sulfericacid has asked for the wisdom of the Perl Monks concerning the following question:

Same problem I've been having for the week so far. My script makes directories but the problem is I can't make them so I can later remove the directories or even add things to them. I don't have permissions to use the folder my script just setup (even thought it's 0755). I've tried chowning using 1220 for my gid and uid but that didn't change the ownership of the directories either.

I could be doing it wrong I suppose so I posted the script below to see if anyone notices a bug pertaining to this problem. I know you're not likely to change ownership without being a superuser but 1220 is my account information so I don't see what's holding back.

Any advice? 

#!/usr/bin/perl -w

use strict;
use diagnostics;
use CGI qw(:standard);
use POSIX;

require SDBM_File;
my $location = "stored.dbm";
my %stored;
my @chars = ("a".."z","A".."Z");
my $chars;
my $ID;
my $uid = "1220";
my $gid = "1220";

    chomp( my $user = param('user') );
    chomp( my $pass = param('pass') );

tie %stored, 'SDBM_File', $location, O_CREAT | O_RDWR, 0644;

print header, start_html('Log In');
print start_form(), table(
    Tr( td("Username"), ),
    Tr(
        td(
            textfield(
                -name => 'user',
                -size => 20
            ),
        )
    ),
    Tr( td("Password"), ),
    Tr(
        td(
            textfield(
                -name => 'pass',
                -size => 20
            ),
        )
    )
  ),
  Tr( td(submit), ), end_form();

if ( param() ) {
if (exists $stored{$user}) {
print "User name already in use, please try another";
exit; 
}
    if (($pass) && ($user)) {    
$ID = join '', map { $chars[ rand @chars ] } 1..10; }
    
my @combine = ($pass, $ID);

$stored{$user} = join "::", @combine;    
print "random id was $ID<br>";
my $dir = $ENV{'DOCUMENT_ROOT'} . "/new/" . $ID;

mkdir($dir, 0755);
chown $uid, $gid, $dir;

print "folder $dir was created";
print "<br>";
print "Test printing<br>";
foreach (sort keys(%stored)) {
print "$_ => $stored{$_}<br>";
}

}

[download]


"Age is nothing more than an inaccurate number bestowed upon us at birth as just another means for others to judge and classify us"

sulfericacid

Replies are listed 'Best First'.
Re: File ownership
by Improv (Pilgrim) on Apr 23, 2003 at 15:56 UTC
    I'm presuming by not being able to later remove them, you mean from your user account (that is, not from apache's account). Remember that apache runs your cgi as a different user than you log in as. Because of that, there's no way for apache to know that it's ok for your CGI to give files to you.
[reply]
      Do you have any idea on how I'd check to see if this number actually belongs to me or not? I don't run the web server and people have been directing me to /etc/passwd lately but that won't help any.

      I meant that the folder is created but when I connect using SSH I have no rights to add, move, delete, rename anything about the folder itself. Now I have folders I can't get rid of until I figure out how to change the ownership.

      "Age is nothing more than an inaccurate number bestowed upon us at birth as just another means for others to judge and classify us"

      sulfericacid

[reply]
        Do a ls -ld on the folder, or ls -l on the files. You should get output like the following: 
        -rwxr-xr-x    1 pgunn    users         143 Apr 17 14:09 titler
drwxr-xr-x   11 pgunn    users        2048 Apr 18 12:18 tmp
drwxr-xr-x    3 pgunn    users        2048 Mar 13 10:22 tmpmy
-rw-------    1 pgunn    patlocal   446033 Nov 26 09:33 vim_documentation.pdf
-rw-------    1 pgunn    users     3219465 Feb 11 10:14 why_good_companies_go_bad.pdf
        The third field is the owner, the fourth is the group.
[reply]
Re: File ownership
by jasonk (Parson) on Apr 23, 2003 at 15:57 UTC

    Chances are good the webserver isn't running the script as you, so the directories created are not owned by you, and you are not allowed to change them.

    We're not surrounded, we're in a target-rich environment!
[reply]
Re: File ownership
by Limbic~Region (Chancellor) on Apr 23, 2003 at 23:48 UTC
    sulfericacid,
    Your problem is not with your code, but your understanding of *nix file systems. You really need to spend some time understanding how these work. Here is some helpful advice:
    Read more... (2 kB)

    So finally to your question: How can you delete all the files and directories created by your CGI script.

    One idea would be to make sure you and the apache daemon's account (typically nobody) are both in the same group. Then just make sure that anything you create (directory or file) is writeable by group.

    Another bad idea would be to give everything 777 permissions. Please do not consider this an option - security.

    The best idea would be for you to absorb this information and come up with what is the best solution for you in your environment.

    Cheers - L~R

[reply]
Re: File ownership
by TVSET (Chaplain) on Apr 23, 2003 at 16:05 UTC
    Check which group your apache uses (apache/nobody/whatever) and add yourself to that group. Then use 775 mode (ug+rwx,o+rx) for your files and directories. This way you will be able to access them both through your CGIs (as user apache) and direct filesystem access (as yourself).

    Leonid Mamtchenkov

[reply]
      Don't forget the sticky bits for directories so that new files maintain the group ID. (a+s)

      --Coplan

[reply]

Back to Seekers of Perl Wisdom