Executing htpasswd from within web cgi

jdh has asked for the wisdom of the Perl Monks concerning the following question:

How can I execute htpasswd (or any other command for that matter) from within a perl cgi script via a web browser. I can't figure out why the following works from the command line ("perl scriptname") but not when invoked from the web.

$cmd = "htpasswd -b myusers user3 pass";

print <<EOF
Content-type: text/html

<pre>
Executing '$cmd'

EOF
;

# split the args into a list of strings
@args = split(/\s+/, $cmd);
# fork a new process off (child process gets 0 from this)
if( not ($kid = fork()) ) # are we the kid process?
{
        # if so, do what we want to do
        exec { $args[0] } @args;
        # exit cleanly
        exit(0);
}

# wait for the child to exit
waitpid($kid,0);
# print something back
print "\n\nAnd now we returned back\n";
[download]

Comment on Executing htpasswd from within web cgi Download Code

Replies are listed 'Best First'.
Re: Executing htpasswd from within web cgi by agentv (Friar) on Sep 18, 2002 at 21:15 UTC
...bear in mind that when your CGI script runs, the world looks different to your script than when you run it by hand under your own account. Code that executes as CGI will typically only know a part of the host filesystems, not the entire set of all directories and files. In addition, it will be executed as if were the user nobody in most cases. (Or at least as a user with minimal privilege on the server.) So you may have to provide the full path to htpasswd when your script is run. With luck, all you have to do is change this line: `$cmd = "htpasswd -b myusers user3 pass";` [download] to something like this: `$cmd = "/opt/httpd/bin/htpasswd -b myusers user3 pass";` [download] where you supply the accurate pathname to your htpasswd binary. Hope that helps. ...All the world looks like -well- all the world, when your hammer is Perl. ---v	[reply] [d/l] [select]
Seeing What nobody Sees by Wally Hartshorn (Hermit) on Sep 18, 2002 at 21:45 UTC
Depending on how your Unix box is configured, if you have root access on your box, you can login as nobody like this: `su - nobody` (No password needed, since you were root.) By including the dash in the su command, you'll get nobody's environment. (Otherwise you'll inherit root's.) You can then try running the command and see what happens. Wally Hartshorn	[reply] [d/l]
Re: Executing htpasswd from within web cgi by Zaxo (Archbishop) on Sep 18, 2002 at 21:17 UTC
Do that with system, or when you want the text a command prints, backticks. After Compline, Zaxo	[reply]