[FASTCGI] A new newbie -> use a pure socket for communictaion
Rob Lemley
rclemley at booksys.com
Wed Sep 9 14:22:49 EDT 2009
You should try to create the unix domain socket with wide-open
permissions initially. Even though lighttpd may be started as root I
would guess that it works like apache and does a setuid to a different
user before going into web serving mode (try "ps axu | grep light" to
see the User ID (uid) of the light process).
I have solved this with FCGI by calling the unix "umask()" system call
before calling FCGX_OpenSocket(). I recommend a simple exception-safe
smart wrapper around the umask() system call to save and restore the
processes file creation mask value after calling FCGX_OpenSocket(). You
may need to manually remove previously created domain sockets until you
get the permissions correct.
Try something like this:
...
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h> //perror()
...
class scoped_umask {
public:
~scoped_umask() { ::umask(m_saved_mask); }
scoped_umask(::mode_t temporary_mask) :
m_saved_mask(::umask(temporary_mask)) {}
private:
::mode_t m_saved_mask;
};
...
{
scoped_umask saved_umask(0);
int listen_socket = FCGX_OpenSocket(port.c_str(),
listenQueueBacklog);
if (listen_socket < 0) {
perror("FCGX_OpenSocket failed");
exit(1);
}
}
...
Also I would recommend printing out at least the error codes, and error
strings if possible, to help diagnose problems.
Here's a simple small main program to that you can play with to see how
umask(2) works. You can play with the saved_umask temporary umask value
and the open() mode parameter:
...
#include <fctnl.h>
...
int
main()
{
scoped_umask saved_umask(0);
int fd = ::open("/tmp/UMASKTEST", O_RDWR | O_CREAT, 0666);
if (fd < 0) {
::perror("open failed");
return 1;
}
return 0;
}
fastcgi-developers-request at mailman.pins.net wrote:
> Date: Tue, 08 Sep 2009 22:46:28 +0200
> From: Maurus Frey <m.frey at avelon-cetex.com>
> Subject: [FASTCGI] A new newbie -> use a pure socket for communictaion
> To: fastcgi-developers at mailman.fastcgi.com
> Message-ID: <4AA6C2A4.1040209 at avelon-cetex.com>
> Content-Type: text/plain; charset=ISO-8859-15
>
> Hi,
>
> I try to connect a C++ application on a embedded device to the web
> through fastcgi.
>
> For the first test I reused the code by E. Bareev already published on
> this list during August. (Thanks)
>
> Instead of using a port, I want to use a unix Socket.
> ...........code............
> #include <string>
> #include "fcgi_stdio.h"
> #include <stdlib.h>
> #include <iostream>
>
> void handle(FCGX_Request request){
> FCGX_FPrintF(request.out,
> "Content-type:text/html\r\n\r\n<TITLE>fastcgi</TITLE>\n<H1>Fastcgi:
> Hello world!</H1>\n");
> }
>
> int main(int argc, char* const argv[] )
> {
> std::string port = "/var/run/fastcgitest.socket";
> int listenQueueBacklog = 400;
> FCGX_Stream *in, *out, *err;
> FCGX_ParamArray envp;
>
> if(FCGX_Init()) exit(1);
>
> int listen_socket = FCGX_OpenSocket(port.c_str(), listenQueueBacklog);
> if(listen_socket < 0) exit(1);
>
> FCGX_Request request;
> if(FCGX_InitRequest(&request, listen_socket, 0)) exit(1);
>
> int reqCounter = 0;
> while(FCGX_Accept_r(&request) == 0)
> {
> handle(request);
> reqCounter++;
> FCGX_FPrintF(request.out, "\n\r\n\r counter: %d", reqCounter);
> FCGX_Finish_r(&request);
> }
> return 0;
> }
> ...........code............
>
> I got a 500 internal Server Error. Since this is my first fastcgi
> project using a socket, I don't really know the problem.
>
> The lighttpd.error log says:
> 2009-09-08 22:34:45: (mod_fastcgi.c.1761) connect failed: Permission
> denied on unix:/var/run/lighttpd/fastcgitest.socket
> 2009-09-08 22:34:45: (mod_fastcgi.c.2930) backend died; we'll disable it
> for 5 seconds and send the request to another backend instead:
> reconnects: 0 load: 1
> 2009-09-08 22:34:51: (mod_fastcgi.c.2743) fcgi-server re-enabled:
> unix:/var/run/lighttpd/fastcgitest.socket
>
> The lighttpd.conf looks like this:
> fastcgi.debug = 1
> fastcgi.server = (
> "/test.fcgi" =>
> ((
> "socket" => "/var/run/lighttpd/fastcgitest.socket",
> "check-local" => "disable"
> ))
> )
>
> If I start the fcgi-app the socket file
> (/var/run/lighttpd/fastcgitest.socket) will be created.
> The access rights are: srwxr-xr-x 1 root root 0 2009-09-08 22:34
> fastcgitest.socket
>
> Lighttpd runs as root, it should be able to access the socket.
>
> What could be the problem?
>
> Thanks for your support.
>
> Maurus
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 09 Sep 2009 09:13:21 +0200
> From: "M. Frey" <m.frey at avelon-cetex.com>
> Subject: Re: [FASTCGI] A new newbie -> use a pure socket for
> communictaion
> To: Jay Sprenkle <jsprenkle at gmail.com>
> Cc: fastcgi-developers at mailman.fastcgi.com
> Message-ID: <4AA75591.707 at avelon-cetex.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Hi Jay
>
> Thanks for your answer. And Yes, I'm working on Linux. So any Windows
> limitations don't affect.
>
> Let me state more precisely: In the code fragment I wrote the wrong
> socket path. Of course the socket path is similar to the one specified
> in lighttpd.conf -> /var/run/lighttpd/fastcgitest.socket
>
> It still doesn't work. And lighttpd returns "connect failed: Permission
> denied"
>
> Am I completely wrong trying to realize a socket connection using
> "fcgi_stdio.h"? Or do I have to use the "fcgio.h" header to achieve this?
>
> Thanks for any suggestions.
>
> Maurus
>
>
>
> Jay Sprenkle schrieb:
>
>> A socket is the method of communications. A port is the part of that.
>> It's the 'number' assigned to a tcp connection implemented using sockets.
>>
>> The method defined in the fast cgiwhite paper to use tcp connections
>> using passed file handles as sockets for communications will not work
>> with newer versions of windows. You're not on windows are you?
>>
>>
>> On Tue, Sep 8, 2009 at 3:46 PM, Maurus Frey <m.frey at avelon-cetex.com
>> <mailto:m.frey at avelon-cetex.com>> wrote:
>>
>> Hi,
>>
>> I try to connect a C++ application on a embedded device to the web
>> through fastcgi.
>>
>> For the first test I reused the code by E. Bareev already published on
>> this list during August. (Thanks)
>>
>> Instead of using a port, I want to use a unix Socket.
>> ...........code............
>> #include <string>
>> #include "fcgi_stdio.h"
>> #include <stdlib.h>
>> #include <iostream>
>>
>> void handle(FCGX_Request request){
>> FCGX_FPrintF(request.out,
>> "Content-type:text/html\r\n\r\n<TITLE>fastcgi</TITLE>\n<H1>Fastcgi:
>> Hello world!</H1>\n");
>> }
>>
>> int main(int argc, char* const argv[] )
>> {
>> std::string port = "/var/run/fastcgitest.socket";
>> int listenQueueBacklog = 400;
>> FCGX_Stream *in, *out, *err;
>> FCGX_ParamArray envp;
>>
>> if(FCGX_Init()) exit(1);
>>
>> int listen_socket = FCGX_OpenSocket(port.c_str(),
>> listenQueueBacklog);
>> if(listen_socket < 0) exit(1);
>>
>> FCGX_Request request;
>> if(FCGX_InitRequest(&request, listen_socket, 0)) exit(1);
>>
>> int reqCounter = 0;
>> while(FCGX_Accept_r(&request) == 0)
>> {
>> handle(request);
>> reqCounter++;
>> FCGX_FPrintF(request.out, "\n\r\n\r counter: %d", reqCounter);
>> FCGX_Finish_r(&request);
>> }
>> return 0;
>> }
>> ...........code............
>>
>> I got a 500 internal Server Error. Since this is my first fastcgi
>> project using a socket, I don't really know the problem.
>>
>> The lighttpd.error log says:
>> 2009-09-08 22:34:45: (mod_fastcgi.c.1761) connect failed: Permission
>> denied on unix:/var/run/lighttpd/fastcgitest.socket
>> 2009-09-08 22:34:45: (mod_fastcgi.c.2930) backend died; we'll disable it
>> for 5 seconds and send the request to another backend instead:
>> reconnects: 0 load: 1
>> 2009-09-08 22:34:51: (mod_fastcgi.c.2743) fcgi-server re-enabled:
>> unix:/var/run/lighttpd/fastcgitest.socket
>>
>> The lighttpd.conf looks like this:
>> fastcgi.debug = 1
>> fastcgi.server = (
>> "/test.fcgi" =>
>> ((
>> "socket" => "/var/run/lighttpd/fastcgitest.socket",
>> "check-local" => "disable"
>> ))
>> )
>>
>> If I start the fcgi-app the socket file
>> (/var/run/lighttpd/fastcgitest.socket) will be created.
>> The access rights are: srwxr-xr-x 1 root root 0 2009-09-08 22:34
>> fastcgitest.socket
>>
>> Lighttpd runs as root, it should be able to access the socket.
>>
>> What could be the problem?
>>
>> Thanks for your support.
>>
>> Maurus
>> _______________________________________________
>> FastCGI-developers mailing list
>> FastCGI-developers at mailman.fastcgi.com
>> <mailto:FastCGI-developers at mailman.fastcgi.com>
>> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-developers
>>
>>
>>
>>
>> --
>> Cause united breaks guitars
>> http://www.youtube.com/watch?v=5YGc4zOqozo
>>
>>
>
>
> ------------------------------
>
> _______________________________________________
> FastCGI-developers mailing list
> FastCGI-developers at mailman.fastcgi.com
> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-developers
>
>
> End of FastCGI-developers Digest, Vol 14, Issue 7
> *************************************************
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.pins.net/mailman/private.cgi/fastcgi-developers/attachments/20090909/80a2de08/attachment.html>
More information about the FastCGI-developers
mailing list