4

I keep running into an issue with suexec where it says the cgi script is not in the docroot.

I get this error:

"[2012-05-21 04:53:02]: command not in docroot (/apps/dctools/www/cgi-bin/test.cgi)"

I have a symbolic link to where the cgi files are. Are symlinks a problem with suexec?

Using virtual host config. 

apache docroot:  /var/www/html
suexec docroot: /var/www

virtual host config

<VirtualHost 10.1.1.1:80>
     ServerAdmin me@nowhere.com
     DocumentRoot /var/www/html/dctools
     ServerName dctools.nowhere.com
     ErrorLog logs/dctools.nowhere.com-error_log
     CustomLog logs/dctools.nowhere.com-access_log common
     SuexecUserGroup me white
     ScriptAlias /cgi-bin/ "/var/www/cgi-bin/dctools/"
     <Directory "/var/www/dctools/cgi-bin">
       AllowOverride None
       Options None
       Options FollowSymlinks
       Order allow,deny
       Allow from all
     </Directory>
</VirtualHost>

symlink setup

-sh-3.2$ pwd
/var/www/html

-sh-3.2$ ls -l
lrwxrwxrwx 1 root root 17 May 14 21:06 dctools -> /apps/dctools/www

-sh-3.2$ pwd
/var/www/cgi-bin

-sh-3.2$ ls -l
lrwxrwxrwx 1 root     root 21 May 14 21:47 dctools -> /apps/dctools/cgi-bin
user770395
  • 101
  • 1
  • 5

1 Answers1

1

The actual location of the file, not the symlink, is what determines whether suexec will run it. That setting is compiled into suexec and to change it would require recompiling it. By default that would be at /var/www which you already mentioned is your configuration. That means that you would need to either recompile suexec to allow /app to be the accepted root for suexec or you would need to move/copy the actual files within the configured suexec root.

Emmaly
  • 425
  • 2
  • 8
  • 16
  • Does this mean (in my case after a system update) that Perl files in /home/username/cgi-bin/ or deeper will no longer run with suexec under Apache2.2? They were fine previously… – Dave Everitt Feb 27 '20 at 08:41