chmod/chown problem with httpd

lakeTrout has asked for the wisdom of the Perl Monks concerning the following question:

Hi Folks,

I have a CGI that writes to a flat file and does some other functionality. I have built an "admin" front-end to edit the records of the flat file (by pre-populating the form the user entered, allowing the admin to make edits/changes). That works just fine, but now I want to have the ability to DELETE a record/line in the flat file -- and I think it is because it's owned by httpd. I would make sense if I'm having permission issues as nothing happens when I try to delete but the code checks clean. Here's the relevant snippets.


$logfile = "tempfile.tmp";
$logfileOrig = "logfile.log";


chmod 777, $logfile;     #the 777 is for testing,  
chmod 777, $logfileOrig; #it won't be WIDE open

sub makeff {

    #copy existing logfile to tempfile, while skipping record I want d
+eleted
        
    open (LOGFILE, ">$logfile") or die("Can't Open Log File at $logfil
+e");
    open (ORIG, "<$logfileOrig") or die("Can't Open Log File at $logfi
+leOrig");

    while (my $origLine = <ORIG>) {

    $currentline ++;
        print LOGFILE $origLine unless $currentline == $linenumber;
    }

    close (ORIG);
    close (LOGFILE);
    rename $logfile, $logfileOrig if $linenumber;
}
[download]

$linenumber is the value passed to the delete CGI

       print OUTFILE "<FORM NAME=\"FORM\" METHOD=\"POST\" ACTION=\"del
+ete.cgi\">";
       print OUTFILE "<input type='hidden' name='linenumber' value='$l
+inenumber'>";
       print OUTFILE "<INPUT TYPE=SUBMIT VALUE=\"DELETE THIS RECORD\">
+</FORM><br>\n";
[download]

Note there is no administration of this server and I can't su into it either. Please let me know if you see where I'm off somewhere. Thanks Folks!

lakeTrout

UPDATE: I added essentially the entire script to my scratch pad (I removed some extraneous stuff, like the 40 something for querys for better readability). I know it's crude, but it WORKS, except for the delete part I'm trying to build.

Comment on chmod/chown problem with httpd Select or Download Code

Replies are listed 'Best First'.
Re: chmod/chown problem with httpd by oko1 (Deacon) on Apr 10, 2008 at 23:52 UTC
Since you're running this script from your webserver, it has the permissions of that webserver (typically, that would be user 'apache' or 'nobody' - users with essentially no privileges.) The first question that comes to my mind is, can that user create a file in your current directory? Because that is what the 'open' call with the '>' (write) mode is going to do. Unless your current directory has the appropriate permissions, that low-priv user is not going to be able to create that file. If it already exists, and was created by another user (e.g., you running the script from the command line), that low-priv user won't be able to 'chmod' it either. As ikegami said, you need to check all your return values. I'd include those of the 'chmod' operation as well. -- Human history becomes more and more a race between education and catastrophe. -- HG Wells	[reply]
Re^2: chmod/chown problem with httpd by lakeTrout (Scribe) on Apr 11, 2008 at 00:07 UTC
Thanks for the input (++), I'll flag the chmod and write area ($!) to see "why" -- pretty amature mistake not to check that, but I'm still somewhat of a novice, so I appreciate the advice. thanks again! lakeTrout	[reply]
Re: chmod/chown problem with httpd by ikegami (Patriarch) on Apr 10, 2008 at 23:13 UTC
You said "delete" I your problem description, but I don't see any call to `unlink`. Did you mean you have problems renaming the file? Why don't you check the return value of `rename` and check `$!` if an error is reported? `if ($linenumber) { rename $logfile, $logfileOrig or die("Can't replace log file: $!\n"); }` [download] Note that `$currentline` can be replaced with `$.`.	[reply] [d/l] [select]
Re: chmod/chown problem with httpd by ikegami (Patriarch) on Apr 10, 2008 at 23:15 UTC
You said "delete" in your problem description, but I don't see any call to `unlink`. Did you mean you have problems renaming the file? Why don't you check the return value of `rename` and check `$!` if an error is reported? `if ($linenumber) { rename $logfile, $logfileOrig or die("Can't replace log file: $!\n"); }` [download] Note that `$currentline` can be replaced with `$.`.	[reply] [d/l] [select]
Re: chmod/chown problem with httpd by cdarke (Prior) on Apr 11, 2008 at 11:02 UTC
Permissions required to delete a file varies between operating systems. Assuming you are running on *nix, you need x access on all the directories in the path, and wx on the final directory where the file resides. Actual permissions on the file itself are irrelevant. Windows is a whole different games...	[reply]