Apache shell scripts for linux: startup tutorial
If Apache is not installed yet, try:
sudo apt-get install apache2
First of all, let's make sure cgid is enabled. The module may be enabled with the following command:
Next, we'll change the cgi-bin dir to something nicer, such as 's':
root@server261583:/etc/apache2# cd /etc/apache2 root@server261583:/etc/apache2# grep ScriptAlias */* conf-available/serve-cgi-bin.conf: ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ conf-enabled/serve-cgi-bin.conf: ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
After the grep results you should be able to find the proper file. Note that the files under conf-enabled/ are just symbolic links to the real files. We use pico (or nano) as a sample text editor, but you can use any you wish. Edit this file:
root@server261583:/etc/apache2# pico conf-available/serve-cgi-bin.conf
Change the 'cgi-bin' references to 's'. Barely anyone uses the cgi-bin anymore. It may also be a target of automated bot attacks. After the change, the file in this location should look like this:
<IfDefine ENABLE_USR_LIB_CGI_BIN> ScriptAlias /s/ /usr/lib/s/ <Directory "/usr/lib/s"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Require all granted </Directory> </IfDefine>
Creating the script directory
We need to create this directory as well:
root@server261583:/etc/apache2# cd /usr/lib/ root@server261583:/usr/lib# mkdir s
Never disclose the added user into public! I'd expect you have disabled ssh root access so that the endless number of bots will not try to guess your passwords - and eventually get it right! Disclosing the user to the public means the bots will pick it and start guessing its passwords! Let's create a user whose access rights will be handling the requests, but don't pick this one below!
Add the script user
root@server261583:/usr/lib/s# adduser imageserviceagent Adding user `imageserviceagent' ... Adding new group `imageserviceagent' (1001) ... Adding new user `imageserviceagent' (1001) with group `imageserviceagent' ... Creating home directory `/home/imageserviceagent' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for imageserviceagent Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other :
The scripts should now be created within the /usr/lib/s -directory:
root@server261583:/usr/lib# cd s/ root@server261583:/usr/lib/s# pico test
Changing the default Apache user
The default www-user has virtually no access rights. This may be changed by altering various usage rights but it maybe more coordinated to change the user altogether. Change www-user to imageaservicegent which we just added with the adduser command:
root@server261583:/usr/lib/s# pico /etc/apache2/envvars
Please don't use the imageserviceagent as your user! Pick your own instead.
# Since there is no sane way to get the parsed apache2 config in scripts, some # settings are defined via environment variables and then used in apache2ctl, # /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. export APACHE_RUN_USER=imageserviceagent export APACHE_RUN_GROUP=imageserviceagent
Applying the Apache changes
Eventually we need to restart apache2 to take the modifications in use:
service apache2 restart
You can start developing scripts under the /usr/lib/s directory. If you create a script called "test", you can access it the following way:
Testing with a simple script
Let's create a test script to verify all is okay:
root@euve261583:/usr/lib/s# pico test
Enter this below into the file. Please notice that the lines with echo "" are necessary.
#!/bin/sh /bin/echo "Content-type: text/html" /bin/echo "" /bin/echo "<html><h2>Thanks for testing!</h2></html>" /bin/echo ""
Remember to give the permissions:
root@euve261583:/usr/lib/s# chmod a+x test
If you go to that address with your web browser, it should print out "Thanks for testing!".