I have been running a LAMP stack for awhile now but have never really explored the server side end of things. What I am trying to do is have a python script on a website run a bash command. This will accomplish a system so someone can create an account for proxy access via a webpage. I am running Ubuntu server edition 8.04.1
Here is my python script (For testing purposes) to do so:
import os
def main():
username = "Test1"
password = "Enter new password"
os.system("htpasswd -b /etc/squid/passwd '%s' '%s'" % (username.replace("'"$
return apache.OK
if __name__ == '__main__': main()
Now I read a bit on the net and from what I gathered I would need to run this as a CGI script. So I placed it in my /usr/lib/cgi-bin/ directory as a .py file.
Then when I go to my site (mysite.com/cgi-bin/program.py)
I get a 500 internal server error. So Once again I looked around and I figured out that I had bad handlers in my site configuration so I tried various different things and nothing seemed to work so I reset my site configuration to as follows:
NameVirtualHost *
<VirtualHost *>
ServerAdmin webmaster@localhost
DocumentRoot /home/carter/public_html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/carter/public_html>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
Here is a section of my error log that pertains to this error:
[Sun Dec 07 06:33:46 2008] [notice] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.
[Sun Dec 07 06:33:46 2008] [notice] mod_python: using mutex_directory /tmp
[Sun Dec 07 06:33:46 2008] [notice] Apache/2.2.8 (Ubuntu) mod_python/3.3.1 Python/2.5.2 PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch configured -- resuming normal operations
[Sun Dec 07 09:42:16 2008] [error] [client 222.187.220.162] script '/home/carter/public_html/prx1.php' not found or unable to stat
[Sun Dec 07 18:51:35 2008] [error] [client 137.186.97.98] File does not exist: /home/carter/public_html/favicon.ico
[Sun Dec 07 22:14:22 2008] [error] [client 192.168.1.4] File does not exist: /home/carter/public_html/mad_scientist.txt
[Sun Dec 07 22:24:23 2008] [error] [client 72.25.192.4] File does not exist: /home/carter/public_html/favicon.ico
[Sun Dec 07 23:52:00 2008] [error] [client 222.187.220.162] script '/home/carter/public_html/prx1.php' not found or unable to stat
[Mon Dec 08 17:53:46 2008] [notice] caught SIGWINCH, shutting down gracefully
[Mon Dec 08 17:53:57 2008] [notice] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.
[Mon Dec 08 17:53:57 2008] [notice] mod_python: using mutex_directory /tmp
[Mon Dec 08 17:53:57 2008] [notice] Apache/2.2.8 (Ubuntu) mod_python/3.3.1 Python/2.5.2 PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch configured -- resuming normal operations
[Mon Dec 08 17:54:23 2008] [error] [client 192.168.1.4] (8)Exec format error: exec of '/usr/lib/cgi-bin/carternet.py' failed
[Mon Dec 08 17:54:23 2008] [error] [client 192.168.1.4] Premature end of script headers: carternet.py
My guess is that the webserver does not have permissions to run the htpasswd command and store the file in /etc/squid/passwd.
The other possibility, if your code as posted is what you actually used is the fact that the line running the htpasswd is syntactically incorrect ( I assume the end of the line is just missing in your post).
Yeah, sorry, I didn't realize the script was cut off, although it seemed to only be cut off when I posted here (The actual script on the box is fine). I also thought it was a permissions problem but I gave my cgi-bin and the script it's self 777 permissions.
It is the premature end of headers that is causing the 500 Internal error.
Never give cgi-bin 777 permissions and never give anything in cgi-bin 777 permissions.
Try running your python script as the apache user (www-data) and see if it give any errors. I think the problem is in your script, not in the headers it creates. The reason it gives the header error is that the script exits with a non-zero exit code, and I'm pretty sure it's to do with the permissions of the webserver user to write to /etc/squid/passwd.
Well, I had acctually cleared the error log just a short while ago, but here is what it is saying:
[Sun Dec 14 00:53:57 2008] [error] [client 192.168.1.65] (2)No such file or directory: exec of '/usr/lib/cgi-bin/carternet.py' failed
[Sun Dec 14 00:53:57 2008] [error] [client 192.168.1.65] Premature end of script headers: carternet.py
Wouldn't it not matter what user I run it under due to it having 777 permissions. But to be sure could you give me the command to run the program under the www-data account?
Like I can run it under my normal user account without having to be root.
Command ran just fine under the www-data user. I know using 777 is a huge security hole -especially in the cgi-bin- but once I have this problem fixed I will patch that security hole. This server is inside my home LAN right now and is not available to the public.