Project

General

Profile

[UE] CGI script not interpreted.

Added by rsuinux 5 months ago

Hello
I have a small problem with cgi files
I installed nut on my server (debian stable).
I've installed lighttpd (1.4.76 (ssl) )too, but in docker (alpine docker).
I've managed to display the nut statistics page, but it must receive data from a cgi located in

-rwxr-xr-x 1 root root 38960 Apr 11 2023 /usr/share/webapps/apcupsd/upsstats.cgi

A test on a page with a call to the script causes the script to be downloaded rather than executed.

The logs indicate that the script is read, but not interpreted.

024-05-20 17:27:04: (../src/response.c.297) -- parsed Request-URI
2024-05-20 17:27:04: (../src/response.c.299) Request-URI     : /upsstats.html
2024-05-20 17:27:04: (../src/response.c.301) URI-scheme      : http
2024-05-20 17:27:04: (../src/response.c.303) URI-authority   : 172.20.0.2
2024-05-20 17:27:04: (../src/response.c.305) URI-path (clean): /upsstats.html
2024-05-20 17:27:04: (../src/response.c.307) URI-query       : 
2024-05-20 17:27:04: (../src/response.c.386) -- logical -> physical
2024-05-20 17:27:04: (../src/response.c.388) Doc-Root     : /var/www/nut/
2024-05-20 17:27:04: (../src/response.c.390) Basedir      : /var/www/nut/
2024-05-20 17:27:04: (../src/response.c.392) Rel-Path     : /upsstats.html
2024-05-20 17:27:04: (../src/response.c.394) Path         : /var/www/nut/upsstats.html
2024-05-20 17:27:04: (../src/response.c.406) -- handling subrequest
2024-05-20 17:27:04: (../src/response.c.408) Path         : /var/www/nut/upsstats.html
2024-05-20 17:27:04: (../src/response.c.410) URI          : /upsstats.html
2024-05-20 17:27:04: (../src/response.c.412) Pathinfo     : 

The script appears to be an elf executable !!!!

file /usr/share/webapps/apcupsd/upsstats.cgi
/usr/share/webapps/apcupsd/upsstats.cgi: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-musl-x86_64.so.1, stripped

How can I get ligthttpd to interpret (or execute) it?
My configuration files are here:
https://www.suinot.org/lighttp/lighttpd.conf

If you need more information, don't hesitate to ask. i've been looking for several days.

thanks for your help.


Replies (5)

RE: CGI script not interpreted. - Added by gstrauss 5 months ago

The include keyword in the configuration file includes a file.

Please carefully read How to get support and also the documentation for mod_cgi

RE: CGI script not interpreted. - Added by rsuinux 5 months ago

Hello
Sorry for my inattention.Here is the return of the commands that I should have given first.
Really sorry for my oversight.
I read the mod_cgi documentation a little more intensively. I'll see if I can do it.

# lighttpd -tt -f /etc/lighttpd/lighttpd.conf
# lighttpd -p -f /etc/lighttpd/lighttpd.conf
config {
    var.CWD                        = "/var/www" 
    var.PID                        = 68
    var.logs                       = "/var/log/lighttpd/" 
    var.documents_root             = "/var/www/nut/" 
    var.conf_dir                   = "/etc/lighttpd/conf.d/" 
    var.socket_dir                 = "/var/www/socket/" 
    server.pid-file                = "/run/lighttpd.pid" 
    server.username                = "lighttpd" 
    server.groupname               = "lighttpd" 
    server.port                    = 80
    server.feature-flags           = (
        "server.graceful-shutdown-timeout" => 5,
    )
    server.document-root           = "/var/www/nut/" 
    debug.log-request-handling     = "enable" 
    server.max-read-idle           = 60
    accesslog.format               = "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" 
    server.errorlog                = "/var/log/lighttpd/error.log" 
    accesslog.filename             = "/var/log/lighttpd/access.log" 
    server.event-handler           = "epoll" 
    server.listen-backlog          = 128
    server.stat-cache-engine       = "simple" 
    server.max-keep-alive-idle     = 5
    server.max-connections         = 256
    server.max-keep-alive-requests = 10
    server.max-request-size        = 256
    cgi.assign                     = (
        ".pl"  => "/usr/bin/perl",
        ".cgi" => "",
        ".rb"  => "/usr/bin/ruby",
        ".erb" => "/usr/bin/eruby",
        ".py"  => "/usr/bin/python",
    )
    fastcgi.server                 = (
        ".php" => (
            "php-local" => (
                "socket"                => "/tmp/lighttpd/php.socket",
                "bin-path"              => "/usr/bin/php-cgi82",
                "max-procs"             => 1,
                "broken-scriptfilename" => "enable",
                "bin-environment"       => (
                    "PHP_FCGI_CHILDREN"     => "4",
                    "PHP_FCGI_MAX_REQUESTS" => "10000",
                ),
                "bin-copy-environment"  => ("PATH", "SHELL", "USER"),
            ),
        ),
    )
    server.modules                 = (
        "mod_accesslog",
        "mod_cgi",
        "mod_fastcgi",
        "mod_compress",
        "mod_expire",
        "mod_access",
        "mod_rewrite",
        "mod_alias",
    )
    mimetype.assign                = (
 mimetype.assign             = (
  ".svg"          =>      "image/svg+xml",
  ".svgz"         =>      "image/svg+xml",
  ".pdf"          =>      "application/pdf",
  ".sig"          =>      "application/pgp-signature",
  ".spl"          =>      "application/futuresplash",
  ".class"        =>      "application/octet-stream",
  ".ps"           =>      "application/postscript",
  ".torrent"      =>      "application/x-bittorrent",
  ".dvi"          =>      "application/x-dvi",
  ".gz"           =>      "application/x-gzip",
  ".pac"          =>      "application/x-ns-proxy-autoconfig",
  ".swf"          =>      "application/x-shockwave-flash",
  ".tar.gz"       =>      "application/x-tgz",
  ".tgz"          =>      "application/x-tgz",
  ".tar"          =>      "application/x-tar",
  ".zip"          =>      "application/zip",
  ".dmg"          =>      "application/x-apple-diskimage",
  ".mp3"          =>      "audio/mpeg",
  ".m3u"          =>      "audio/x-mpegurl",
  ".wma"          =>      "audio/x-ms-wma",
  ".wax"          =>      "audio/x-ms-wax",
  ".ogg"          =>      "application/ogg",
  ".wav"          =>      "audio/x-wav",
  ".gif"          =>      "image/gif",
  ".jpg"          =>      "image/jpeg",
  ".jpeg"         =>      "image/jpeg",
  ".png"          =>      "image/png",
  ".xbm"          =>      "image/x-xbitmap",
  ".xpm"          =>      "image/x-xpixmap",
  ".xwd"          =>      "image/x-xwindowdump",
  ".css"          =>      "text/css",
  ".html"         =>      "text/html",
  ".htm"          =>      "text/html",
  ".js"           =>      "text/javascript",
  ".asc"          =>      "text/plain",
  ".c"            =>      "text/plain",
  ".h"            =>      "text/plain",
  ".cc"           =>      "text/plain",
   ".cpp"          =>      "text/plain",
  ".hh"           =>      "text/plain",
  ".hpp"          =>      "text/plain",
  ".conf"         =>      "text/plain",
  ".log"          =>      "text/plain",
  ".text"         =>      "text/plain",
  ".txt"          =>      "text/plain",
  ".diff"         =>      "text/plain",
  ".patch"        =>      "text/plain",
  ".ebuild"       =>      "text/plain",
  ".eclass"       =>      "text/plain",
  ".rtf"          =>      "application/rtf",
  ".bmp"          =>      "image/bmp",
  ".tif"          =>      "image/tiff",
  ".tiff"         =>      "image/tiff",
  ".ico"          =>      "image/x-icon",
  ".dtd"          =>      "text/xml",
  ".xml"          =>      "text/xml",
  ".mpeg"         =>      "video/mpeg",
  ".mpg"          =>      "video/mpeg",
  ".mov"          =>      "video/quicktime",
  ".qt"           =>      "video/quicktime",
  ".avi"          =>      "video/x-msvideo",
  ".asf"          =>      "video/x-ms-asf",
  ".asx"          =>      "video/x-ms-asf",
  ".wmv"          =>      "video/x-ms-wmv",
  ".bz2"          =>      "application/x-bzip",
  ".tbz"          =>      "application/x-bzip-compressed-tar",
  ".tar.bz2"      =>      "application/x-bzip-compressed-tar" 
    )
    index-file.names               = ("index.xhtml", "index.html", "index.htm", "default.htm", "index.php")
    url.rewrite                    = (
        "^(/|index.html)?$" => "/upsstats.html",
    )
    alias.url                      = (
        "/cgi-bin/nut/" => "/usr/share/webapps/apcupsd/",
    )
    server.follow-symlink          = "disable" 

    if $HTTP["url"] =~ "/(\.|_)ht" {
        # block 1
        url.access-deny = ("")

    } # end of $HTTP["url"] =~ "/(\.|_)ht" 

    if $HTTP["url"] =~ "^/(bin|data|inc|conf)/" {
        # block 2
        url.access-deny = ("")

    } # end of $HTTP["url"] =~ "^/(bin|data|inc|conf)/" 
}

RE: CGI script not interpreted. - Added by gstrauss 5 months ago

The logs indicate that the script is read, but not interpreted.

You've shared no details related to this. You shared the request to /upsstats.html in your initial post, but nothing further.

A test on a page with a call to the script causes the script to be downloaded rather than executed.

I am not clairvoyant. I do not read minds and I don't run your specific application (nut). BE SPECIFIC, not vague. What is the script requesting? /cgi-bin/nut/upsstats.cgi ? Do you see that in your access log? (or in the error log with DebugVariables enabled?) I don't see that in any of the information your shared.

strace of the lighttpd executable while making the request might add some information useful to debugging.


This repetition looks like a typo or mistake with cut-n-paste.

    mimetype.assign                = (
 mimetype.assign             = (

Does lighttpd -tt -f /etc/lighttpd/lighttpd.conf in your container exit 0 ($? == 0 for success) and produce no output/warnings?

If you're running lighttpd 1.4.76 (which you indicated), you can use lighttpd built-in default values for mimetype.assign by commenting out or removing that from your config.

RE: CGI script not interpreted. - Added by rsuinux 5 months ago

Thank you for your answers.

    mimetype.assign                = (
 mimetype.assign             = (

Yes, it's error for cut-n-past.
lighttpd -tt -f /etc/lighttpd/lighttpd.conf returns no errors or responses ($? = 0, yes). And
# lighttpd -t -f /etc/lighttpd/lighttpd.conf
Syntax OK

I have attached a screenshot of part of the html page.
Or we see that the cgi file is not interpreted. I'm in a vnc client, I can only take screenshots, sorry.

But I just did a test:
If I create a directory /var/www/nut/cgi/ and place hello.cgi in it, everything works.
If I copy to hello.cgi in /usr/share/webapps/apcupsd/ or in /usr/share/webapps/apcupsd/cgi/ the file is no longer found.

Cgi files are not in a xxx/cgi/ tree
And on the html page, the file is just called like this:

@TEMPC@
@UPSSTATSPATH upsstats.cgi@
@UPSIMAGEPATH upsimage.cgi@

No previous path upsstats.cgi .

So I need to manage this with the aliases, but I don't see how.

Thank you so much

Sans titre.png (16 KB) Sans titre.png interpretation_cgi.png

RE: CGI script not interpreted. - Added by gstrauss 5 months ago

You shared this

    alias.url                      = (
        "/cgi-bin/nut/" => "/usr/share/webapps/apcupsd/",
    )

and you still have not answered my direct and precise question other than "no":

BE SPECIFIC, not vague. What is the script requesting? /cgi-bin/nut/upsstats.cgi ? Do you see that in your access log? (or in the error log with DebugVariables enabled?) I don't see that in any of the information your shared.

@TEMPC@
@UPSSTATSPATH upsstats.cgi@
@UPSIMAGEPATH upsimage.cgi@

If you think that is SPECIFIC instead of vague, then I guess I am unable to help you further. You should look at what the javascript in the HTML is requesting.

It seems that you should also practice using a search engine. This was my first hit when I put in some basic search terms: "nut" and "lighttpd":
https://thesoloadmin.com/monitoring-your-ups-with-nut/

    (1-5/5)