Been digging & digging, no dice - anybody have a pointer or two? Code follows:
[perl]
foreach my $sub (@catlist) {
chomp($sub);
if ($sub!~ m/:/g) {
$sub =~ s/ /_/ig;
$sub =~ s/^ //;
mkdir("../$sub");
chmod("0777, $sub");
print "made top level dir $sub\n";
$sub++;
} # top level category
else {
my($left,$right) = split(/:/, $sub);
$left =~ s/ /_/ig;
$right =~ s/ /_/ig;
my $dirtomake = $left . "/" . $right;
$dirtomake =~ s/^ //;
mkdir("../$dirtomake");
chmod("0777, $dirtomake");
print "made lower level $dirtomake\n";
}
}
[/perl]
[cotse.com...]
/claus
You can configure Apache to run as a different user with the "User" directive (see [httpd.apache.org...] )
but before you do, think through any security issues. Personally I think it would be better to have any files created through cgi not owned by any real user, unless it is the user who is browsing the site, and has been authenticated through some sort of login.
You just use the chown command after the mkdir (before/after chmod, i'm not sure about that)
You'd have the script chown the directory after it does the chmod. Otherwise, the script (running as nobody) would try to set permissions on a directory it does not own and likely does not have sufficient permissions on.
When run via shell prompt, the directories created are owned by my userid, however, when run via CGI, the directories & subdirectories that the script creates are owned by "nobody"...
Jeremy,
When the script is run via shell, the directories and files have the correct ownership because you were authenticated when you logged in. If the script is run through a web browser the authenticated user is the user that Apache runs under, usually nobody.
The only real solution is to run Apache with suexec and the correct User and Group for each VirtualHost. Apache will then be running under your UID and GID for your domain.
For security reasons chown should only work for the superuser.
