Sorry Bill! Sent off-list by accident again...appipollylogies! Best Wishes! Mike Olds www.buddhadust.org
||> I believe I have traced my problem in setting up CGI bins on two ||> VirtualHosts to the fact that SuEXEC is incorrectly configured (it is ||> enabled and I get "suexec: enabled; valid wrapper ||/usr/lib/apache/suexec".) ||> The error I get is: "cannot get docroot information /var/www" ||(the Debian ||> Apache default docroot). || ||That's typically either a permsissions problem or can chdir to a ||directory. I do not know what "or can chdir to a directory" means. ?It cannot change directories? || It might be that you have group write perms on a directory. No. Double checked. ||Look at the suexec docs at what it goes through to before it will run a ||user's script. That might give you ideas where to look. || ||http://httpd.apache.org/docs/suexec.html Look at "suEXEC Security Model". || || ||Another very useful trick is to run httpd -X (single process mode) and ||then use strace -- although I'm not sure if strace will follow the forks. ||You look for a failed system call and that's noramlly the problem. The above is beyond my understanding. || But it might be easier to try and follow the docs carefully. This I am trying to do. I have read the suggested documentation a couple few times now, including the monstrous routine it goes through to get a connection going...! And I have it open in front of me now and am running down the list. 1. Am I correct in understanding that I can have one account set up (to test it) that should work under suEXEC while another is not and it should work on the test account? if so: 2. How deep does the "no group write thing need to go?" (in other words, does it apply above the cgi-bin (Well I tried changing it to Group apache (the apache group) r -- enter, above /public_html with no change) This is the Virtual Host setup: <VirtualHost ~> ServerName name.of.host DocumentRoot "/www/user2/public_html" User name2 (a test name belonging to no other group than name2 Group, with no special privelages at all) Group name2 ScriptAlias /cgi-bin-2/ "/www/user2/public_html/cgi-bin-2" <Directory "/www/user2/pulic_html/cgi-bin-2" AllowOverride None Order allow,deny Allow from all Options ExecCGI </Directory> </VirtualHost> This is the Directory Structure: Server DocumentRoot /www /www/user2/public_html/cgi-bin-2/directory/*.cgi for *.cgi (simple test script that works in the working cgi dir.) User name2 r r x Group name2 r - x World -- For directory User name2 r r x Group name2 r - x World -- For cgi-bin-2 User name2 r r x Group name2 r - x World -- Calling the script: I get "Forbidden" and the suEXEC error is as above: emerg: cannot get docroot information (/var/www) info: (target actual) uid: (user2/user2) gid (user2/user2): cmd *.cgi The VirtualHost works fine just serving html docs. This looks to me like suEXEC is looking in /var/www which is the apache default DocumentRoot, but is not my DocumentRoot. Best Wishes! Mike Olds www.buddhadust.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
