World: r3wp

The browser can only run CGI scripts through a web server, not directly.

you can't call it CGI if you run it from the console can you?

Yeah, I was a little surprised that such a script could run at all 
from the console.

I can, if it has 755 permission ...

well, I run it from Midnight Commander, maybe it is why I can run 
it .... I just press enter on script. In fact, that is how I verify, 
if the script works at all in CGI mode ...

I suspect that the environment variables and input are not filled 
when you run it directly.

ah, yes, of course, I just use it for basic check that permissions 
are ok, that my path to interpreter is ok, simply that cgi mode works 
....

now I looked at Apache log - premature end of script headers .... 
hmm, now if I would remember what it means :-) I already met with 
such an error (permission or hidden chars caused by Win-Lin script 
traversal ...)

hmm, I start to think, that if having Linux server (although it runs 
for 2 years or more without the assistance), is good for me. I simply 
have to struggle with getting into it every time I need to config 
something and maybe it is upon my skills :-( .... for occassional 
things, maybe I would better go with plain Windows XP profi plus 
some free Sendmail, FTP server and Apache ....

Have you done the line ending conversion?

no ... but I face some strange problems. I put print "Content-type: 
text/html" print newline at the beginning of the script and now it 
does not run even under console, it just says "REBOL - security violation"

ah, it is because I removed -s, sqlite wants to write to log ...

can I lower permission just for that one log file?

Use -s, and then restrict your security to what you should be able 
to do first thing.

now I get following in browser:


** Access Error: Cannot open /home/web/jablunkovsko.cz/sqlite.log 
** Where: connect ** Near: write/append/lines join log-path %sqlite.log 
reform

simply put, sqlite driver wants to write to log, but it does not 
have enough permission to do so?

Sounds like that. Or the path is invalid. Does the script run as 
another user, and/or run as chroot?

dunno, well, Apache is configured so it runs as particular user ...

when I run script from console, it of course runs, as I am root, 
and then sqlite.log is of root owner ....

maybe I need to configure apache, so it would allow to write files 
in directory other than cgi-bin, dunno ....

can you make a folder where everyone can write, and create a file 
from cgi? that should show which user.

Or maybe going windows is the better idea?

there is no option going Windows currently, I would have to redo 
all my server, I run several domains there etc. I just pray the server 
does not have hd crash one day :-)

what would be rebol code for lowering security for particular file?

eeks :)

(if it would help)

secure[path-to-directory allow]

But i guess the error-message would be "security", not "cant write".

(the path-to-directory must be copypasted, vars do not work)

I give up, I will edit sqlite driver and disable loging at all ....

it does not respect log?: false, so what to do about it .... I can't 
expect ppl using it for cgi as having other permissins than usual. 
And if it can't be fixed by setting variable, or by some secure [%sqlite.log 
allow] or something like that code, then it is not suitable for cgi

if you run with -cs, it has no security anyway. then its some permission- 
or path-problem.

yes, I run it with -cs, or it gives REBOL - security violation message 
....

I am going for cgi-based template system, and I expect to use index.cgi 
in my doc-root directory ....

can you write something in /tmp? there everyone can write usually.

well, yes, I will probably fix ti by redirecting logging, it is just 
that I would like the sqlite driver to work in such cases, as sqlite 
is cool, handy, and I will have to adapt the source with each release. 
So I would expect setting log?: false to take care of disabling logging 
;-)

i understand. but i never looked in sqlite :)

well, it is really handy ... it is SQL, that is importand ... and 
it is completly portable - imagine having small apps, you just need 
cgi-bin site and you can have your rebol app wherever .... no need 
for admin to configure mysql for you, etc., I like it. For small 
to middle stuff it is pretty ok ...

i would set log-path to %/tmp/, make sure /tmp/sqlite.log does not 
exist  and give it a last try.

actually i rarelly looked in any sql, as for my simple uses files 
are enough.

else i would look in sqlite, because the people here like it :)

yes, of course, no problems. I really liked RebDB - imo really cool 
piece of code ... but unless you need join multiple tables and have 
some more relations ....

or need locking or.., like you, then yes :)

ok, going to sleep, 1:45 am here :-) Commented logging on few places 
in driver ...

me too. good night.

good night! :-)

Petr, most likely the apache user cannot write the log file. you 
can create the log file (with touch) and chown it to the apache user.

Gabriele - not sure it is a typical log file. It is just file sqlite 
driver writes via write/new/append into current-dir, if not set oterwise 
....

I expected that once I am running rebpro -cs, I can write to files 
too .... I tried to change location of sqlite.log file, to cgi-bin, 
where write should be allowed, but still not luck. Maybe I just need 
specific Apache dir directive setting to allow that? Dunno .... so 
I commented out logging - just 4 lines or so .... I will try Ashley's 
suggestion for setting it to dev\nul ...

it's not rebol that can't write because of -s, it's the apache user 
not having permissions (from what you describe). generally apache 
never has write access to cgi-bin because that's a security risk. 
you can give it access to that single file (still risky) or move 
the file to /var/log for e.g. where apache keeps its other log files.