Bilder in CGI-Verzeichnis?

Post by **nik0** » 2004-06-13 00:38

Hallo,

ich habe einen vServer auf dem Debian Woody läuft.

ich habe Apache (1.3.26) mit Awstats (6.2) nach der Anleitung von debianhowto.de konfiguriert.

Leider werden bei mir beim Aufrufen von Awstats die Bilder (Icons) nicht angezeigt.

Wenn ich versuche ein Bild direkt zu öffnen bekomme ich die Meldung "403 Forbidden".

AwStats wird im Howto in das CGI-Bin Verzeichnis /usr/lib/cgi-bin/awstats/ installiert und über Scriptalias nach /cgi-bin/awstats umgeleitet.

Ich habe versucht Scriptalias durch Alias zu ersetzen, es hat jedoch nicht funktioniert.
Mir ist aufgefallen, dass es funktioniert, wenn ich ein Bild in das Verzeichnis /usr/lib/cgi-bin/awstats/ oder /usr/lib/cgi-bin/ es angezeigt wird. Wenn ich aber ein Unterverzeichnis erstelle und es dort reinkopiere bekomme ich den 403 Fehler. Funktioniert mod_alias nicht ungegrenzt für Unterverzeichnisse?
Seltsam ist auch, dass der 403 Fehler nicht in der error.log (trotz ErrorLog debug) angezeigt wird.
Fehler tritt leider auch bei chmod 666 auf

Woran kann es noch liegen?

Post by **sascha** » 2004-06-13 00:49

Schau in die Apache-Doku und finde heraus was ScriptAlias bewirkt. Dann denke kurz nach und packe die Icons woanders hin.

Post by **antondollmaier** » 2004-06-13 00:53

a)
UTFSF ;)

b)

cgi-bin -> alle dateien darin werden von perl geparst

c)

awstats-icons in den alias-ordner /icons packen ...

mfg,
Anton

Post by **wirsing** » 2004-06-13 10:58

antondollmaier wrote:b)

cgi-bin -> alle dateien darin werden von perl geparst

Sie werden nicht von perl geparst, sondern ausgeführt nach den Regeln normaler Programme. Wenn dann eben die erste Zeile ein Shebang enthält, das auf perl verweist, dann wird die Datei von perl geparst. Es können allerdings genausogut kompilierte C-/C++-Programme (wie z. B. qmailadmin oder vqadmin) oder auch Shell-Skripte sein.

Post by **nik0** » 2004-06-13 13:21

Nik0 wrote:Ich habe versucht Scriptalias durch Alias zu ersetzen, es hat jedoch nicht funktioniert.

Mir ist bekannt, dass durch ScriptAlias alle Dateien zum CGI Parser gehen. Es müsste dann aber doch mit Alias gehen, oder?

Zudem habe ich versucht über Alias den /usr/lib/cgi-bin/awstats/icon/ Ordner auf z.B. /awstatsicons/ zu lenken.

Ich habe aber auch dort einen 403 Fehler bekommen.

Post by **wirsing** » 2004-06-13 14:00

Code: Select all

find /usr/lib/cgi-bin/awstats -type d -exec ls -ld {} ;

Post by **nik0** » 2004-06-13 14:12

Code: Select all

drwxr-xr-x    3 www-data www-data     4096 Jun 12 23:02 /usr/lib/cgi-bin/awstats
drw-r-xr-x    9 www-data www-data     4096 Jun 12 19:30 /usr/lib/cgi-bin/awstats/icon
drw-r--r--    2 www-data www-data     4096 Jun  9 16:11 /usr/lib/cgi-bin/awstats/icon/browser
drw-r--r--    2 www-data www-data     4096 Jun  9 16:11 /usr/lib/cgi-bin/awstats/icon/clock
drw-r--r--    2 www-data www-data     4096 Jun  9 16:11 /usr/lib/cgi-bin/awstats/icon/cpu
drw-r--r--    2 www-data www-data     8192 Jun  9 16:11 /usr/lib/cgi-bin/awstats/icon/flags
drw-r--r--    2 www-data www-data     4096 Jun  9 16:11 /usr/lib/cgi-bin/awstats/icon/mime
drw-r--r--    2 www-data www-data     4096 Jun  9 16:11 /usr/lib/cgi-bin/awstats/icon/os
drw-r--r--    2 www-data www-data     4096 Jun  9 16:11 /usr/lib/cgi-bin/awstats/icon/other

Meine httpd.conf

Code: Select all

ServerType standalone
ServerRoot /etc/apache
LockFile /var/lock/apache.lock
PidFile /var/run/apache.pid
ScoreBoardFile /var/run/apache.scoreboard

Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 100

LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config.so
LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so
LoadModule mime_module /usr/lib/apache/1.3/mod_mime.so
LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so
LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so
LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so
LoadModule access_module /usr/lib/apache/1.3/mod_access.so
LoadModule auth_module /usr/lib/apache/1.3/mod_auth.so
LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
LoadModule unique_id_module /usr/lib/apache/1.3/mod_unique_id.so
LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so
LoadModule php4_module /usr/lib/apache/1.3/libphp4.so
LoadModule gzip_module /usr/lib/apache/1.3/mod_gzip.so

Port 80
User www-data
Group www-data
ServerAdmin webmaster@<blabla>
ServerName <blabla>
DocumentRoot /var/www
<Directory />
    Options SymLinksIfOwnerMatch
    AllowOverride None
</Directory>

<Directory /var/www/>
    Options Indexes Includes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

<IfModule mod_dir.c>
    DirectoryIndex index.html index.htm index.shtml index.cgi index.php
</IfModule>
AccessFileName .htaccess
<Files ~ "^.ht">
    Order allow,deny
    Deny from all
</Files>

UseCanonicalName On
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
    MIMEMagicFile /etc/apache/magic
</IfModule>
HostnameLookups Off

ErrorLog /var/log/apache/error.log
LogLevel warn

LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %T %v" full
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %P %T" debug
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog /var/log/apache/access.log combined
ServerSignature Off

Alias /icons/ /usr/share/apache/icons/
<Directory /usr/share/apache/icons>
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
Alias /cgi-bin/ /usr/lib/cgi-bin/
<Directory /usr/lib/cgi-bin>
    AllowOverride None
    Options ExecCGI
</Directory>

<IfModule mod_autoindex.c>
    #
    # FancyIndexing: whether you want fancy directory indexing or standard
    #
    IndexOptions FancyIndexing NameWidth=*
    #
    # AddIcon* directives tell the server which icon to show for different
    # files or filename extensions.  These are only displayed for
    # FancyIndexed directories.
    #
    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
    AddIconByType (TXT,/icons/text.gif) text/*
    AddIconByType (IMG,/icons/image2.gif) image/*
    AddIconByType (SND,/icons/sound2.gif) audio/*
    AddIconByType (VID,/icons/movie.gif) video/*
    AddIcon /icons/binary.gif .bin .exe
    AddIcon /icons/binhex.gif .hqx
    AddIcon /icons/tar.gif .tar
    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
    AddIcon /icons/a.gif .ps .ai .eps
    AddIcon /icons/layout.gif .html .shtml .htm .pdf
    AddIcon /icons/text.gif .txt
    AddIcon /icons/c.gif .c
    AddIcon /icons/p.gif .pl .py
    AddIcon /icons/f.gif .for
    AddIcon /icons/dvi.gif .dvi
    AddIcon /icons/uuencoded.gif .uu
    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
    AddIcon /icons/tex.gif .tex
    AddIcon /icons/bomb.gif core
    AddIcon /icons/deb.gif .deb
    AddIcon /icons/back.gif ..
    AddIcon /icons/hand.right.gif README
    AddIcon /icons/folder.gif ^^DIRECTORY^^
    AddIcon /icons/blank.gif ^^BLANKICON^^
    #
    # DefaultIcon: which icon to show for files which do not have an icon
    # explicitly set.
    #
    DefaultIcon /icons/unknown.gif
    #
    # AddDescription: allows you to place a short description after a file in
    # server-generated indexes.  These are only displayed for FancyIndexed
    # directories.
    # Format: AddDescription "description" filename
    #
    #AddDescription "GZIP compressed document" .gz
    #AddDescription "tar archive" .tar
    #AddDescription "GZIP compressed tar archive" .tgz
    #
    # ReadmeName: the name of the README file the server will look for by
    # default, and append to directory listings.
    #
    # HeaderName: the name of a file which should be prepended to
    # directory indexes.
    #
    # The server will first look for name.html and include it if found.
    # If name.html doesn't exist, the server will then look for name.txt
    # and include it as plaintext if found.
    #
    ReadmeName README
    HeaderName HEADER
    #
    # IndexIgnore: a set of filenames which directory indexing should ignore
    # and not include in the listing.  Shell-style wildcarding is permitted.
    #
    IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
</IfModule>
<IfModule mod_mime.c>
    # AddEncoding allows you to have certain browsers (Mosaic/X 2.1+)
    # uncompress information on the fly. Note: Not all browsers support
    # this.  Despite the name similarity, the following Add* directives
    # have nothing to do with the FancyIndexing customization
    # directives above.
    AddEncoding x-compress Z
    AddEncoding x-gzip gz tgz
    #
    # AddLanguage: allows you to specify the language of a document. You can
    # then use content negotiation to give a browser a file in a language
    # it can understand.
    #
    # Note 1: The suffix does not have to be the same as the language
    # keyword --- those with documents in Polish (whose net-standard
    # language code is pl) may wish to use "AddLanguage pl .po" to
    # avoid the ambiguity with the common suffix for perl scripts.
    #
    # Note 2: The example entries below illustrate that in quite
    # some cases the two character 'Language' abbriviation is not
    # identical to the two character 'Country' code for its country,
    # E.g. 'Danmark/dk' versus 'Danish/da'.
    #
    # Note 3: In the case of 'ltz' we violate the RFC by using a three char
    # specifier. But there is 'work in progress' to fix this and get
    # the reference data for rfc1766 cleaned up.
    #
    # Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
    # French (fr) - German (de) - Greek-Modern (el)
    # Italian (it) - Portugese (pt) - Luxembourgeois* (ltz)
    # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cz)
    # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
    #
    AddLanguage da .dk
    AddLanguage nl .nl
    AddLanguage en .en
    AddLanguage et .ee
    AddLanguage fr .fr
    AddLanguage de .de
    AddLanguage el .el
    AddLanguage it .it
    AddLanguage ja .ja
    AddCharset ISO-2022-JP .jis
    AddLanguage pl .po
    AddCharset ISO-8859-2 .iso-pl
    AddLanguage pt .pt
    AddLanguage pt-br .pt-br
    AddLanguage ltz .lu
    AddLanguage ca .ca
    AddLanguage es .es
    AddLanguage sv .se
    AddLanguage cz .cz
    # LanguagePriority: allows you to give precedence to some languages
    # in case of a tie during content negotiation.
    #
    # Just list the languages in decreasing order of preference. We have
    # more or less alphabetized them here. You probably want to change
    # this.
    #
    <IfModule mod_negotiation.c>
        LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv
    </IfModule>
    #
    # AddType allows you to tweak mime.types without actually editing
    # it, or to make certain files to be certain types.
    #
    # For example, the PHP 3.x module (not part of the Apache
    # distribution - see http://www.php.net) will typically use:
    #
    #AddType application/x-httpd-php3 .php3
    #AddType application/x-httpd-php3-source .phps
    #
    # And for PHP 4.x, use:
    #
    AddType application/x-httpd-php .php
    #AddType application/x-httpd-php-source .phps
    AddType application/x-tar .tgz
    AddType image/bmp .bmp
    # hdml
    AddType text/x-hdml .hdml
    #
    # AddHandler allows you to map certain file extensions to "handlers",
    # actions unrelated to filetype. These can be either built into
    # the server or added with the Action command (see below).
    #
    # If you want to use server side includes, or CGI outside
    # ScriptAliased directories, uncomment the following lines.
    #
    # To use CGI scripts:
    #
    AddHandler cgi-script .cgi .sh .pl
    #
    # To use server-parsed HTML files
    #
    #AddType text/html .shtml
    #AddHandler server-parsed .shtml
    #
    # Uncomment the following line to enable Apache's send-asis HTTP
    # file feature.
    #
    #AddHandler send-as-is asis
    #
    # If you wish to use server-parsed imagemap files, use
    #
    #AddHandler imap-file map
    #
    # To enable type maps, you might want to use
    #
    #AddHandler type-map var
</IfModule>

AddDefaultCharset on


<IfModule mod_setenvif.c>
    #
   # The following directives modify normal HTTP response behavior.
    # The first directive disables keepalive for Netscape 2.x and browsers that
    # spoof it. There are known problems with these browser implementations.
    # The second directive is for Microsoft Internet Explorer 4.0b2
    # which has a broken HTTP/1.1 implementation and does not properly
    # support keepalive when it is used on 301 or 302 (redirect) responses.
    #
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4.0b2;" nokeepalive downgrade-1.0 force-response-1.0
    #
    # The following directive disables HTTP/1.1 responses to browsers which
    # are in violation of the HTTP/1.0 spec by not being able to grok a
    # basic 1.1 response.
    #
    BrowserMatch "RealPlayer 4.0" force-response-1.0
    BrowserMatch "Java/1.0" force-response-1.0
    BrowserMatch "JDK/1.0" force-response-1.0
</IfModule>

<IfModule mod_proxy.c>
    #
    # Proxy Server directives. Uncomment the following lines to
    # enable the proxy server:
    #
    #<IfModule mod_proxy.c>
    #ProxyRequests On
    #
    #<Directory proxy:*>
    #    Order deny,allow
    #    Deny from all
    #    Allow from .your_domain.com
    #</Directory>
</IfModule>

NameVirtualHost <blabla>
Include /etc/apache/vhosts.conf

vhosts.conf

Code: Select all

<VirtualHost <blabla>
 ServerName <blabla>
 DocumentRoot /var/www/nirvana
</VirtualHost>

<Location /cgi-bin>
 Options +ExecCGI
</Location>

<VirtualHost <blabla>
 ServerName <blabla2>
 DocumentRoot /var/www/user1/html
 User user1
 Group ftpuser
 php_admin_value open_basedir /var/www/user1/
 php_admin_value upload_tmp_dir /var/www/user1/temp
 php_admin_value session.save_path /var/www/user1/temp/
 CustomLog /var/log/apache/user1.log combined
</VirtualHost>

Post by **antondollmaier** » 2004-06-13 14:19

@wirsing:

jo, stimmt ...

das ergebnis is das gleiche: alles non-cgi-skript-mäßige im cgi-bin (bzw scriptalias) geht ned zum aufrufen per http .... :-D

Post by **nik0** » 2004-06-13 14:25

antondollmaier wrote:alles non-cgi-skript-mäßige im cgi-bin (bzw scriptalias) geht ned zum aufrufen per http .... :-D

das kann doch nicht fest in den Apache eingebrannt sein, oder etwa doch?

Post by **jamesb** » 2004-06-13 15:12

Im Howto ist ein Fehler drin: Die Bilder dürfen _nicht_ im cgibin sein, da sie dort unbedingt ausgeführt werden wollen.

Also einfach die Bilderchen _nicht_ ins cgibin, sondern an einen anderen Ort kopieren, und schon sollte es funktionieren.

JamesB

Post by **wirsing** » 2004-06-13 16:25

Und für die *Ordner* mit den Icons die Berechtigungen auf rwxr-xr-x (755) oder rwx--x--x (711) einstellen. (x-Bit bei Ordnern ist die Berechtigung für chdir).

Post by **nik0** » 2004-06-15 01:35

Danke wirsing, funktioniert!

RootForum Community

Bilder in CGI-Verzeichnis?

Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?

Re: Bilder in CGI-Verzeichnis?