[FASTCGI] FastCGIExternalServer, path used actually has to exist

Alex Cartwright alexc223 at googlemail.com
Sat Sep 4 13:15:47 EDT 2010


Hum, the FAQ states taht you can do this though as seen on: 
http://www.fastcgi.com/docs/faq.html#FastCGIExternalServer

Or am I reading this wrongly?

On Saturday 04 September 2010 17:09:12 Rob wrote:
> I didn't say this is a bug.  I said I confirmed the behavior.
> 
> It's not clear to me that this is a bug because this behavior
> depends on how apache resolves the URL to an internal
> filename.  I suspect that possibly a "Directory" directive
> in apache on the Alias directory might allow subdirectories
> in the Alias to be accessed as a FastCGIExternalServer path,
> but I can't verify that right now.  Maybe on Tuesday.
> 
> In other words, this may be a normal feature of apache
> to disallow access to files outside the approved namespaces.
> 
> On 09/03/2010 12:50 PM, Alex Cartwright wrote:
> > So is this a bug in fastcgi, or with Apache?
> > 
> > On Friday 03 September 2010 18:03:43 Rob wrote:
> >>   I can confirm that a slash in the FastCgiExternalServer path and
> >> 
> >> corresponding Alias directives does cause the file not found error.
> >> 
> >> It's not clear to me, but it seems the interpretation takes place in
> >> the apache2 aliasing modules.
> >> 
> >> In the working example config below, If I change the
> >> "/myapp.rob.example.com"
> >> 
> >> to "/myapp.rob.example.com/XXX, then  I see the apache2 error.log 
message:
> >>     [error] [client 127.0.1.1] File does not exist:
> >>     /myapp.rob.example.com
> >> 
> >> <VirtualHost *:80>
> >> 
> >>    ServerName rob.example.com
> >>    AliasMatch ^/(.*) /myapp.rob.example.com
> >> 
> >> </VirtualHost>
> >> 
> >> FastCgiExternalServer /myapp.rob.example.com  -socket
> >> /var/run/myapp/sockets/rob.example.com
> >> 
> >> The FastCGI app is written in C++ linking only with libfcgi (no
> >> libcgi++, we wrote our own C++ class wrappers).
> >> 
> >> Ubuntu Lucid
> >> Linux 2.6.32-24-generic-pae #42-Ubuntu SMP i686 GNU/Linux
> >> apache2    2.2.14-5ubuntu8.2
> >> apache2-mpm-worker    2.2.14-5ubuntu8.2
> >> apache2-utils    2.2.14-5ubuntu8.2
> >> apache2.2-bin    2.2.14-5ubuntu8.2
> >> apache2.2-common    2.2.14-5ubuntu8.2
> >> libapache2-mod-fastcgi    2.4.6-1
> >> libfcgi-dev    2.4.0-7.1ubuntu1
> >> libfcgi0ldbl    2.4.0-7.1ubuntu1
> >> 
> >> On 09/03/2010 08:40 AM, Alex Cartwright wrote:
> >>> Sorry, forgot to reply to all instead, here is the message again!
> >>> 
> >>> Ah ok, I've removed the Options line now, thanks for that.
> >>> 
> >>> Apache error log was showing me the following if the directory did not
> > 
> > exist:
> >>>         File does not exist: /home/foobar/fcgi
> >>> 
> >>> and when the file did not exist:
> >>>         File does not exist: /home/foobar/fcgi/php53-fpm
> >>> 
> >>> However, I have got it working now with a different configuration, but
> >>> I still have some issues I'd like to discuss - here is my new config:
> >>> 
> >>> <VirtualHost *:80>
> >>> 
> >>>         ServerName foo.example.com
> >>>         
> >>>         SuexecUserGroup foobar foobar
> >>>         
> >>>         ErrorLog /var/log/apache2/vhosts/foo.example.com_error.log
> >>>         CustomLog /var/log/apache2/vhosts/foo.example.com_access.log
> >>>         combined DocumentRoot
> >>>         /home/foobar/domains/foo.example.com/public
> >>>         
> >>>         ## FastCGI + PHP-FPM
> >>>         AddHandler application/x-httpd-php .php
> >>>         Action application/x-httpd-php /fcgi-bin/php-fpm
> >>>         Alias /fcgi-bin/php-fpm /fcgi-extsrvs-phpfpm
> >>>         
> >>>         <Location /fcgi-bin/php-fpm>
> >>>         
> >>>                 Order Deny,Allow
> >>>                 Deny from all
> >>>                 Allow from env=REDIRECT_STATUS
> >>>         
> >>>         </Location>
> >>>         
> >>>         FastCGIExternalServer /fcgi-extsrvs-phpfpm -socket
> >>> 
> >>> /var/opt/php53/run/www.sock -user foobar -group foobar
> >>> 
> >>>         <Directory /home/foobar/domains/foo.example.com/public>
> >>>         
> >>>                 Options FollowSymLinks
> >>>                 AllowOverride AuthConfig FileInfo Limit Options=Indexes
> >>>                 
> >>>                 Order Deny,Allow
> >>>                 Allow from all
> >>>         
> >>>         </Directory>
> >>> 
> >>> </VirtualHost>
> >>> 
> >>> This works just fine, but if I change 'Alias /fcgi-bin/php-fpm
> >>> /fcgi-extsrvs-phpfpm' to 'Alias /fcgi-bin/php-fpm
> >>> /fcgi-extsrvs/phpfpm' and 'FastCGIExternalServer /fcgi-extsrvs-phpfpm
> >>> ...' to 'FastCGIExternalServer /fcgi-extsrvs/phpfpm ....' (note the -
> >>> replace with a / in fcgi-extsrvs-phpfpm) then I get the following
> >>> 
> >>> Apache errors:
> >>>         File does not exist: /fcgi-extsrvs
> >>> 
> >>> Doing that simple change (replacing a - with /) results in a 404
> >>> error. Is a slash not allowed? That is something which has confused
> >>> me.
> >>> 
> >>> Regards
> >>> 
> >>> On 3 September 2010 13:37, Rénald Casagraude<rcasagraude at interfaces.fr>
> > 
> > wrote:
> >>>> Hi,
> >>>> On 3 sept. 2010, at 13:56, Alex Cartwright wrote:
> >>>> 
> >>>> This is the configuration that I am currently using, which is to use
> >>>> Apache2 with mod_fastcgi and PHP 5.3.3 with FPM
> >>>> 
> >>>> $ cat /etc/apache2/mods-available/fastcgi.conf
> >>>> /etc/apache2/sites-available/foo.example.com
> >>>> <IfModule mod_fastcgi.c>
> >>>> 
> >>>>         FastCgiWrapper /usr/lib/apache2/suexec
> >>>>         
> >>>>         ## PHP-FPM
> >>>>         AddHandler php53-fpm .php
> >>>>         Action php53-fpm /fcgi-bin/php53-fpm
> >>>>         <Location /fcgi-bin/php53-fpm>
> >>>>         
> >>>>                 Order Deny,Allow
> >>>>                 Deny from all
> >>>>                 Allow from env=REDIRECT_STATUS
> >>>>                 Options ExecCGI
> >>>>         
> >>>>         </Location>
> >>>> 
> >>>> </IfModule>
> >>>> 
> >>>> 
> >>>> Remove the Options ExecCGI that does not make sense in external calls
> >>>> 
> >>>> This works just fine, and I can run PHP scripts through php-fpm.
> >>>> However I have had to create the file "/home/foobar/fcgi/php53-fpm"
> >>>> which contains nothing.
> >>>> 
> >>>> What happens if the file does not extsts ?
> >>>> Regards,
> >>>> Rénald
> >>> 
> >>> _______________________________________________
> >>> FastCGI-developers mailing list
> >>> FastCGI-developers at mailman.fastcgi.com
> >>> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-developers
> >> 
> >> _______________________________________________
> >> FastCGI-developers mailing list
> >> FastCGI-developers at mailman.fastcgi.com
> >> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-developers
> > 
> > _______________________________________________
> > FastCGI-developers mailing list
> > FastCGI-developers at mailman.fastcgi.com
> > http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-developers


More information about the FastCGI-developers mailing list