mod_perl can't see files in /tmp - linux

I have some mod_perl code trying to access a file under /tmp ... but it throws a 'no such file or directory' error. I added an 'ls -al /tmp' to my code to see what Perl was seeing inside the directory, and it only gave me . and .. :
drwxrwxrwt. 2 root root 6 Jan 21 13:36 .
drwxrwxrwx. 18 root sysadmin 4096 Nov 22 22:14 ..
In reality there are a mixture of files under /tmp, including some owned by the Apache user. Changing my code to 'ls -al /' gives a correct directory listing (nothing missing).
I tried sudo'ing to the Apache user, and can see under /tmp file, so it must be something mod_perl related.
Ideas? I'm running mod_perl 2.0.8 and Apache 2.4 under CentOS 7. SELinux is set to permissive.

So based on comments the answer here is - it's an RHEL 7 feature.
https://securityblog.redhat.com/2014/04/09/new-red-hat-enterprise-linux-7-security-feature-privatetmp/
PrivateTmp=
Takes a boolean argument. If true sets up a new file system
namespace for the executed processes and mounts a private /tmp
directory inside it, that is not shared by processes outside of
the namespace. This is useful to secure access to temporary files
of the process, but makes sharing between processes via /tmp
impossible. Defaults to false.

Related

How to Create a path in my shell for windows?

I have a question, I created a script but I need to create a path, to find my cassandra folder to execute cqlsh, this is the route
C:/apache-cassandra-3.11.4/bin/cqlsh
the problem is because I am in windows not in linux, and I want to see if possible to create an a path in case that I need to pass my script to my team. but you know your cassandra db is in another route for that reason I want to do that because I need to execute this script
example
route= /../cassandra3.11.4/bin/cqlsh
$route -k fsainstqual -e "TRUNCATE instrumentmanufacturer"
If you mean you don't know how to mix Windows drive letters and Linux directory handling (which does not have drives), you'll need mounting points, as you can see in following mount excerpt on my PC, where I have a Linux app installed:
Prompt>mount
...
C: on /mnt/c type drvfs (rw,noatime,uid=1000,gid=1000,case=off)
E: on /mnt/e type drvfs (rw,noatime,uid=1000,gid=1000,case=off)
In top of that, on my root directory, I've created symlinks to those mounted directories:
Prompt>cd /
Prompt>$ ls -ltra | grep "\->"
lrwxrwxrwx 2 root root 6 Nov 23 2017 C -> /mnt/c
lrwxrwxrwx 2 root root 6 Nov 14 12:00 E -> /mnt/e
I think it's better to clarify your question buddy.
If you want to change your current directory, you can use "cd" command as in linux shell.
If you want to create a path use "md" or "mkdir" command.
Here is the help in windows OS
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/md

Is it portable to call executable with full path "/bin/..."?

For the RTOS I'm writing ( http://www.distortos.org ) I need to run find as part of the build configuration process (from make menuconfig target). For Windows I assume that user has MSYS2 installed, so find.exe is available. The only problem with this particular file is that Windows also has such file in C:/Windows/system32 (supposedly it is something close to grep). So depending on the order of folders in your PATH environment variable you get one or the other if trying to call the file by just the name.
I've found that calling this program as /bin/find from the Makefile or in shell script works both in Windows and on (my) Linux. What is most important - doing it that way always calls find.exe from MSYS2, no matter what is the order of folders in PATH. So I'm wondering - is it OK to call find this way, or maybe it is not portable and I just had luck that it works for me?
It would probably be more portable to refer to it as /usr/bin/find. For example, on Fedora /bin is actually a symlink to /usr/bin, so either works:
bash-4.3$ ls -l /bin/find
-rwxr-xr-x. 1 root root 222608 Dec 28 18:26 /bin/find
bash-4.3$ ls -l /usr/bin/find
-rwxr-xr-x. 1 root root 222608 Dec 28 18:26 /usr/bin/find
But on a recent Ubuntu:
root#69ca68fbe5c0:/# ls -l /bin/find
ls: cannot access /bin/find: No such file or directory
root#69ca68fbe5c0:/# ls -l /usr/bin/find
-rwxr-xr-x. 1 root root 229992 Jan 6 2014 /usr/bin/find
I would recommend not hard-coding the path to find and instead instruct Windows users that they must run your script inside the MSYS2 environment. MSYS2 will put its own bin directories near the beginning of the path so that find always gets the MSYS2 version instead of the Microsoft version.
If you hard-code the path to find then you make things be more brittle than they need to be.

Git Install Script How to enter shell command

This is more of a git related question than openshift.
When I push files to the git server using git, I see that the file permissions of my perl index.cgi file gets changed to 700 in my openshift repo.
Hence every time I do a push, I have to log in to the server using ssh and do a chmod a+x index.cgi in my $OPENSHIFT_REPO_DIR to change it to 755.
I read in the git documentation it is possible to add a hook and I tried updating the post update script in the hooks directory with the following command
exec chmod a+x $OPENSHIFT_DATA_DIR/index.cgi
However that does not seemed to have worked.
Can you please tell me what I am doing wrong ?
How can I ensure I don't have to make the chmod change every time I push files ?
How does one execute shell commands via the git install script (I don't know what is install script, I assume it means the hooks)
based on a below suggestion i thought i would need to add the hook to the server so i tried it but i got an error
$ git add .git/hooks/post-update
error: Invalid path '.git/hooks/post-update'
error: unable to add .git/hooks/post-update to index
so i tried some options using action hooks by placing a "start" in the local .openshift/action_hooks directory.
The command there ive tried to use was
exec chmod a+x register.cgi and even chmod a+x register.cgi
Not much luck. Any inputs. I will be raising this as a separate q against actionhooks.
This is more of a git related question than openshift.
Actually, it is more related to openshift than it is to Git: Git only records 644 and 755 permissions.
But the destination system managing a checkout (and updating a working tree) would set the permission according to the default umask (which could be in your case 077).
Make sure the default umask is 022.
Regarding the hook, check its name ('post-update', no extension) and permission (it must be executable, 755 would be useful)
Bring authority in this case gitweb folder.
gitweb/
drwxr-xr-x 3 root root 4096 Sep 25 12:01 .
drwxr-xr-x 225 root root 12288 Oct 27 20:10 ..
-rwxr-xr-x 1 root root 251319 Sep 23 04:36 gitweb.cgi
lrwxrwxrwx 1 root root 10 Sep 23 04:36 index.cgi -> gitweb.cgi
drwxr-xr-x 2 root root 4096 Sep 25 12:01 static

Why does Apache + PHP require execution permissions to write to a file?

It has always baffled me that if a folder has read and write permissions, Apache + PHP can't write to it. You have to end giving apache execution permissions to be able to write a file in that folder. Why?
For example with chmod 664 (where the build group includes the apache user) apache won't be able to write a temporary cache file in this folder:
drw-rw-r-- 5 jenkins build 4096 Jun 15 13:05 cache
while with chmod 774 apache will be able to write a new file to the folder:
drwxrwxr-- 5 jenkins build 4096 Jun 29 11:44 cache
You need execute permission to conceptually enter a directory (cd into it, list files within, etc.). It would have been clearer if they called this bit something else for directories. This article recommends thinking of it as the "search" permission on directories.
When these permission are set for a directory it gives ability to access metainfo and accessing to contents I think this is why you need execute.

Getting error that the database is locked when refreshing the page

I am running apache with mod mono and my asp.net app is using mono sqlite as its db. When i refresh the page twice i get the DB is locked error. The folder it is in is chmod 777. The webapp is creating sqlite.db and sqlite.db-journal but it doesnt seem to be able to delete the journal. Also it has problems when i load the page once. It definitely seems to be a permission problem.
i'm confused. What permissions do i need to set these? i tried precreating the files using 777 and had no luck.
-edit- I didnt find a solution however i thought how silly i was being since i was planning to use mysql for my webapp. So i just ported the code and i no longer had issues.
When creating/deleting a file the directory permission matter.
So, if you really want that, you have to set the containing directory's permissions to 777.
Sample:
$ ls -la
total 21
dr-xr-xr-x 2 me me 1024 May 22 19:19 . #no write permissions to directory
drwxrwxrwt 21 root root 19456 May 22 19:19 ..
-rwxrwxrwx 1 me me 0 May 22 19:19 abc #all permissions to file abc
$ rm abc
rm: cannot remove `abc': Permission denied #abc has 777, but deleting doesn't work
$ chmod 777 . #change directoy's permissions
$ rm abc #now removing works
$ ls #file abc is gone
The reason is that when you delete a file, you actually modify the directory and not the file itself.
Think of a hard link: The file itself will not change when you delete one hardlink to it, but the directory changes.
Sounds more like one instance of the session in apache is blocking the other session, i.e. has the db file open exclusively. Try to let the database(model) run as a singleton (or similar) which all sessions access.

Resources