World: r3wp
[Linux] group for linux REBOL users
| older newer | first last |
| Pekr 1-Aug-2006 [707x3] | ah, yes, of course, I just use it for basic check that permissions are ok, that my path to interpreter is ok, simply that cgi mode works .... |
now I looked at Apache log - premature end of script headers .... hmm, now if I would remember what it means :-) I already met with such an error (permission or hidden chars caused by Win-Lin script traversal ...) | |
hmm, I start to think, that if having Linux server (although it runs for 2 years or more without the assistance), is good for me. I simply have to struggle with getting into it every time I need to config something and maybe it is upon my skills :-( .... for occassional things, maybe I would better go with plain Windows XP profi plus some free Sendmail, FTP server and Apache .... | |
| BrianH 1-Aug-2006 [710] | Have you done the line ending conversion? |
| Pekr 1-Aug-2006 [711x3] | no ... but I face some strange problems. I put print "Content-type: text/html" print newline at the beginning of the script and now it does not run even under console, it just says "REBOL - security violation" |
ah, it is because I removed -s, sqlite wants to write to log ... | |
can I lower permission just for that one log file? | |
| BrianH 1-Aug-2006 [714] | Use -s, and then restrict your security to what you should be able to do first thing. |
| Pekr 1-Aug-2006 [715x2] | now I get following in browser: ** Access Error: Cannot open /home/web/jablunkovsko.cz/sqlite.log ** Where: connect ** Near: write/append/lines join log-path %sqlite.log reform |
simply put, sqlite driver wants to write to log, but it does not have enough permission to do so? | |
| Volker 1-Aug-2006 [717] | Sounds like that. Or the path is invalid. Does the script run as another user, and/or run as chroot? |
| Pekr 1-Aug-2006 [718x3] | dunno, well, Apache is configured so it runs as particular user ... |
when I run script from console, it of course runs, as I am root, and then sqlite.log is of root owner .... | |
maybe I need to configure apache, so it would allow to write files in directory other than cgi-bin, dunno .... | |
| Volker 1-Aug-2006 [721x2] | can you make a folder where everyone can write, and create a file from cgi? that should show which user. |
Or maybe going windows is the better idea? | |
| Pekr 1-Aug-2006 [723x2] | there is no option going Windows currently, I would have to redo all my server, I run several domains there etc. I just pray the server does not have hd crash one day :-) |
what would be rebol code for lowering security for particular file? | |
| Volker 1-Aug-2006 [725] | eeks :) |
| Pekr 1-Aug-2006 [726] | (if it would help) |
| Volker 1-Aug-2006 [727x3] | secure[path-to-directory allow] |
But i guess the error-message would be "security", not "cant write". | |
(the path-to-directory must be copypasted, vars do not work) | |
| Pekr 1-Aug-2006 [730x2] | I give up, I will edit sqlite driver and disable loging at all .... |
it does not respect log?: false, so what to do about it .... I can't expect ppl using it for cgi as having other permissins than usual. And if it can't be fixed by setting variable, or by some secure [%sqlite.log allow] or something like that code, then it is not suitable for cgi | |
| Volker 1-Aug-2006 [732] | if you run with -cs, it has no security anyway. then its some permission- or path-problem. |
| Pekr 1-Aug-2006 [733x2] | yes, I run it with -cs, or it gives REBOL - security violation message .... |
I am going for cgi-based template system, and I expect to use index.cgi in my doc-root directory .... | |
| Volker 1-Aug-2006 [735] | can you write something in /tmp? there everyone can write usually. |
| Pekr 1-Aug-2006 [736] | well, yes, I will probably fix ti by redirecting logging, it is just that I would like the sqlite driver to work in such cases, as sqlite is cool, handy, and I will have to adapt the source with each release. So I would expect setting log?: false to take care of disabling logging ;-) |
| Volker 1-Aug-2006 [737] | i understand. but i never looked in sqlite :) |
| Pekr 1-Aug-2006 [738] | well, it is really handy ... it is SQL, that is importand ... and it is completly portable - imagine having small apps, you just need cgi-bin site and you can have your rebol app wherever .... no need for admin to configure mysql for you, etc., I like it. For small to middle stuff it is pretty ok ... |
| Volker 1-Aug-2006 [739x3] | i would set log-path to %/tmp/, make sure /tmp/sqlite.log does not exist and give it a last try. |
actually i rarelly looked in any sql, as for my simple uses files are enough. | |
else i would look in sqlite, because the people here like it :) | |
| Pekr 1-Aug-2006 [742] | yes, of course, no problems. I really liked RebDB - imo really cool piece of code ... but unless you need join multiple tables and have some more relations .... |
| Volker 1-Aug-2006 [743] | or need locking or.., like you, then yes :) |
| Pekr 1-Aug-2006 [744] | ok, going to sleep, 1:45 am here :-) Commented logging on few places in driver ... |
| Volker 1-Aug-2006 [745] | me too. good night. |
| Pekr 1-Aug-2006 [746] | good night! :-) |
| Gabriele 2-Aug-2006 [747] | Petr, most likely the apache user cannot write the log file. you can create the log file (with touch) and chown it to the apache user. |
| Pekr 2-Aug-2006 [748x2] | Gabriele - not sure it is a typical log file. It is just file sqlite driver writes via write/new/append into current-dir, if not set oterwise .... |
I expected that once I am running rebpro -cs, I can write to files too .... I tried to change location of sqlite.log file, to cgi-bin, where write should be allowed, but still not luck. Maybe I just need specific Apache dir directive setting to allow that? Dunno .... so I commented out logging - just 4 lines or so .... I will try Ashley's suggestion for setting it to dev\nul ... | |
| Gabriele 3-Aug-2006 [750] | it's not rebol that can't write because of -s, it's the apache user not having permissions (from what you describe). generally apache never has write access to cgi-bin because that's a security risk. you can give it access to that single file (still risky) or move the file to /var/log for e.g. where apache keeps its other log files. |
| Pekr 3-Aug-2006 [751] | thanks .... |
| Pekr 7-Aug-2006 [752x5] | I just verified .... it is definitely problem with permissions on files, and I am having headache because of it already (maybe linux is really not for me :-) |
when I run Apache and my virtual host with SuexecUserGroup jablunkovsko jabladm, I can't run CGI at all, and that is strange! All directories and files are of owner=jablunkovsko, group=jabladm, including rebpro, rsp.cgi | |
Simple commenting out Suexec directive enables me to run CGI ... but still not luck writing to file. My friend suggested me to add ../db/ dir permissions of 777, to see what happens. Then yes, I can see %log.txt generated, owner and group is apache .... | |
but - log.txt is just an example. It is not option for me to have files I want to write to placed somewhere else, as I will/want to use sqlite and surely want it have accessible via ftp easily, directly in directory I want. | |
what I wonder is - why it is not enough to set chmod 666 for that directory? It clearly states that everybody can read and write in /db/ directory .... | |
| older newer | first last |