World: r3wp
[!Cheyenne] Discussions about the Cheyenne Web Server
| older newer | first last |
| GrahamC 7-May-2011 [10362] | When I included the definitions in the app-init, users would access other users' db! |
| Kaj 7-May-2011 [10363x4] | Data wants to be free |
Switching away from root is impossible when the RSP module is disabled: | |
7-May-2011/20:07:17+2:00 : make object! [
code: 311
type: 'script
id: 'invalid-path
arg1: 'mod-rsp
arg2: none
arg3: none
near: [if exists? file: service/mod-list/mod-rsp/sessions/ctx-file
[try-chown file uid gid]]
where: 'set-process-to
]
| |
from crash.log | |
| Dockimbel 8-May-2011 [10367x2] | Kaj: pushed a fix for that in r139. |
When I included the definitions in the app-init, users would access other users' db! Have you used session variables to store user-specific data? Everything else is unsafe. | |
| Kaj 8-May-2011 [10369x5] | Thanks, nice turnaround :-) |
Next problem when trying to switch away from root: | |
8-May-2011/17:30:23+2:00 : make object! [
code: 303
type: 'script
id: 'expect-arg
arg1: 'zero?
arg2: 'number
arg3: [number! pair! char! money! time! tuple!]
near: [if any [zero? gid not zero? set-gid gid] [log/error ["setgid
'" group " failed!"]]
if
]
where: 'set-process-to
]
| |
I've checked that I'm doing everything right according to the latest Cheyenne conventions. I have a fairly standard httpd.cfg with this: | |
globals [ user "www" group "www" | |
| Dockimbel 8-May-2011 [10374x5] | Odd, maybe a regression in the latest revisions...I will test that on my local linux box in a few minutes. |
Kaj: can you try with user "www" only? | |
(without the 'group line) | |
Also, could you run Cheyenne in verbose mode (-vvvv) and check the boot logs for any error message? | |
The only cause of the error you've reported above, is that something unexpected happened when trying to access and parse %/etc/passwd and %/etc/group. Anything special with these files on your system (compared to e.g., Ubuntu)? | |
| Kaj 8-May-2011 [10379x4] | Without group the error is still exactly the same |
This is a custom Linux, so no comparison to Ubuntu :-) | |
One difference is that the root user and group are called "system", but I didn't find a problem with that in my Cheyenne patch a year ago | |
It works if I only use group, although it's hard to check that the group has actually changed | |
| Dockimbel 8-May-2011 [10383x4] |
Could you extract the mod-userdir/get-id function and try to run
it from a REBOL console using:
col: #":"
get-id "www"
|
Hmm, wait, I think the problem is related to the 'set-gid function. | |
Are you using the Pro or Command binary? (I guess it is the r139 one) | |
I have found a bug with the 'chown function. | |
| Kaj 8-May-2011 [10387] | Pro 135 |
| Dockimbel 8-May-2011 [10388] | Did you see any error in Cheyenne log file (chey-pid-*.log or crash.log)? |
| Kaj 8-May-2011 [10389x2] | Wait, I have r137 now |
The errors I quoted are from crash.log. I'll do the -vvvv thing, but have to do it later tonight | |
| Dockimbel 8-May-2011 [10391x4] | Ok, I think it is not needed anymore. It seems that the set-gid call is failing on your system for group "www". Set-gid returns a logic! or none! value if running on a 2.7.8 kernel and an integer! for previous kernels (due to different mappings), that is what's causing the error. |
If only Carl has freed /Library on Linux instead of adding 'access-os native...it would have saved me a lot of coding/debugging time... | |
Has anyone else than me played with 'access-os native. I can't get it return any consistent value... | |
It seems that the messy behaviour is underneath 'access-os (the setgid/setuid OS calls). | |
| onetom 8-May-2011 [10395] | i can try on mac too, if u tell me what should be tried |
| Dockimbel 8-May-2011 [10396x4] | Kaj: I have pushed a fix (needs testing). |
Mac: wow, forget about it... | |
forget => forgot | |
I am pushing the same fixes for Mac now. | |
| onetom 8-May-2011 [10400] | now, im getting multiple errors within the same trace: ** Access Error : Cannot open /Users/onetom/p/ob/wfm/app-init.r ** Access Error : Cannot open /Users/onetom/p/ob/app-init.r why is it trying both locations? is it normal? |
| Dockimbel 8-May-2011 [10401] | Never saw such error before. |
| onetom 8-May-2011 [10402] | the html error page says: Redirection Trapped |
| Dockimbel 8-May-2011 [10403] | Means a 30x HTTP code was returned by the request. |
| onetom 8-May-2011 [10404x2] | needless to say i've created both app-init.r files for the sake of the experiment w a content of REBOL[] but im still getting the error |
why is it giving me an error page? because of the debug option in the config file or because of the -vvvv? | |
| Dockimbel 8-May-2011 [10406] | 'debug keyword is producing error pages. |
| onetom 8-May-2011 [10407x2] | ok, it's the debug |
the funny thing is im trying to "debug" from the command line and i have to login to the app 1st but if the debug flag is on, im getting back and error page and multiple session cookies | |
| Dockimbel 8-May-2011 [10409] | Multiple? |
| onetom 8-May-2011 [10410] |
Cookie {RSPSID=YVCBKGUZKHKSJGXVCBSTYDIK; RSPSID=YARKPZJMKJUNWDZRFOLUKJTE}
login "test"
pass "letmein"
Session ID "YARKPZJMKJUNWDZRFOLUKJTE"
|
| Dockimbel 8-May-2011 [10411] | Remember that you can add debug/off at any time to any page. |
| older newer | first last |