holandes777 has asked for the wisdom of the Perl Monks concerning the following question:

Hi All: Basically, a program that talks to a server and gets a response when run from the command line gets a "permission denied" when run through apache.
 
This may be the wrong place for this, but since you guys are great at this, one of you may have an idea. Otherwise, if you have a good forum to send me to I would appreciate it.
 
Here Goes:
 
apache runs as user snr and the files are 755, user and group snr. They are in /var/www/cgi-bin.  
#!/usr/bin/perl
use strict;
use Time::HiRes qw( usleep time gettimeofday tv_interval );
use LWP;
use HTTP::Request::Common;
use URI::Escape;
use CGI qw/:standard *table start_ul use_named_parameters/;     # load
+ standard CGI routines
use CGI::Carp qw /fatalsToBrowser/;
use CGI::Pretty ":standard";

print "Content-Type: text/html\r\n\r\n";
print "<HTML>\n";
print "<HEAD>\n";
print "</HEAD>\n";
print "<BODY>\n";
print "<CENTER>\n";

my @SNSresponse;
sSendToSNS('192.168.0.8','80','SNSphone2e.pl','EX=RUT&LOGIN=test&PASSW
+ORD=test&FLOORID=TEST&HPNUM=1234','me',\@SNSresponse);

print "</CENTER>\n";
print "</BODY></HTML>\n";
exit;

sub sSendToSNS {
   my $ip = $_[0];
   my $port = $_[1];
   my $script = $_[2];
   my $msg = $_[3];
   my $caller = $_[4];
   my $retarray = $_[5];
   my $retval = 0;
   my $response;
   if ( my $ua = LWP::UserAgent->new ) {
      $ua->timeout(30);
      my $request = POST( "http://$ip/scripts/$script",
                          Content_Type => 'form_data',
                          Content => [ message => [$msg] ]);

      # 20030317 gk - this methodology sends a properly formatted POST
+ with key/value pairs.
      # it does not work because it does not ADD to the POST but repla
+ces it
      # need to fix this
      $response = $ua->request($request);
print "\$ip=|$ip|, \$script=|$script|, \$msg=|$msg|<BR>\n";
      if ( $response->is_success ) {
         my $returnmsg = $response->content;
         if ( grep(/\%\%DATA RECEIVED/,$returnmsg) ) {
            my @returnline = split(/\n/,$returnmsg);
            foreach my $line ( @returnline ) {
print "\$line=|$line|<BR>\n";
               if ( substr($line,0,4) eq 'SNS:' ) {
                  push(@$retarray,$line);
               }  # end if ( substr($line,0,4) eq 'SNS:' )
            } # end foreach my $line ( @returnline )
         } # end if ( grep(/\%\%DATA RECEIVED/,$returnmsg) )
      } else {
         print "failed response $!<BR>\n";
      } # end if ( $response->is_success )
   } else {
      print "failed ua $!<BR>\n";
   } # end if ( my $ua = LWP::UserAgent->new )
   return;
}

[download]
 
if the script is run from the command prompt the result is that it can receive data from the other server.
 
[root@localhost cgi-bin]# perl kk.pl
Content-Type: text/html

<HTML>
<HEAD>
</HEAD>
<BODY>
<CENTER>
$ip=|192.168.0.8|, $script=|SNSphone2e.pl|, $msg=|EX=RUT&LOGIN=test&PA
+SSWORD=test&FLOORID=TEST&HPNUM=1234|<BR>
$line=|<HTML>|<BR>
$line=|<HEAD></HEAD>|<BR>
$line=|<BODY>|<BR>
$line=|SNS:%%DATA RECEIVED|<BR>
$line=|SNS:ACK=|<BR>
$line=|SNS:HPNUM=1234&USERTYPES=As,Bs|<BR>
$line=||<BR>
$line=||<BR>
$line=|TIME=2007-05-02 17:50:05.114979&ETIME=1178149805.114979</BODY><
+/HTML>|<BR>
</CENTER>
</BODY></HTML>
[root@localhost cgi-bin]#

[download]
 
The same script run though a browser: http://127.0.0.1/cgi-bin/kk.pl
 
$ip=|192.168.0.8|, $script=|SNSphone2e.pl|, $msg=|EX=RUT&LOGIN=testcas
+hier&PASSWORD=testcashier&FLOORID=TEST&HPNUM=1234|
failed response Permission denied

[download]

Replies are listed 'Best First'.
Re: mod_perl, apache and permissions
by TOD (Friar) on May 03, 2007 at 02:15 UTC
    that is probably not a perl problem, but one of apache's configuration. the following snippet should be able to solve your problem: 
       ScriptAlias /cgi-bin/ /var/www/cgi-bin/
   <Directory "/var/www/cgi-bin">
      AllowOverride None
      Options +ExegCGI -Multiviews
      Order allow,deny
      allow from all
   </Directory>

    [download]


    --------------------------------
    masses are the opiate for religion.
[reply]
[d/l]
      Thanks for trying, but the situation remains unchanged even with the Options set to +ExecGCI -Multiviews.
       
      Other perl scripts were working fine even without those directives.  
      I'm sure this is not a perl problem. What's weird is that all I'm doing is fetching a page from another server, yet apache's security gets in the way of that.
       
      I saw that apache does not allow much to happen in cgi-bin for security reasons. I had to write my script data out to /var/www/html/DATA. Is it that apache is set up to regect any input that is not "trusted"?
       
      Any other ideas?
[reply]
        Apache permissions, linux permissions... examine each and every one
[reply]
Re: mod_perl, apache and permissions
by almut (Canon) on May 03, 2007 at 23:06 UTC

    The "Permission denied" your script is reporting in case of a failed request probably doesn't mean much, as you're reporting $! in 

             print "failed response $!<BR>\n";

    [download]

    The value of $! most likely is just some leftover unrelated (local) system error, not the reason the LWP request failed...

    I suspect you rather want something like this to report the actual HTTP status code/message (which might provide a better hint at what's going wrong): 

          $response = $ua->request($request);
      if ( $response->is_success ) {
         # ...
      } else {
         print $response->status_line, "\n";
      }

    [download]
[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom