sep 30 08:33:23 2004] [error] [client 126.96.36.199] Premature end of script headers: /cgi-bin/getin
[Thu Sep 30 08:33:54 2004] [error] [client 188.8.131.52] Premature end of script headers: /cgi-bin/getin.cgi
[Thu Sep 30 08:34:28 2004] [error] [client 184.108.40.206] Premature end of script headers: /cgi-bin/getin.cgi
[Thu Sep 30 08:36:03 2004] [error] [client 220.127.116.11] Premature end of script headers: /cgi-bin/test.cgi
[Thu Sep 30 08:36:20 2004] [error] [client 18.104.22.168] Premature end of script headers: /cgi-bin/test-cgi
[Thu Sep 30 08:37:02 2004] [error] [client 22.214.171.124] Premature end of script headers: /cgi-bin/printenv
All these scripts work from the command line though.
Thanks in Advance.
I think it has something to do with chroot. I am still searching google.
If the CGI scripts call something outside of /var/www, they will not work.
Try searching some of the OpenBSD mailing list archives at marc.theaimsgroup.com for "cgi chroot", or something like that.
I will check out the link but I know for a fact that they are calling /usr/bin/perl which is typical for a cgi script.
"CGI scripts using Perl or another scripting language require the interpreter and support files to be present in the chroot environment. Note that adding scripting languages like Perl severely violates rule 1."
From link above, thanks chort.
So it seems that I would need to install perl, or link it somehow which I don't know how to do yet, in the /var/www directory. Does anyone have any experience with this?
People must not use OpenBSD for dynamic web servers by default for obvious security reasons. I am still new to all this.
I really dig getting a locked down system and opening up for what I need though. I think you learn more than playing with a system that is easy to break.
Assuming you understand the added danger of running apache without chroot, you can change your /etc/rc.conf HTTPD line to
You'll have to reboot for your machine to see this.
then go into /var/www/cgi-bin and change the permissions on all the scripts to allow execution
chmod a+rx test-cgi
chmod a+rx printenv
now you can load /cgi-bin/printenv in your browser
you'll get your cgi script output
In OpenBSD, Apache is chrooted by default. Which does not mean that chroot is usable by everybody for all applications. It does mean that OpenBSD is initially configured for minimal risk, and configurations that incur additional risk must be actively chosen.
Apache is a web server. Why should it include an interpreted language environment?
If you want Perl, just copy all the necessary files. Some people won't use Perl, and they are free to include whatever interpreter and/or libraries they desire in the chroot.
I have recently install OpenBSD 5.2, and having trouble making cgi work. I tried the instructions in #6 (to run Apache out of chroot), and can't get the printenv perl script to work. My web page "printenv.php" to run the script looks like:
$title="Test printenv cgi";
<?php printf("<h2>%s</h2>\n", $title); ?>
<form action="/cgi-bin/printenv" method="get">
<input type="submit" name="submit" value="Printenv"
Apparently nothing happens when I click the submit button - the web page with the form remains on the screen.
Some system information:
OpenBSD lightning.local 5.2 GENERIC#278 i386
OpenBSD 5.2 (GENERIC) #278: Wed Aug 1 10:04:16 MDT 2012
Actually this CPU is missing i686 instructions
cpu0: VIA Samuel 2 ("CentaurHauls" 686-class) 800 MHz
cpu0 at mainbus0: (uniprocessor)
real mem = 502788096 (479MB)
avail mem = 483713024 (461MB)
spdmem0 at iic0 addr 0x50: 256MB DDR SDRAM non-parity PC3200CL3.0
spdmem1 at iic0 addr 0x51: 256MB DDR SDRAM non-parity PC2100CL2.5
root on wd0a (a6ebc77e99ef6c87.a) swap on wd0b dump on wd0b
Device 512-blocks Used Avail Capacity Priority
/dev/wd0b 1430205 0 1430205 0% 0
vga1 at pci1 dev 0 function 0 "VIA CLE266" rev 0x03
Oops: I found the problem in my html page #10 - I left off the closing ">" in the <submit > tag. Problem solved.
I copied perl into my chroot and run CGIs there.
|All times are GMT -5. The time now is 10:09 AM.|