LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-25-2010, 10:33 AM   #1
rmknox
Member
 
Registered: May 2010
Posts: 354

Rep: Reputation: 34
Having trouble with Apache Server Side Includes


I am having trouble getting server side includes to work on my localhost.
The files involved work at godaddy. Godaddy does SSI for me but localhost will not.

DISTRIBTION
Fedora 2.6.31.5-127.fc12.i686
Mysql 5.1.47
Apache 2.2.15 (Unix) DAV/2 PHP/5.3.2 .. built 4/10/210

MY CONF FILE
(1)My conf file came with the these statements included
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
...
LoadModule include_module modules/mod_include.so

(2)In <Directory "/var/www/html"> I added
Options +Includes

(3)When it didn't work I also added
XBitHack on
and made my .shtml file executable

The files involved are in /var/www/html
I still don't get SSI on localhost

Can someone suggest what I'm doing wrong?

Thanks
Dick

Last edited by rmknox; 07-25-2010 at 10:35 AM.
 
Old 07-25-2010, 11:12 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,526

Rep: Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503
Hi,

Could you post a shtml file that doesn't work to see if we can find what the problem is?
Also could you create a shtml file containing
Code:
<!--#printenv -->
and see if it works?
 
1 members found this post helpful.
Old 07-25-2010, 11:23 AM   #3
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
Here is the file
Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
	<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
	<meta name="author" content="Dick Knox" />
	<meta name="keywords" content="design, css, cascading, style, sheets, xhtml, graphic design, w3c, web standards, visual, display" />
	<meta name="description" content="Active web pages - concepts." />
	<meta name="robots" content="all" />

	<title>Knox Data </title>

	<script type="text/javascript"></script>
<style type="text/css" media="all">
	@import "images/sample.css";
</style>

</head>
<body>
<h1> Welcome to Knox-Data.com</h1>
<h2> Some current items of interest</h2>
<div>
<p><a href="pdf/">To see some pdf related ideas</a>&nbsp; </p>

<p><a href="test.php">To see resources</a>&nbsp; </p>
<!--#printenv -->
<!--#include virtual="/footer.shtml" -->
<!--#include virtual="/footer.html" --> 

<!-- could use a server side include but must tell apache -->
<!-- see http://httpd.apache.org/docs/1.3/howto/ssi.html#configuringyourservertopermitssi -->
<!-- to get godaddy to see it may need page to be shtml -->


<!--
</div>
<div id="supportingText">
	<div id="footer">
		<a href="http://validator.w3.org/check/referer" title="Check the validity of this site’s XHTML">xhtml</a> &nbsp; 
		<a href="http://jigsaw.w3.org/css-validator/check/referer" title="Check the validity of this site’s CSS">css</a> &nbsp; 
	</div>
</div>
</body>
</html>
-->
You can see it work at
http://www.knox-data.com/index.shtml
But at my location the include statement is treated as a comment

Only difference between mine and one at godaddy is that I tried the
printenv at mine and have not sent it to godaddy

printenv did not work at mine

you notice that I have tried both html and shtml as the included file
at godaddy only the footer.html exists
 
Old 07-25-2010, 11:50 AM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,526

Rep: Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503
So the following doesn't work?
Code:
<html>
<body>
<!--#printenv -->
</body>
</html>
Check apache error_log to see if you find something relevant
 
1 members found this post helpful.
Old 07-25-2010, 11:57 AM   #5
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
correct - it does not work
when i do a show source i get
Code:
<html >
<head>
</head>
<body>
<!--#printenv -->
</body>
</html>
and of course the browser renders that as a blank page

whereas when i put that page on godaddy i get a whole lot of info

Last edited by rmknox; 07-25-2010 at 12:02 PM.
 
Old 07-25-2010, 12:10 PM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,526

Rep: Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503
Are you sure you give the .shtml extension to the pages containing SSI code? Because showing a blank page means that apache does not know that a shtml page must be parsed.
And a silly question: Did you restart apache after editing httpd.conf?
 
1 members found this post helpful.
Old 07-25-2010, 12:24 PM   #7
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
Any question is fair game - I appreciate the help.

Not only is it shtml - but the exact page ftp'd to godaddy works fine there

Yes I did stop apache - apachectl stop - in fact I have rebooted the system more than once - system does not start automagically so each time i reboot i apachectl start

i am aware that apache cretes a log somewhere - could you direct me to it and i will see if it says something

again thanks so much

Dick
 
Old 07-25-2010, 12:33 PM   #8
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,526

Rep: Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503
I've also copy/paste you code here and it works as expected.
The fact is that your apache configuration looks good and it should parse SSI. Check if there is a .htaccess in /var/www/html that overrides the "+Includes" option
The log files should be under /var/log/httpd
 
1 members found this post helpful.
Old 07-25-2010, 12:41 PM   #9
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
there is no htaccess in /var/www/html

when i look at error files
there is error_log dated today

some [notice]'s and 1 warning
[warn] ./mod_dnssd.c No services found to register

wife waiting to be tqken to breakfast at McDonalds
back later
Dick
 
Old 07-25-2010, 12:54 PM   #10
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,526

Rep: Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503
Mind that it's .htaccess (filename starting with a dot), so you have to use
Code:
ls -la /var/www/html
to see if there is one.

Last edited by bathory; 07-25-2010 at 01:11 PM.
 
1 members found this post helpful.
Old 07-25-2010, 03:42 PM   #11
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
Here we are - I suspect this is what is causing the problem. Can someone help me interpret it?
Apparently when I start apache it tries to do something that offends the system and the system shurts down somethng which is probably related to SSI?
Code:
Summary:

SELinux is preventing the http daemon from connecting to network port 3306

Maybe apache and the dsl modem/server are doing a handshake which looks like an intruder attempt to the system?

Theory - maybe apache and my dsl modem/driver are interrogating one another, confusing the system?  

Detailed Description:

SELinux has denied the http daemon from connecting to 3306. An httpd script is
trying to make a network connection to a remote port. If you did not setup httpd
to make network connections, this could signal an intrusion attempt.

Allowing Access:

If you want httpd to connect to network ports you need to turn on the
httpd_can_network_network_connect boolean: "setsebool -P
httpd_can_network_connect=1"

Fix Command:

setsebool -P httpd_can_network_connect=1

Additional Information:

Source Context                unconfined_u:system_r:httpd_t:s0
Target Context                system_u:object_r:mysqld_port_t:s0
Target Objects                None [ tcp_socket ]
Source                        httpd
Source Path                   /usr/sbin/httpd
Port                          3306
Host                          knox.knox-data
Source RPM Packages           httpd-2.2.15-1.fc12.2
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.32-41.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   httpd_can_network_connect
Host Name                     knox.knox-data
Platform                      Linux knox.knox-data 2.6.31.5-127.fc12.i686 #1 SMP
                              Sat Nov 7 21:41:45 EST 2009 i686 athlon
Alert Count                   41
First Seen                    Tue 13 Jul 2010 10:31:56 AM PDT
Last Seen                     Sat 24 Jul 2010 09:59:45 AM PDT
Local ID                      4c84b5d8-aec5-48e9-a5fa-098f155dc3e0
Line Numbers                  

Raw Audit Messages            

node=knox.knox-data type=AVC msg=audit(1279990785.409:60): avc:  denied  { name_connect } for  pid=1746 comm="httpd" dest=3306 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket

node=knox.knox-data type=SYSCALL msg=audit(1279990785.409:60): arch=40000003 syscall=102 success=no exit=-13 a0=3 a1=bfcd6c10 a2=4e260c0 a3=b items=0 ppid=1738 pid=1746 auid=500 uid=48 gid=489 euid=48 suid=48 fsuid=48 egid=489 sgid=489 fsgid=489 tty=(none) ses=1 comm="httpd" exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 key=(null)
I tyied ls -la /var/www/html and it did not show .htaccess

Last edited by rmknox; 07-25-2010 at 03:50 PM.
 
Old 07-25-2010, 03:52 PM   #12
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
maybe apache and the dsl modem/server are interrogating one antother and this looks lioke a breakin to the system?
 
Old 07-25-2010, 04:14 PM   #13
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,526

Rep: Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503Reputation: 1503
This is a SELinux notification that a script tries to connect to mysql (port 3306). You can do what you're told to:
Quote:
setsebool -P httpd_can_network_connect=1
so it stops complaining, or you can use (at least temporarily)
Code:
setenforce 0
to disable SELinux and do your tests.
Try to clear browser's cache before loading any shtml file.
 
1 members found this post helpful.
Old 07-25-2010, 04:27 PM   #14
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
I looked on the web and find that 3306 is the mysql port - what I read suggested that by allowing it to be open I may be vulnerable to evil outside forces.

I have no need to allow others to get to my system since it is merely a development tool.

I am not experienced in unix and it's children - but as I understand it something on my system tries to use the port. I believe the prob occurs when I run apachectl start - does that kick off a script? or follow rules in a conf file? If so, do you know where I find it?

YOu have been very helpful - thanks so much.

Dick
 
Old 07-25-2010, 04:47 PM   #15
rmknox
Member
 
Registered: May 2010
Posts: 354

Original Poster
Rep: Reputation: 34
So I tried
setsebool -P httpd_can_network_connect=1
and it hangs
i tried with and without the "=" same result
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Configuring Apache2 to use Server Side Includes HellesAngel Linux - Server 1 09-14-2007 03:01 AM
Apache; server side include unifiedquarks Linux - Server 3 05-07-2007 06:44 AM
How do I get my Server Side Includes to work? pmedes Linux - Software 4 11-08-2004 03:25 AM
How to run a server-side Javascript in Apache Linh Programming 2 07-15-2004 10:36 AM
Server Side Includes warlock33 Linux - Software 2 02-13-2003 01:58 AM


All times are GMT -5. The time now is 08:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration