headers
Martijn de Munnik | 16 Jan 2008 17:50
Picon

(no subject)


Hi,
I'm trying to configure a webserver using virtualmin with suexec and  
fastcgi. I used the following settings and get the error as seen in  
error_log. Any ideas? The OS is Solaris 10. I don't think the problem  
is with suexec?

in httpd.conf:
LoadModule fastcgi_module libexec/mod_fastcgi.so
LoadModule suexec_module libexec/mod_suexec.so

in extra/httpd-fastcgi.conf
<IfModule mod_fastcgi.c>
FastCgiIpcDir /opt/csw/apache2/share/htdocs/suexec/tmp
AddHandler fastcgi-script .fcgi
FastCgiSuexec On
FastCgiConfig -singleThreshold 100 -killInterval 300 -autoUpdate - 
idle-timeout 240 -pass-header HTTP_AUTHORIZATION
</IfModule>

<Location /php-fastcgi/>
Options +ExecCGI
SetHandler fastcgi-script
</Location>

the vhost file (the real ip is replaced with *****)
<VirtualHost **********:80>
ServerName testserver

DocumentRoot /home/testserver/public_html
(Continue reading)

Permalink | Reply | 0 comments |
headers
David Birnbaum | 17 Jan 2008 03:42
Favicon

Re: Web hosting with fastcgi

pins.net, the ISP hosting FastCGI, also provides it for larger customers.

David.


Matthew Weigel wrote:
Craig Hilles wrote:
Does anyone know of a web hosting service that supports fast CGI? All my programs are compiled C++ executables. I'm very interested in switching to fastcgi. Because I have compiled CGI programs I also need telnet access in order to compile (can't figure out how to cross-compile linux executables for different systems). Or I guess if the server was on windows that would work too. Thanks for any ideas you can give,
DreamHost started providing FastCGI for Ruby on Rails, but it's available whether you're doing RoR or C++. 
___________________________________
fastcgi-developers mailing list
http://fastcgi.com/fastcgi-developers/
Permalink | Reply | 0 comments |
headers
Martijn de Munnik | 21 Jan 2008 21:11
Picon

Re: Permission denied

Hi David,

Thank you for your reply! I tried what you said and these are the result. I can't cd into /opt/csw/apache2/sbin where the suexec binary is but I guess root needs to run suexec and the suexec process runs the php5-cgi fastcgi script.

------------

-bash-3.2$ pwd
/opt/csw/apache2
-bash-3.2$ id
uid=10000(goedkooplpgtanken.nl) gid=10000(goedkooplpgtanken.nl)
-bash-3.2$ /opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi
<?php echo("It works.\n"); ?>
Content-type: text/html

It works.
-bash-3.2$

------------

Martijn

On 21-jan-2008, at 16:39, David Birnbaum wrote:

Martijn,

Well, the error looks pretty explicit:

[Mon Jan 21 11:55:38 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) started (pid 26418) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26418), execle() failed: Permission denied The execle() error message is passed back from the OS.  Is it possible that you're not really testing as UID 10,000 the same we suexec is running things?  Do an "id" before you launch it, and see if it's returning the right thing.  Also, run the whole line from the command line when cd'd in the same the directory that suexec is launching from, and make sure it properly starts up that way as well.

David.


Martijn de Munnik wrote:
Hi, my apache error_log show the following error. I've also tried without the suexec wrapper and I'm quiet sure that suexec is not the problem. I can run the php5-cgi script from the commandline as the user with uid 10000 without any problem? Any ideas? [Mon Jan 21 11:55:23 2008] [notice] suEXEC mechanism enabled (wrapper: /opt/csw/apache2/sbin/suexec) [Mon Jan 21 11:55:23 2008] [notice] mod_python: Creating 8 session mutexes based on 256 max processes and 0 max threads. [Mon Jan 21 11:55:23 2008] [notice] mod_python: using mutex_directory /tmp [Mon Jan 21 11:55:23 2008] [notice] Digest: generating secret for digest authentication ... [Mon Jan 21 11:55:23 2008] [notice] Digest: done [Mon Jan 21 11:55:23 2008] [notice] Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8g mod_fastcgi/2.4.2 DAV/2 SVN/1.4.5 mod_python/3.3.1 Python/2.5.1 configured -- resuming normal operations [Mon Jan 21 11:55:23 2008] [notice] FastCGI: wrapper mechanism enabled (wrapper: /opt/csw/apache2/sbin/suexec) [Mon Jan 21 11:55:23 2008] [notice] FastCGI: process manager initialized (pid 26387) [Mon Jan 21 11:55:38 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) started (pid 26418) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26418), execle() failed: Permission denied [Mon Jan 21 11:55:38 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26418) terminated by calling exit with status '255' [Mon Jan 21 11:55:45 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) restarted (pid 26420) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26420), execle() failed: Permission denied [Mon Jan 21 11:55:45 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26420) terminated by calling exit with status '255' [Mon Jan 21 11:55:51 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) restarted (pid 26421) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26421), execle() failed: Permission denied [Mon Jan 21 11:55:51 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26421) terminated by calling exit with status '255' ___________________________________ fastcgi-developers mailing list http://fastcgi.com/fastcgi-developers/
!DSPAM:4794bce02966070788949! 

___________________________________
fastcgi-developers mailing list
http://fastcgi.com/fastcgi-developers/
Permalink | Reply | 0 comments |
headers
David Birnbaum | 22 Jan 2008 19:09
Favicon

Re: FastCGI multithread programming problems

Can one of our thread programmers comment on this?

In general terms, it seems like there can always a be a thread with the mutex for accept(), meaning that as long as another worker thread can take over when one worker receives a request, it should work fine.  Does anyone else know differently?

Cheers,

David.


Harvy Chen wrote:
Dears,
I'm developping a project which has a communication channel(based on HTTP protocol) to recevie request from clients(Maybe million clients), the platform is under linux,
now i'm trying use FastCGI to provide a high performance process capacity, I wonder know if the fastcgi can support multi-threads, i means in one cgi process,
i create a thread pool to handle the request, But i looked up in the internet, found that just one rquest will transport to a cgi process to handle at the same time,
means the thread pool will be useless. Maybe i'm wrong, will anybody can give me correct answer?

If the fastCGI can support aync processing, it's perfect to me.
___________________________________ fastcgi-developers mailing list http://fastcgi.com/fastcgi-developers/ 
___________________________________
fastcgi-developers mailing list
http://fastcgi.com/fastcgi-developers/
Permalink | Reply | 0 comments |
headers
Martijn de Munnik | 23 Jan 2008 11:27
Picon

Re: Permission denied

Hi David,

Thank you for your suggestions. I tried a truss on the apache process (truss -f - p <Apache PID>, first time I've used truss) and got the following output. I've noticed the following line with seems strange to me.
10130:  stat64("/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi/index.php", 0x08047970) Err#20 ENOTDIR
It is the first time I've used truss so I'm don't realy know what I'm looking at. I've also tried a test.fcgi script without suexec and this also doesn't work, same error in the apache error_log.

The complete output:

10130:  fork1()         (returning as child ...)        = 10007
10130:  getpid()                                        = 10130 [10007]
10130:  lwp_self()                                      = 1
10130:  lwp_sigmask(SIG_SETMASK, 0x00000000, 0x00000000) = 0xFFBFFEFF [0x0000FFFF]
10130:  sigaction(SIGHUP, 0x08047C10, 0x08047C80)       = 0
10130:  sigaction(SIGTERM, 0x08047C10, 0x08047C80)      = 0
10130:  sigaction(SIGUSR1, 0x08047C10, 0x08047C80)      = 0
10130:  getpid()                                        = 10130 [10007]
10130:  getpid()                                        = 10130 [10007]
10130:  getuid()                                        = 0 [0]
10130:  setgid(60001)                                   = 0
10130:  sysconfig(_CONFIG_NGROUPS)                      = 16
10130:  open("/etc/default/nss", O_RDONLY|O_LARGEFILE)  = 35
10130:  fcntl(35, F_DUPFD, 0x00000100)                  = 256
10130:  close(35)                                       = 0
10130:  read(256, " #   i d e n t\t " <at> ( #".., 1024)   = 1024
10130:  read(256, " y   t h o s e\n # f u n".., 1024)   = 211
10130:  read(256, 0xFE642400, 1024)                     = 0
10130:  close(256)                                      = 0
10130:  getuid()                                        = 0 [0]
10130:  getuid()                                        = 0 [0]
10130:  door_info(3, 0x080475E0)                        = 0
10130:  door_call(3, 0x08047638)                        = 0
10130:  setgroups(3, 0x08152638)                        = 0
10130:  getuid()                                        = 0 [0]
10130:  setuid(60001)                                   = 0
10130:  close(18)                                       = 0
10130:  close(16)                                       = 0
10130:  getpid()                                        = 10130 [10007]
10130:  time()                                          = 1201083028
10130:  getpid()                                        = 10130 [10007]
10130:  getpid()                                        = 10130 [10007]
10130:  fcntl(34, F_SETLKW, 0xFE97DE78)                 = 0
10130:  pollsys(0x0834A6E0, 2, 0x00000000, 0x00000000) (sleeping...)
10130:  pollsys(0x0834A6E0, 2, 0x00000000, 0x00000000)  = 1
10130:  accept(5, 0x0834C730, 0x0834C71C, SOV_DEFAULT)  = 16
10130:  fcntl(34, F_SETLKW, 0xFE97DEA0)                 = 0
10130:  getsockname(16, 0x0834C6E8, 0x0834C6D4, SOV_DEFAULT) = 0
10130:  read(16, " G E T   / i n d e x . p".., 8000)    = 408
10130:  stat64("/home/goedkooplpgtanken.nl/public_html/index.php", 0x08047A10) = 0
10130:  open("/home/goedkooplpgtanken.nl/public_html/.htaccess", O_RDONLY|O_LARGEFILE) Err#2 ENOENT
10130:  open("/home/goedkooplpgtanken.nl/public_html/index.php/.htaccess", O_RDONLY|O_LARGEFILE) Err#20 ENOTDIR
10130:  getpid()                                        = 10130 [10007]
10130:  stat64("/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi/index.php", 0x08047970) Err#20 ENOTDIR
10130:  lstat64("/opt", 0x08047970)                     = 0
10130:  lstat64("/opt/csw", 0x08047970)                 = 0
10130:  lstat64("/opt/csw/apache2", 0x08047970)         = 0
10130:  lstat64("/opt/csw/apache2/share", 0x08047970)   = 0
10130:  lstat64("/opt/csw/apache2/share/htdocs", 0x08047970) = 0
10130:  lstat64("/opt/csw/apache2/share/htdocs/suexec", 0x08047970) = 0
10130:  lstat64("/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl", 0x08047970) = 0
10130:  lstat64("/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi", 0x08047970) = 0
10130:  getpid()                                        = 10130 [10007]
10130:  xstat(2, "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi", 0x08357F58) = 0
10130:  brk(0x08374F00)                                 = 0
10130:  brk(0x08376F00)                                 = 0
10130:  brk(0x08376F00)                                 = 0
10130:  brk(0x0837AF00)                                 = 0
10130:  brk(0x0837AF00)                                 = 0
10130:  brk(0x0837CF00)                                 = 0
10130:  brk(0x0837CF00)                                 = 0
10130:  brk(0x08380F00)                                 = 0
10130:  brk(0x08380F00)                                 = 0
10130:  brk(0x08382F00)                                 = 0
10130:  stat64("/home/goedkooplpgtanken.nl/public_html/index.php", 0x08047670) = 0
10130:  xstat(2, "/opt/csw/apache2/share/htdocs/suexec/tmp/dynamic/ebdbed12405780bdcdf8d9c3caffeb8d", 0x080476B0) Err#2 ENOENT
10130:  write(25, " S   / o p t / c s w / a".., 81)     = 81
10130:  pollsys(0x08047610, 0, 0x08047660, 0x00000000)  = 0
10130:  xstat(2, "/opt/csw/apache2/share/htdocs/suexec/tmp/dynamic/ebdbed12405780bdcdf8d9c3caffeb8d", 0x080476B0) = 0
10130:  so_socket(PF_UNIX, SOCK_STREAM, 0, "", SOV_DEFAULT) = 18
10130:  connect(18, 0x0837F148, 83, SOV_DEFAULT)        = 0
10130:  fcntl(18, F_GETFL)                              = 2
10130:  fcntl(18, F_SETFL, FWRITE|FNONBLOCK)            = 0
10130:  pollsys(0x080477E0, 1, 0x080478D0, 0x00000000)  = 1
10130:  write(18, "0101\001\0\b\0\0\001\0\0".., 1369)   = 1369
10130:  pollsys(0x080477E0, 1, 0x080478D0, 0x00000000) (sleeping...)
10130:  pollsys(0x080477E0, 1, 0x080478D0, 0x00000000)  = 0
10130:  write(25, " T   / o p t / c s w / a".., 81)     = 81
10130:  pollsys(0x080477E0, 1, 0x080478D0, 0x00000000) (sleeping...)


Martijn

On 22-jan-2008, at 17:06, David Birnbaum wrote:

Martijn,

Well, if you can't tell from inspection why the exec is failing, then what I usually do is truss or strace the proc manager and watch the various system calls are that fail.  Usually that gives me the information I need to track it down.  Unfortunately, it's very much based on your specific installation so you're somewhat on your own.  Try following the whole chain as the right user (start as root, make sure you can cd where httpd is when it forks off suexec, become the user, and continue to trace execution through) until you find the place where permissions are set wrong, either on a cd, exec, stat, etc.

David.


Martijn de Munnik wrote:
Hi David,

Thank you for your reply! I tried what you said and these are the result. I can't cd into /opt/csw/apache2/sbin where the suexec binary is but I guess root needs to run suexec and the suexec process runs the php5-cgi fastcgi script.

------------

-bash-3.2$ pwd
/opt/csw/apache2
-bash-3.2$ id
uid=10000(goedkooplpgtanken.nl) gid=10000(goedkooplpgtanken.nl)
-bash-3.2$ /opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi
<?php echo("It works.\n"); ?>
Content-type: text/html

It works.
-bash-3.2$

------------

Martijn

On 21-jan-2008, at 16:39, David Birnbaum wrote:

Martijn,

Well, the error looks pretty explicit:

[Mon Jan 21 11:55:38 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) started (pid 26418) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26418), execle() failed: Permission denied The execle() error message is passed back from the OS.  Is it possible that you're not really testing as UID 10,000 the same we suexec is running things?  Do an "id" before you launch it, and see if it's returning the right thing.  Also, run the whole line from the command line when cd'd in the same the directory that suexec is launching from, and make sure it properly starts up that way as well.

David.


Martijn de Munnik wrote:
Hi, my apache error_log show the following error. I've also tried without the suexec wrapper and I'm quiet sure that suexec is not the problem. I can run the php5-cgi script from the commandline as the user with uid 10000 without any problem? Any ideas? [Mon Jan 21 11:55:23 2008] [notice] suEXEC mechanism enabled (wrapper: /opt/csw/apache2/sbin/suexec) [Mon Jan 21 11:55:23 2008] [notice] mod_python: Creating 8 session mutexes based on 256 max processes and 0 max threads. [Mon Jan 21 11:55:23 2008] [notice] mod_python: using mutex_directory /tmp [Mon Jan 21 11:55:23 2008] [notice] Digest: generating secret for digest authentication ... [Mon Jan 21 11:55:23 2008] [notice] Digest: done [Mon Jan 21 11:55:23 2008] [notice] Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8g mod_fastcgi/2.4.2 DAV/2 SVN/1.4.5 mod_python/3.3.1 Python/2.5.1 configured -- resuming normal operations [Mon Jan 21 11:55:23 2008] [notice] FastCGI: wrapper mechanism enabled (wrapper: /opt/csw/apache2/sbin/suexec) [Mon Jan 21 11:55:23 2008] [notice] FastCGI: process manager initialized (pid 26387) [Mon Jan 21 11:55:38 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) started (pid 26418) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26418), execle() failed: Permission denied [Mon Jan 21 11:55:38 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26418) terminated by calling exit with status '255' [Mon Jan 21 11:55:45 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) restarted (pid 26420) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26420), execle() failed: Permission denied [Mon Jan 21 11:55:45 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26420) terminated by calling exit with status '255' [Mon Jan 21 11:55:51 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (uid 10000, gid 10000) restarted (pid 26421) FastCGI: can't start server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26421), execle() failed: Permission denied [Mon Jan 21 11:55:51 2008] [warn] FastCGI: (dynamic) server "/opt/csw/apache2/share/htdocs/suexec/goedkooplpgtanken.nl/php5-cgi" (pid 26421) terminated by calling exit with status '255' ___________________________________ fastcgi-developers mailing list http://fastcgi.com/fastcgi-developers/

___________________________________ fastcgi-developers mailing list http://fastcgi.com/fastcgi-developers/
!DSPAM:479614962211821340132! 

___________________________________
fastcgi-developers mailing list
http://fastcgi.com/fastcgi-developers/
Permalink | Reply | 0 comments |
headers
David Birnbaum | 25 Jan 2008 16:58
Favicon

Re: mod_fastcgi + apache + file on local filesystem

This is fixed in 2.4.6.

David.

-----

On Fri, 25 Jan 2008, Andrzej Nakonieczny wrote:

> Hello!
>
> 	I have an apache (2.2.3) with mod_fastcgi (2.4.2) on frontend server
> and php on backend server. It works good but I'm wondering why apache
> needs to have php file on local filesystem. In mod_fastcgi's docs is
> wrote that "The filename does not have to exist in the local
> filesystem.". Is it true?
>
> When I have php file only on a backend server apache wrote to log file:
>
> -----------------------------------------------------------------------
> my_station - - [25/Jan/2008:14:14:40 +0100] "GET /check.php HTTP/1.1"
> 404 208 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1)
> Gecko/20061206 BonEcho/2.0"
> -----------------------------------------------------------------------
>
> But if I add (for example) empty file (check.php) on a frontend server
> all works fine. What can I do to change this behavior?
>
> This is my (mod_fastcgi) config file on apache:
>
> -----------------------------------------------------------------------
> LoadModule fastcgi_module modules/mod_fastcgi.so
>
> FastCGIExternalServer   /var/www/cgi-bin/php -host ip_backend:32001
> -idle-timeout 240 -appConnTimeout 0
>
> Action                  php-fastcgi             /cgi-bin/php
>
> AddType                 application/x-httpd-php .php
> AddType                 application/x-httpd-php .php4
> AddType                 application/x-httpd-php .php5
>
> AddHandler              php-fastcgi             .php
> AddHandler              php-fastcgi             .php4
> AddHandler              php-fastcgi             .php5
> -----------------------------------------------------------------------
>
> Thanks for any help.
>
> Andrzej
> ___________________________________
> fastcgi-developers mailing list
> http://fastcgi.com/fastcgi-developers/
>
___________________________________
fastcgi-developers mailing list
http://fastcgi.com/fastcgi-developers/
Permalink | Reply | 0 comments |
headers
David Birnbaum | 26 Jan 2008 22:53
Favicon

Re: Apache 2 Bug (Patch Included)

Philipp,

Thanks for the patch.  We'll add it to the list, and see about a maint release 
soon with this and a few other minor patches.

David.

-----

On Tue, 22 Jan 2008, Philipp Dunkel wrote:

> Hi everyone,
>
> we are using mod_fastcgi for a project of ours and found that we were having 
> problems using OutputFilters under Apache2.
>
> After some analysis the problem seemed to be that mod_fastcgi would not 
> correctly terminate the bucket brigades it sends down the filter chain. It 
> would never ever send an EOS bucket.
>
> Due to this OutputFilters such as mod_deflate would get screwed up.
>
> I have attached a patch to this email that fixes the problem for us in the 
> hopes that it may be useful for the community at large. If you have any 
> questions about what is being done here, feel free to mail me at any time. 
> And of course I release all rights to anything in this patch to the community 
> of mod_fastcgi under the same license as mod_fastcgi.
>
> Regards, Philipp Dunkel
>
> ------------------------------
> Philipp Dunkel
> TripWolf Tech Lead
> i5invest
>
> Telefon: +43720407204
> Fax: +4313060903-9
> E-Mail: p.dunkel@...
> Web: http://www.i5invest.com
>
>
> Jetzt gratis email charity Signatur holen oder direkt spenden!
>
___________________________________
fastcgi-developers mailing list
http://fastcgi.com/fastcgi-developers/
Permalink | Reply | 0 comments |

Gmane