From: Bill B. (NJ7P) <nj...@nj...> - 2008-04-05 03:48:08
|
Has anyone gotten boa to run as root? I get the following error in both the buildroot (1588) and OE (252) versions of the code: root@lionel:~$ tail /var/log/boa/error.log [05/Apr/2008:03:19:01 +0000] boa.c:227 - icky Linux kernel bug!: Success Has anyone gotten a web script to run properly ( as root) with the sticky bit set? It appears this is disfunctional in both builds, as well. Has anyone ever succeeded in building a web-interfaced controller from a gumstix? I have scripts that work properly, when run as root, but will not operate as www-data, which is the boa user. Bill |
From: Keith H. <kc...@kc...> - 2008-04-05 13:32:34
|
On Fri, 04 Apr 2008 20:48:05 -0700, Bill Beech (NJ7P) wrote > Has anyone gotten boa to run as root? I get the following error in > both the buildroot (1588) and OE (252) versions of the code: > root@lionel:~$ tail /var/log/boa/error.log > [05/Apr/2008:03:19:01 +0000] boa.c:227 - icky Linux kernel bug!: Success > > Has anyone gotten a web script to run properly ( as root) with the > sticky bit set? It appears this is disfunctional in both builds, as > well. > > Has anyone ever succeeded in building a web-interfaced controller > from a gumstix? I have scripts that work properly, when run as root, > but will not operate as www-data, which is the boa user. Running scripts as root is a "bad idea". This is how things get hacked and/or destroyed. The issue you are having is one of permissions. You need to look at your script and see what it is trying to access and then set the 'group' permissions for those files to the www-data user. At a pinch, you could set the permissions rwrwrw for the files, but this is almost as bad from a unix sysadmin point of view. If you can let the list know what your script is failing on, then one of us should be able to tell you how to set the permissions correctly. -- Keith |
From: Dante S. <da...@ma...> - 2008-11-20 17:04:04
|
Hi, Keith Howell-2 wrote: > > On Fri, 04 Apr 2008 20:48:05 -0700, Bill Beech (NJ7P) wrote >> Has anyone gotten boa to run as root? >> Has anyone ever succeeded in building a web-interfaced controller >> from a gumstix? I have scripts that work properly, when run as root, >> but will not operate as www-data, which is the boa user. > > Running scripts as root is a "bad idea". This is how things get hacked > and/or > destroyed. > > The issue you are having is one of permissions. You need to look at your > script and see what it is trying to access and then set the 'group' > permissions for those files to the www-data user. > I found this old thread while looking for a solution to the same problem. I want to run ifdown/ifup from a web page using a perl script. Boa won't start if I set User/Group to 0, and setting the suid bit on a script still won't let any non-root user run ifdown/ifup. All I want to do is reset the wireless connection (wlan0) after updating the interfaces/wpa_supplicant.conf files. Maybe someone has already done this in a different way? Thanks, Dante -- View this message in context: http://www.nabble.com/Boa-won%27t-run-as-root-tp16509331p20605734.html Sent from the Gumstix mailing list archive at Nabble.com. |
From: Grahame J. <gb...@th...> - 2008-11-28 00:57:13
Attachments:
root-patch.diff
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> <title></title> </head> <body bgcolor="#ffffff" text="#000000"> Dante Sanchez wrote: <blockquote cite="mid:206...@ta..." type="cite"> <pre wrap=""> Hi, Keith Howell-2 wrote: </pre> <blockquote type="cite"> <pre wrap="">On Fri, 04 Apr 2008 20:48:05 -0700, Bill Beech (NJ7P) wrote </pre> <blockquote type="cite"> <pre wrap="">Has anyone gotten boa to run as root? Has anyone ever succeeded in building a web-interfaced controller from a gumstix? I have scripts that work properly, when run as root, but will not operate as www-data, which is the boa user. </pre> </blockquote> <pre wrap="">Running scripts as root is a "bad idea". This is how things get hacked and/or destroyed. The issue you are having is one of permissions. You need to look at your script and see what it is trying to access and then set the 'group' permissions for those files to the www-data user. </pre> </blockquote> <pre wrap=""><!----> I found this old thread while looking for a solution to the same problem. I want to run ifdown/ifup from a web page using a perl script. Boa won't start if I set User/Group to 0, and setting the suid bit on a script still won't let any non-root user run ifdown/ifup. All I want to do is reset the wireless connection (wlan0) after updating the interfaces/wpa_supplicant.conf files. Maybe someone has already done this in a different way? Thanks, Dante </pre> </blockquote> <br> I have had to do this at some time. Se attached patch for boa in oe.<br> <br> <br> Cheers<br> <br> Grahame Jordan<br> <br> <br> </body> </html> |
From: Dante S. <da...@ma...> - 2008-12-01 17:05:35
|
Hi Grahame, Grahame Jordan wrote: > > Se attached patch for boa in oe. > > --- boa-0.94.13.orig/src/boa.c 2008-07-31 15:02:37.000000000 +1000 > +++ boa-0.94.13/src/boa.c 2008-08-01 13:36:14.000000000 +1000 > @@ -119,7 +119,8 @@ > open_logs(); > server_s = create_server_socket(); > init_signals(); > - drop_privs(); > + // Commented out specifically for TruFlo to enable elevated privileges > required for trufo.cgi > + //drop_privs(); > create_common_env(); > build_needs_escape(); > > Thanks for the patch, I am re-building boa right now. Dante -- View this message in context: http://www.nabble.com/Boa-won%27t-run-as-root-tp16509331p20774521.html Sent from the Gumstix mailing list archive at Nabble.com. |