httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bennett Haselton <>
Subject Re: [users@httpd] how to enable CGI scripts to read /var/log/httpd/access_log ?
Date Mon, 11 Feb 2008 22:19:43 GMT
At 02:14 PM 2/11/2008 -0500, Joshua Slive wrote:
>On Feb 11, 2008 1:38 PM, Bennett Haselton <> wrote:
> > I am trying to run a CGI script that can open /var/log/httpd/access_log 
> for
> > reading and parse some data from it.  (This is on a dedicated machine.)
> >
> > The file /var/log/httpd/access_log is owned by root, but that's not the
> > problem.  I have other files owned by root that are in the 
> /var/www/html
> > directory and CGI scripts can read those with no problem (because they 
> are
> > world-*readable*, just like /var/log/httpd/access_log is).  The problem 
> is
> > that apparently CGI scripts cannot open any files for reading that are
> > located outside of /var/www .
>There is no setting in the default apache install that could impose
>that restriction. Are you running SELinux perhaps?

Well I'm running the CentOS 4.4 distro, but according to , SELinux is not actually a distro, so 
not mutually exclusive with CentOS.  So could this machine be running 
SELinux?  How do I tell?  The hosting company set it up for me.

>Have you tried
>"setenforce 0" to see if the issue goes away?

Well, damn.  I do believe that fixed it.  Thanks!

>In general, the most secure way to deal with tasks that are beyond the
>permissions of your apache child processes is to use "sudo". But I bet
>your problem is an OS configuration issue. If the file is
>world-readable, your cgi scripts should be able to read it.

My CGI scripts can read world-readable files when those files are under 
/var/www, just not when the world-readable files are located anywhere else.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message