in reply to Re: I need a user just for Perl script run from web browsers in thread I need a user just for Perl script run from web browsers
That's my problem, I am Johnny1, and I am then admin. An admin with very little experience in this field. Who set this server up with that name, Johnny1.
So while I can create users, and make directories have passwords, etc. etc. it seems when I created Sally1, that user didn't have everything needed. Even though I made Sally1 part of www-data, added her to the sudo group, etc. etc.
I even tried making all the paths that the perl scripts would write to owned by Sally1, etc. etc.
And even with all that, when I set the enviers file so that Perl scripts are run by Sally1, those scripts the need to write to specific paths, fail at that line, even when Sally1 is listen as the owner.
Re^3: I need a user just for Perl script run from web browsers
by haj (Vicar) on May 01, 2022 at 22:02 UTC
|
I guess your lack of experience makes it difficult for you to find reasonable steps to narrow down the error. So let me take some shots into the blue...
- The group www-data seems to point to an Debian or Ubuntu system. Correct? This matters because different systems have different configuration defaults.
- ...those scripts the need to write to specific paths... Does it happen only for some paths? What are the permissions for these paths? Even the owner can't write files without a write permission!
- Can the Perl scripts write to /tmp? If yes: What are the ownership and permissions of the files created by the script?
- Can you login as Sally1 and write to said specific paths or does that fail, too? (NERDVANA suggested a similar approach)
- Have you inspected your web server's error log? Are there warnings or errors regarding your scripts or about your configuration?
- Do you have AppArmor or SeLinux policies in place? (Admittedly that's pretty far-fetched, but those could cause such behaviour)
| [reply] [d/l] [select] |
|
Problem solved!
Someone's comment made me think differently, yes I made sure to check their ++ button, and others who also gave me ideas,
I logged in command line as Sally1 and tried:
ls -trl > text.txt
And that's when went back to checking group permissions for www-data, of which Sally1 was already part of.
Then I realized that when I went to change the group's permission I was leaving out the g+
I realize for security reasons such a "thing" doesn't exist, but it would be great if you could copy one user's permissions to another in one fell swoop.
| [reply] [d/l] |
|