AltME groups homeHelpJoin REBOL3 world
  Find AltME posts   Help

Recent posts

Worlds:r4wpr3wp
AccessibilityAbout / FAQ
Member's loungeContact/FeedbackOther REBOL links
Membership:
member name

password

Remember?

Not a member? Please join
8-May 22:56 UTC
[0.055] 18.023k
r3wp [groups: 83 posts: 189283]
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

World: r3wp

Join the discussions in the REBOL3 world...

[Linux] group for linux REBOL users

older
newer		first
last
Volker
1-Aug-2006
[721x2]
can you make a folder where everyone can write, and create a file 
from cgi? that should show which user.

Or maybe going windows is the better idea?
Pekr
1-Aug-2006
[723x2]
there is no option going Windows currently, I would have to redo 
all my server, I run several domains there etc. I just pray the server 
does not have hd crash one day :-)

what would be rebol code for lowering security for particular file?
Volker
1-Aug-2006
[725]
eeks :)
Pekr
1-Aug-2006
[726]
(if it would help)
Volker
1-Aug-2006
[727x3]
secure[path-to-directory allow]

But i guess the error-message would be "security", not "cant write".

(the path-to-directory must be copypasted, vars do not work)
Pekr
1-Aug-2006
[730x2]
I give up, I will edit sqlite driver and disable loging at all ....

it does not respect log?: false, so what to do about it .... I can't 
expect ppl using it for cgi as having other permissins than usual. 
And if it can't be fixed by setting variable, or by some secure [%sqlite.log 
allow] or something like that code, then it is not suitable for cgi
Volker
1-Aug-2006
[732]
if you run with -cs, it has no security anyway. then its some permission- 
or path-problem.
Pekr
1-Aug-2006
[733x2]
yes, I run it with -cs, or it gives REBOL - security violation message 
....

I am going for cgi-based template system, and I expect to use index.cgi 
in my doc-root directory ....
Volker
1-Aug-2006
[735]
can you write something in /tmp? there everyone can write usually.
Pekr
1-Aug-2006
[736]
well, yes, I will probably fix ti by redirecting logging, it is just 
that I would like the sqlite driver to work in such cases, as sqlite 
is cool, handy, and I will have to adapt the source with each release. 
So I would expect setting log?: false to take care of disabling logging 
;-)
Volker
1-Aug-2006
[737]
i understand. but i never looked in sqlite :)
Pekr
1-Aug-2006
[738]
well, it is really handy ... it is SQL, that is importand ... and 
it is completly portable - imagine having small apps, you just need 
cgi-bin site and you can have your rebol app wherever .... no need 
for admin to configure mysql for you, etc., I like it. For small 
to middle stuff it is pretty ok ...
Volker
1-Aug-2006
[739x3]
i would set log-path to %/tmp/, make sure /tmp/sqlite.log does not 
exist  and give it a last try.

actually i rarelly looked in any sql, as for my simple uses files 
are enough.

else i would look in sqlite, because the people here like it :)
Pekr
1-Aug-2006
[742]
yes, of course, no problems. I really liked RebDB - imo really cool 
piece of code ... but unless you need join multiple tables and have 
some more relations ....
Volker
1-Aug-2006
[743]
or need locking or.., like you, then yes :)
Pekr
1-Aug-2006
[744]
ok, going to sleep, 1:45 am here :-) Commented logging on few places 
in driver ...
Volker
1-Aug-2006
[745]
me too. good night.
Pekr
1-Aug-2006
[746]
good night! :-)
Gabriele
2-Aug-2006
[747]
Petr, most likely the apache user cannot write the log file. you 
can create the log file (with touch) and chown it to the apache user.
Pekr
2-Aug-2006
[748x2]
Gabriele - not sure it is a typical log file. It is just file sqlite 
driver writes via write/new/append into current-dir, if not set oterwise 
....

I expected that once I am running rebpro -cs, I can write to files 
too .... I tried to change location of sqlite.log file, to cgi-bin, 
where write should be allowed, but still not luck. Maybe I just need 
specific Apache dir directive setting to allow that? Dunno .... so 
I commented out logging - just 4 lines or so .... I will try Ashley's 
suggestion for setting it to dev\nul ...
Gabriele
3-Aug-2006
[750]
it's not rebol that can't write because of -s, it's the apache user 
not having permissions (from what you describe). generally apache 
never has write access to cgi-bin because that's a security risk. 
you can give it access to that single file (still risky) or move 
the file to /var/log for e.g. where apache keeps its other log files.
Pekr
3-Aug-2006
[751]
thanks ....
Pekr
7-Aug-2006
[752x10]
I just verified .... it is definitely problem with permissions on 
files, and I am having headache because of it already (maybe linux 
is really not for me :-)

when I run Apache and my virtual host with SuexecUserGroup jablunkovsko 
jabladm, I can't run CGI at all, and that is strange! All directories 
and files are of owner=jablunkovsko, group=jabladm, including rebpro, 
rsp.cgi

Simple commenting out Suexec directive enables me to run CGI ... 
but still not luck writing to file. My friend suggested me to add 
../db/ dir permissions of 777, to see what happens. Then yes, I can 
see %log.txt generated, owner and group is apache ....

but - log.txt is just an example. It is not option for me to have 
files I want to write to placed somewhere else, as I will/want to 
use sqlite and surely want it have accessible via ftp easily, directly 
in directory I want.

what I wonder is - why it is not enough to set chmod 666 for that 
directory? It clearly states that everybody can read and write in 
/db/ directory ....

setting it to 777 sounds possible, but kind of masochistic to me 
:-)

I also played with setuid etc. settings, to have Apache using particular 
permissions of /db/ directory, but still not luck ....

hmm, now I tried su apache, and my sestem tells me, that there is 
no such an user. Could that be a problem? That server was set-up 
for me some 3 years ago, so I don't remember properly, how it was 
configured ....

hmm, the account is there, it is just it has probably set /sbin/nologin 
in passwd ...

Hmm, I allowed for user apache to log in, I can get to each directory, 
but "cd db" returns "permission denied" - why it is so?

drwxr-sr-x  2 jablunkovsko jabladm  4096 Jan 11  2005 about
drwxr-sr-x  4 jablunkovsko jabladm  4096 Aug  7 16:04 akce
drwxr-sr-x  3 jablunkovsko jabladm  4096 Jul  3 20:03 aktuality
drwxr-xr-x  2 jablunkovsko jabladm  4096 Aug  6 19:01 cgi-bin
drwxr-sr-x  3 jablunkovsko jabladm  4096 Nov  2  2005 COD
drwxr-sr-x  5 jablunkovsko jabladm  4096 Jul  3 20:04 cyklo
drwxr-sr-x  2 jablunkovsko jabladm  4096 Aug  2 00:04 data
drw-rw-rw-  2 jablunkovsko jabladm  4096 Aug  7 14:29 db
drwxr-sr-x  4 jablunkovsko jabladm  4096 Jul  3 20:05 fotogalerie
Henrik
7-Aug-2006
[762]
setting permission to executable for a directory allows you to enter 
it
Pekr
7-Aug-2006
[763x7]
btw - what is the difference in "s" and "S"? I don't remember how 
those "s" got in there. Are those user/grup id? If I set such manually, 
I get "S", not "s".

why can I enter each other dir, but not db dir?

ah, got it ...

so to enter directory, I need to set x bit for it?

but not necessarily for files inside, right?

is setting recursively "s" option for files and diretories good to 
achieve correct user/group ids when copying via ftp? Or it is not 
necessary?

I think that I don't need those "s" bits, but before I remove it, 
I better ask :-)
Tomc
7-Aug-2006
[770]
group "s" on a dir  says that by default; all  files and dirs created 
below me will have the same  group ownership/perms that I have.
older
newer		first
last