httpd through cron

httpd through cron

Post by James L F » Sun, 14 Jul 1996 04:00:00



I posted the article below in what I think are the most appropriate groups
but haven't received a reply yet. Thought I'd try here too.  BTW, [with
your help] I have FreeBSD running Apache on a GW-2000 which runs great.
The reason for the madness below is because my management wants to take
adavantage of the reliability from conditioned power, and daily backups
of our university's computer services.  Unfortunately, they aren't set
up yet to allow individual user access to /cgi-bin/.  Thus, the madness!

------------------------------------
Newsgroups: comp.infosystems.www.servers.unix,
            comp.infosystems.www.authoring.cgi
Subject: Launching httpd from cron

I'm trying to launch CERN httpd from cron under SunOs using AFS
(Andrew File System). I am a "mere mortal" user on an administered
system with no root or /cgi-bin/ access.

I'm using a PORT# in the 7000 range.

My httpd.config file has full paths for everything and declares nobody
and nogroup.  If I launch the following file from the foreground of a
login shell thusly...

(prompt)> nohup startup.httpd &

---------startup.httpd----------
/afs/pitt.edu/usrx/username/full/path/httpd -r
                    /afs/pitt.edu/usrx/username/full/path/httpd.config
---------end of startup.httpd-------

...the server functions properly (at least as far as I can tell.)
My access, error logs and .pid file are created and written to and my
cgi is executable in MY /cgi-bin/ directory. File WRITES are also
accomplished by the cgi executables successfully according to permissions.

The system is rebooted nightly and I'm tired of logging in to relaunch
httpd every morning (1:30am!)  So,,

(prompt)> crontab -l
40 1 * * * /afs/pitt.edu/usrx/username/full/path/start.httpd

------start.httpd---------
#! /bin/sh              /* SHOULD THIS BE HERE IN THIS CONTEXT? */
#
umask 022               /* BTW, if all this .profile stuff is removed, */
MESSAGES=off            /* nothing changes  */
. /afs/pitt.edu/common/etc/profile.global
#
TTT=`ps -auxw | grep "httpd" | grep -v "grep" | grep "username"`
#
#  httpd already running?  /* Sometimes the system is NOT taken down */
if test -z "$TTT" ; then
        /afs/pitt.edu/usrx/username/full/path/httpd
                    -r /afs/pitt.edu/usrx/username/full/path/httpd.config
fi
-------end of start.httpd----------

The server gets started ok but it appears to NOT to have inherited
the file access permissions of its parent, "username". httpd
apparently can't create(write privilege) the access and error logs
and the cgi executables have no write access.  I suspect that
if I made the whole account's file system writable by the world, it
might work!

These are my thoughts and things I've tried...
  1.  The problem might have to do with the "nobody" concept.
  2.  I tried a run substituting "username" for "nobody" in
      httpd.config - no difference
  3.  If cron is using the setuid function of unix it may
      be a problem with AFS.
  4.  I copied /usr/pitt/etc/httpd to /usr/var/tmp/httpd and did
      "chmod 4755 /usr/var/tmp/httpd", modified start.httpd above
      and kicked cron again. - no difference
  5.  "man crontab" tells me programs will run as the launcher -
      What is going on here???
  6.  Is httpd just doing things that make it only approriately
      launched through cron BY root?
  7.  Am I going to just have to acquire a unix box and set up and
      administer my own web server after all??

In summary --- launch from the foreground; no problems
               launch from cron; file access permission problems

Thanks for any insights,
--Jim Fox
p.s. Thanks to the responders to my previous posts that helped me
     get this far!

 
 
 

httpd through cron

Post by Terry Lamber » Tue, 16 Jul 1996 04:00:00


] ---------
] Note:
] I know this group is FreeBSD and not SunOs or CERN but I also
] know that many posters/readers here are running web servers,
] understand cron, and might want to try to do what I'm doing
] with Apache on FreeBSD.
] ---------
]
] Here I am again, the only responder to my own post!
] I included all the dirty details of my problem after reading the
] criticisms here of people who ask questions without sufficient
] background information.  Apparently I overdid it!  Here's a
] stripped down version of my question...  If you need more details,
] please refer back to the article referenced by this one.

It needs a /dev/tty, which it can't get if it is run by cron.

Instead, you should start it from /etc/rc.local, if you are
worried about it following a reboot.

If you are worried about it crashing and restarting, you can do
that using a "restart" script to watchdog it; something like:

#!/bin/sh
#
while true
do
        echo "starting httpd" > /dev/console
        httpd&      # or whatever...
done
# not reached

                                        Terry Lambert

---
Any opinions in this posting are my own and not those of my present
or previous employers.

 
 
 

httpd through cron

Post by J Wuns » Tue, 16 Jul 1996 04:00:00



Quote:> My problem is that I  want httpd to be lauched from cron so I
> don't have to keep logging in and manually kicking it every time
> the system is rebooted after maintenance. I've studied cron and
> crontab documentation and now am able to get httpd to run when
> I want it to under cron.  HOWEVER.....

cron might actually have a stripped-down environment only.  It's
possible that things like ${USER} or ${HOME} are not set (or set to
the environment of the user root).  If this is your problem, put it
into a wrapper script that defines the required part of the
environment.

Would it work if you start it using at(1)?  at inherits most (if not
all) of the current environment.

--
cheers, J"org


Never trust an operating system you don't have sources for. ;-)

 
 
 

httpd through cron

Post by Faried Nawa » Tue, 16 Jul 1996 04:00:00



   These are my thoughts and things I've tried...
     1.  The problem might have to do with the "nobody" concept.
     2.  I tried a run substituting "username" for "nobody" in
         httpd.config - no difference

This will only work if the server is started as (by) root; I don't believe
you can (as a normal user) set your uid to nobody.

     3.  If cron is using the setuid function of unix it may
         be a problem with AFS.

Could be...I've never used AFS.

     4.  I copied /usr/pitt/etc/httpd to /usr/var/tmp/httpd and did
         "chmod 4755 /usr/var/tmp/httpd", modified start.httpd above
         and kicked cron again. - no difference
     5.  "man crontab" tells me programs will run as the launcher -
         What is going on here???

Write a cron job that gives you the output of `id' and/or of any other
Unix/AFS commands that show exactly whom the system thinks you are.
Compare the output with what the commands say when you run them interactively.

     6.  Is httpd just doing things that make it only approriately
         launched through cron BY root?

I restart an httpd via cron; I don't believe httpd needs to be
started via cron by root only.  However, I am using FreeBSD.

     7.  Am I going to just have to acquire a unix box and set up and
         administer my own web server after all??

This should not be necessary.

What happens if you start it some time later (say, 2:30)?

Can you ktrace/strace the executable while launching from a shell and from
cron, and compare the resulting traces?

Do the cron logs say anything about the jobs?

faried.

 
 
 

httpd through cron

Post by Ken Bigelo » Tue, 16 Jul 1996 04:00:00



> ---------
> Note:
> I know this group is FreeBSD and not SunOs or CERN but I also
> know that many posters/readers here are running web servers,
> understand cron, and might want to try to do what I'm doing
> with Apache on FreeBSD.
> ---------

You have me confused on a number of points. First, above you specify the
apache httpd server. Below, you indicate CERN. They're not the same, so
which is it? If apache, it is arranged to start from /etc/sysconfig, and
does quite well that way.

Quote:

> Here I am again, the only responder to my own post!
> I included all the dirty details of my problem after reading the
> criticisms here of people who ask questions without sufficient
> background information.  Apparently I overdid it!  Here's a
> stripped down version of my question...  If you need more details,
> please refer back to the article referenced by this one.

> I can run the CERN httpd executable from the foreground of a login
> to an unprivileged account on a Sun4 under SunOs 4.1.3.  I call httpd
> with nohup and terminate the command with "&".  I use a port #
> in the 7000 range and when I log out I leave behind what appears
> to be a well behaved web server with MY OWN /cgi-bin/ directory!

Is there a reason for 7000? HTTP runs on port 80 normally.

Quote:

> My problem is that I  want httpd to be lauched from cron so I
> don't have to keep logging in and manually kicking it every time
> the system is rebooted after maintenance. I've studied cron and
> crontab documentation and now am able to get httpd to run when
> I want it to under cron.  HOWEVER.....

I'd suggest you start it from /etc/rc.local instead. That way it starts
each time you reboot, automatically.

Quote:> The server gets started ok but it appears NOT to have inherited
> the file access permissions of my account.  I suspect that if I made
> the whole account's file system writable by the world, it might work!

You don't want that! However, perhaps you can write a brief shell script
to be run from /etc/rc.local, which will first launch the server, then
wait for the launcher to drop from the process list, and then execute
chmod and/or chown on appropriate files. That's the way I had to do it
with my daughter's MUX program on my auxiliary server. I'm sure there's a
better way to auto-start a user's program with the user's permissions at
bootup, but I haven't found it yet. In the meantime, this at least works.

Quote:

> The man pages tell me the image should run as the launcher. ???
> I don't think it's a path problem; I define the path and files
> seem to be read ok.

> >In summary --- launch from the foreground; no problems
> >               launch from cron; file access permission problems

I hope this helps!
--

Ken

Are you interested in   |
byte-sized education    |   http://www.play-hookey.com
over the Internet?      |

 
 
 

httpd through cron

Post by James L F » Wed, 17 Jul 1996 04:00:00




Quote:

>---------
>Note:
>I know this group is FreeBSD and not SunOs or CERN but I also
>know that many posters/readers here are running web servers,
>understand cron, and might want to try to do what I'm doing
>with Apache on FreeBSD.
>---------

Some were confused by my mention of Apache in this context.
Although I am having problems launching CERN httpd, I thought
those in this group were more likely to be using Apache but
still might want to do what I'm trying.

----------------------------
I have been running tests and I think the problem is more
fundamental to at and crontab here at my installation.

A trivial shell script that copies a file from one place to
another in a test directory works as expected from the
foreground but will not work from crontab or at unless I
make the directory writeable to the world!  And then, the
file thus created shows an owner "32766".

I'm posting to a local unix group here and writing to the
unix keepers as well.  However, if someone here knows what
they have done to crontab and at, feel free!!

--Thanks,
--Jim Fox

 
 
 

httpd through cron

Post by J Wuns » Wed, 17 Jul 1996 04:00:00



> It needs a /dev/tty, which it can't get if it is run by cron.

Why does an HTTPD need /dev/tty?

--
cheers, J"org


Never trust an operating system you don't have sources for. ;-)

 
 
 

httpd through cron

Post by J Wuns » Wed, 17 Jul 1996 04:00:00



> Is there a reason for 7000? HTTP runs on port 80 normally.

Privileged port, cannot be run by a non-priveleged user.

Quote:> I'd suggest you start it from /etc/rc.local instead. That way it starts
> each time you reboot, automatically.

Needs root permission either.

:-)

It looks to me that the originator is not the sys admin on this
machine, but wants to launch a private HTTPD.

--
cheers, J"org


Never trust an operating system you don't have sources for. ;-)

 
 
 

httpd through cron

Post by James L F » Thu, 18 Jul 1996 04:00:00



< Newsgroups: comp.unix.bsd.freebsd.misc
< Subject: Re: httpd through cron
< Date: 16 Jul 1996 11:13:15 GMT
<

<
< > Is there a reason for 7000? HTTP runs on port 80 normally.
<
< Privileged port, cannot be run by a non-priveleged user.
<
< > I'd suggest you start it from /etc/rc.local instead. That way it starts
< > each time you reboot, automatically.
<
<>  Needs root permission either.
<
< :-)
<
< It looks to me that the originator is not the sys admin on this
<>  machine, but wants to launch a private HTTPD.
<
< --
< cheers, J"org
<
You got it right J"org!

BTW, the problem is AFS!  You really can run an httpd server from an
unprivileged account but if your site distributes files with AFS
requiring Kerberos authentication you're in trouble when cron restarts
your job. It runs, but with no permissions.  There might be a workaround
which I will post if successful.

--Jim Fox

 
 
 

httpd through cron

Post by Ken Bigelo » Thu, 18 Jul 1996 04:00:00





> >---------
> >Note:
> >I know this group is FreeBSD and not SunOs or CERN but I also
> >know that many posters/readers here are running web servers,
> >understand cron, and might want to try to do what I'm doing
> >with Apache on FreeBSD.
> >---------

> Some were confused by my mention of Apache in this context.
> Although I am having problems launching CERN httpd, I thought
> those in this group were more likely to be using Apache but
> still might want to do what I'm trying.

> ----------------------------
> I have been running tests and I think the problem is more
> fundamental to at and crontab here at my installation.

> A trivial shell script that copies a file from one place to
> another in a test directory works as expected from the
> foreground but will not work from crontab or at unless I
> make the directory writeable to the world!  And then, the
> file thus created shows an owner "32766".

I suspect a more fundamental problem here. Make sure that the directory,
the files to be copied & copied to, and the entry in crontab all have the
same owner. I've encoutered some really odd problems that were caused by
owner conflicts, especially when one was root.
--

Ken

Are you interested in   |
byte-sized education    |   http://www.play-hookey.com
over the Internet?      |

 
 
 

httpd through cron

Post by Brian Some » Fri, 19 Jul 1996 04:00:00



: > It needs a /dev/tty, which it can't get if it is run by cron.

: Why does an HTTPD need /dev/tty?

Why is there a line saying MESSAGES=OFF in the crontab script.

I put 'mesg y' into /etc/profile once and took weeks to figure out
why loads of cron jobs (ones that source /etc/profile) broke.  Maybe
there are further scripts involved ?  But I agree, httpd *shouldn't*
need /dev/tty.

--

Don't _EVER_ lose your sense of humour....

 
 
 

httpd through cron

Post by Brian Some » Fri, 19 Jul 1996 04:00:00



: I have been running tests and I think the problem is more
: fundamental to at and crontab here at my installation.

: A trivial shell script that copies a file from one place to
: another in a test directory works as expected from the
: foreground but will not work from crontab or at unless I
: make the directory writeable to the world!  And then, the
: file thus created shows an owner "32766".

What does your 'crontab -l' say ?

If I set up the following:
22 * * * * rm -f /tmp/Crontest; touch /tmp/Crontest

and crontab it, it gives me a file owned by the user that 'crontab'd
the above.  The only thing I can suspect is that your administrator
has spawned crontab as user nobody....

: I'm posting to a local unix group here and writing to the
: unix keepers as well.  However, if someone here knows what
: they have done to crontab and at, feel free!!

Try something like
22 * * * * id

and see if it thinks it's the right id.

--

Don't _EVER_ lose your sense of humour....

 
 
 

httpd through cron

Post by James L F » Sun, 21 Jul 1996 04:00:00




<
<
<What does your 'crontab -l' say ?
<
<If I set up the following:
<22 * * * * rm -f /tmp/Crontest; touch /tmp/Crontest
<

The problem turned out to be a complication of the AFS kerberos
authenticated distributed filesystem that we use. Cron dutifully
starts up your job but AFS says "no ticket -- no writing!"