I need install some perl modules using cpan on my droplet i get this output on the terminal
install Image::Magick
Reading '/root/.cpan/Metadata'
Database was generated on Tue, 04 Feb 2020 21:41:03 GMT
Running install for module 'Image::Magick'
Checksum for /root/.cpan/sources/authors/id/J/JC/JCRISTY/PerlMagick-6.89-1.tar.gz ok
Scanning cache /root/.cpan/build for sizes
Use of uninitialized value $newdir in substitution (s///) at /usr/lib/x86_64-linux-gnu/perl/5.26/Cwd.pm line 368.
Use of uninitialized value $newdir in chdir at /usr/lib/x86_64-linux-gnu/perl/5.26/Cwd.pm line 377.
Use of uninitialized value $cwd in concatenation (.) or string at /usr/share/perl/5.26/CPAN/CacheMgr.pm line 81.
Catching error: "Can't chdir to : No such file or directory at /usr/share/perl/5.26/CPAN/Distribution.pm line 470.\cJ" at /usr/share/perl/5.26/CPAN.pm line 392.
CPAN::shell() called at /usr/share/perl/5.26/App/Cpan.pm line 414
App::Cpan::_process_options("App::Cpan") called at /usr/share/perl/5.26/App/Cpan.pm line 511
App::Cpan::run("App::Cpan") called at /usr/bin/cpan line 13
When i try to find what perl modules are installed on my droplet using this command “instmodsh” i get this output:
cmd? l
Installed modules are:
Perl
cmd?
Maybe you guys can help me to solve this issue. Thanks everyone!
]]>OTRS, also known as Open source Ticket Request System, is a help desk and IT service management system. It provides a single point of contact for users, customers, IT personnel, IT services, and any external organizations. The program is written in Perl, supports a variety of databases (MySQL, PostgreSQL, etc.), and can integrate with LDAP directories.
In this tutorial, you will install OTRS Community Edition on an Ubuntu 18.04 server and set up a simple help desk system, which will allow you to receive and process requests from your customers using both the web interface and email.
To complete this tutorial, you will need the following:
An Ubuntu 18.04 server set up by following our Initial Server Setup Guide for Ubuntu 18.04, including a non-root user with sudo privileges and a firewall configured with ufw
.
Apache and MySQL installed on your Ubuntu server. Follow step 1 and 2 of this guide to configure these.
A fully registered domain name. This tutorial will use example.com
throughout. You can purchase a domain name on Namecheap, get one for free on Freenom, or use the domain registrar of your choice.
Both of the following DNS records set up for your server. You can follow this introduction to DigitalOcean DNS for details on how to add them.
example.com
pointing to your server’s public IP address.www.example.com
pointing to your server’s public IP address.A TLS/SSL certificate installed on your Ubuntu 18.04 server for your domain. You can follow the Let’s Encrypt on Ubuntu 18.04 guide to obtain a free TLS/SSL certificate.
Postfix mail transfer agent set up by following our tutorial How To Install and Configure Postfix on Ubuntu 18.04.
(Optional) A dedicated Gmail account with IMAP access enabled, 2-step verification, and an App password generated with the Other (Custom name) option. When you generate the App password, write it down so that you can use it in Step 5. You will use Gmail to configure inbound mail ticket creation in OTRS, with Gmail as your IMAPS mailbox. This is just one method of configuring inbound mail for OTRS; if you would like to explore other options, check out the OTRS documentation.
Warning: Do not use any of your own active Gmail accounts to configure inbound mail for OTRS. When imap.gmail.com
forwards emails to OTRS, all emails in the Gmail account are deleted. Because of this, it is a better option to create a new Gmail account to use specifically for OTRS.
In this step, you will install OTRS and a set of Perl modules that will increase the system’s functionality.
OTRS is available in Ubuntu’s package manager, but the official documentation suggests installing OTRS from source.
To do this, first log into your Ubuntu server as your non-root user:
- ssh sammy@Ubuntu_Server_IP
Then download the source archive with the wget
command. For this tutorial, you will download version 6.0.19; you can find the latest available version on the OTRS download page.
- wget http://ftp.otrs.org/pub/otrs/otrs-6.0.19.tar.gz
Next, unpack the compressed file with tar
:
- tar xzf otrs-6.0.19.tar.gz
Move the contents of the archive into the /opt/otrs
directory:
- sudo mv otrs-6.0.19 /opt/otrs
Because OTRS is written in Perl, it uses a number of Perl modules. Check for missing modules by using the CheckModules.pl
script included with OTRS:
- sudo /opt/otrs/bin/otrs.CheckModules.pl
You’ll see output like this, listing which modules you already have downloaded and which you are missing:
Output o Apache::DBI......................FAILED! Not all prerequisites for this module correctly installed.
o Apache2::Reload..................ok (v0.13)
. . .
o XML::LibXML......................Not installed! Use: 'apt-get install -y libxml-libxml-perl' (required - Required for XML processing.)
o XML::LibXSLT.....................Not installed! Use: 'apt-get install -y libxml-libxslt-perl' (optional - Required for Generic Interface XSLT mapping module.)
o XML::Parser......................Not installed! Use: 'apt-get install -y libxml-parser-perl' (optional - Recommended for XML processing.)
o YAML::XS.........................Not installed! Use: 'apt-get install -y libyaml-libyaml-perl' (required - Required for fast YAML processing.)
Some modules are only needed for optional functionality, such as communication with other databases or handling mail with specific character sets; others are necessary for the program to work.
Although the suggested commands to download these modules use apt-get
, this tutorial will install the missing modules with the apt
command, which is the suggested best practice for Ubuntu 18.04. Feel free to go through these modules manually, or use the following command:
$ sudo apt install libapache2-mod-perl2 libdbd-mysql-perl libtimedate-perl libnet-dns-perl libnet-ldap-perl \
libio-socket-ssl-perl libpdf-api2-perl libsoap-lite-perl libtext-csv-xs-perl \
libjson-xs-perl libapache-dbi-perl libxml-libxml-perl libxml-libxslt-perl libyaml-perl \
libarchive-zip-perl libcrypt-eksblowfish-perl libencode-hanextra-perl libmail-imapclient-perl \
libtemplate-perl libdatetime-perl
Whenever you’re done installing these modules, rerun the script to make sure that all the required modules have been installed:
- sudo /opt/otrs/bin/otrs.CheckModules.pl
Your output will now show all the installed modules:
Output...
o Text::CSV_XS.....................ok (v1.34)
o Time::HiRes......................ok (v1.9741)
o XML::LibXML......................ok (v2.0128)
o XML::LibXSLT.....................ok (v1.95)
o XML::Parser......................ok (v2.44)
o YAML::XS.........................ok (v0.69)
Now that you have OTRS and its dependencies installed on your server, you can configure OTRS to use Apache and MySQL.
In this step, you will create a system user for OTRS, and then configure Apache and MySQL server to work with OTRS.
Create a user named otrs
to run OTRS functions with the useradd
command:
- sudo useradd -d /opt/otrs -c 'OTRS user' otrs
-d
sets the user’s home directory as /opt/otrs
, and -c
sets the 'OTRS user'
comment to describe the user.
Next, add otrs
to the webserver group:
- sudo usermod -G www-data otrs
OTRS comes with a default config file /opt/otrs/Kernel/Config.pm.dist
. Activate this by copying it without the .dist
filename extension:
- sudo cp /opt/otrs/Kernel/Config.pm.dist /opt/otrs/Kernel/Config.pm
Now, navigate to the /opt/otrs
directory:
- cd /opt/otrs
From here, run the otrs.SetPermissions.pl
script. It will detect the correct user and group settings and set the file and directory permissions for OTRS.
- sudo bin/otrs.SetPermissions.pl
This will yield the following output:
OutputSetting permissions on /opt/otrs
The correct permissions are now set.
Next, activate the apache2
configuration file and make sure it is loaded after all other configurations. To do this, make a symbolic link with the zzz_
prefix:
- sudo ln -s /opt/otrs/scripts/apache2-httpd.include.conf /etc/apache2/sites-enabled/zzz_otrs.conf
OTRS requires a few Apache modules to be active for optimal operation. You can activate them via the tool a2enmod
. Although some of these have already been enabled, it is a good idea to check them all:
- sudo a2enmod perl
- sudo a2enmod headers
- sudo a2enmod deflate
- sudo a2enmod filter
These modules enable Apache to work with Perl, control HTTP headers, compress server output, and configure output content filters.
Restart your web server to apply new configurations:
- sudo systemctl restart apache2
Before you go to the next step and run the web installer, change some of the MySQL configuration settings. Open the MySQL configuration file in your preferred text editor. This tutorial uses nano
:
- sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Look for the following options under the [mysqld]
section. For max_allowed_packet
and query_cache_size
, change the values to 64M
and 32M
respectively, as highlighted in the following code block:
...
max_allowed_packet = 64M
thread_stack = 192K
thread_cache_size = 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover-options = BACKUP
#max_connections = 100
#table_open_cache = 64
#thread_concurrency = 10
#
# * Query Cache Configuration
#
query_cache_limit = 1M
query_cache_size = 32M
...
This adjusts the maximum allowed packet size and the query cache size so that MySQL can interface with OTRS.
Then add the following highlighted additional options under the [mysqld]
section, at the end of the file:
...
# ssl-cert=/etc/mysql/server-cert.pem
# ssl-key=/etc/mysql/server-ikey.pem
innodb_log_file_size = 256M
collation-server = utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server = utf8
This sets the database logfile size, determines the character set and collation, and creates an init_connect
string to set the character set upon starting the MySQL server.
Save and close mysqld.cnf
by pressing CTRL
+ X
, followed by Y
and then ENTER
. Then, restart your MySQL server to apply the new parameters:
- sudo systemctl restart mysql.service
Now that you have created the otrs
user and configured Apache and MySQL to work with OTRS, you are ready to use the web installer.
In this step, you will configure OTRS’s database settings in a web browser and start the OTRS daemon process on the command line.
Open https://example.com/otrs/installer.pl
in your favorite web browser, replacing example.com
with your domain name. You will find a welcome screen with the message Welcome to OTRS 6 and information about the OTRS offices.
Click Next. The next screen will have the license for OTRS, which is the GNU General Public License common to open source programs. Accept by clicking Accept license and continue after reading.
On the next screen, you will be prompted to select a database type. The defaults (MySQL and Create a new database for OTRS) are fine for your setup, so click Next to proceed.
On the next screen, enter the MySQL credentials that you set up during the MySQL server installation. Use root for the User field, then enter the password you created. Leave the default host value.
Click Check database settings to make sure it works. The installer will generate credentials for the new database. There is no need to remember this generated password.
Click Next to proceed.
The database will be created and you will see the successful result:
Click Next.
Next, provide the following required system settings:
example.com
with your own domain name.Leave all other options at their default values:
Click Next.
Now you will land on the Mail Configuration page. In order to be able to send and receive emails, you have to configure a mail account. This tutorial will take care of this later in Step 5, so click Skip this step.
The OTRS installation is now complete; you will see a Finished page with a link to the admin panel after Start page, and the credentials of the OTRS super user after that. Make sure you write down the generated password for the root@localhost user and the URL for the Start page.
The only thing left after a successful installation is to start the OTRS daemon and activate its cronjob
.
Bring up the terminal you are using to access your Ubuntu 18.04 server. The OTRS daemon is responsible for handling any asynchronous and recurring tasks in OTRS. Start it with the otrs
user:
- sudo su - otrs -c "/opt/otrs/bin/otrs.Daemon.pl start"
You will see the following output:
OutputManage the OTRS daemon process.
Daemon started
There are two default cron files in the /opt/otrs/var/cron/
directory. Move into this directory.
- cd /opt/otrs/var/cron
These cron files are used to make sure that the OTRS daemon is running. Activate them by copying them without the .dist
filename extension.
- sudo cp aaa_base.dist aaa_base
- sudo cp otrs_daemon.dist otrs_daemon
To schedule these cron jobs, use the script Cron.sh
with the otrs
user:
- sudo su - otrs -c "/opt/otrs/bin/Cron.sh start"
You have now installed OTRS with the web installer and set up its connection to the MySQL database. You also started the OTRS daemon on your server. Next, you will log in to the administrator web interface and secure OTRS.
At the moment, you have a fully functional application, but it’s not secure to use the super user account with OTRS. Instead, you’ll create a new agent. In OTRS, agents are users who have rights to the various functions of the system. In this example, you will use a single agent who has access to all functions of the system.
To get started, log in as root@localhost. Open the Start page link which you received in the previous step. Enter root@localhost for the username and the password you copied from Step 3, then click Login.
You will see the main dashboard. It contains several widgets which show different information about tickets, statistics, news, etc. You can freely rearrange them by dragging or switch their visibility in settings.
First, create a new agent. To do this, follow the link by clicking on the red message in the top of the screen that reads Don’t use the Superuser account to work with OTRS 6! Create new Agents and work with these accounts instead. This will bring you to the Agent Management screen.
Click the Add agent button. This will bring you to the Add Agent screen. Most of the default options are fine. Fill in the first name, last name, username, password, and email fields. Record the username and password for future login. Submit the form by clicking the Save button.
Next, change the group relations for the new agent. Because your agent will also be the administrator, you can give it full read and write access to all groups. To do this, click the checkbox next to RW all the way on the right, under Change Group Relations for Agent.
Finally, click Save and finish.
Now, log out and log back in again using the newly created account. You can find the Logout link by clicking on the avatar picture in the top left corner.
Once you have logged back in, you can customize your agent’s preferences by clicking on Personal preferences in the avatar menu. There you can change your password, choose the interface language, configure setup notifications and favorite queues, change interface skins, etc.
Once you have logged in as your new agent and configured the account to your liking, the next step is to configure the inbound mail options to generate tickets from incoming emails.
Customers have two ways to forward new tickets to OTRS: via the customer front-end or by sending an email. In order to receive customer’s messages you need to set up a POP or IMAP account. In this tutorial, you will use your dedicated OTRS Gmail account that you created as a prerequisite.
Navigate to the Admin tab by clicking on Admin in the top menu. Then find the PostMaster Mail Accounts option and click on it. Press the Add Mail Account button to set up a new mailbox.
On the Add Mail Account screen, select IMAPS for Type. For Username, type in your Gmail address, and for Password, enter the App password that you generated for your Gmail account in the prerequisites. Leave all other options as default. Click Save.
Note: You can use Gmail for IMAPS without 2-step verification by enabling Less secure app access for your Gmail account. You will find instructions on how to do this in the Google Help Center. However, this method is less secure, and it can take up to 24 hours for Less secure app access to take effect. It is recommended that you use the App password method.
Next, send a test email from an external email account to your dedicated OTRS Gmail account. The mail will be fetched every 10 minutes by the OTRS daemon, but you can force receipt by clicking the Fetch mail link.
As a result, you will see the new ticket.
Now you are ready to accept tickets from customers via email. Next, you will go through the process of creating a ticket through the customer front-end.
The second way for a customer to create a ticket is through the OTRS front-end. In this step, you will walk through this process to make sure this ticket creation method is set up.
The customer front-end is located at https://example.com/otrs/customer.pl
. Navigate to it in a web browser. You can create a customer account there and submit a ticket using the GUI.
Use the Sign up now link to open the registration form.
Fill out the form and press the Create button.
You will see a message like this:
New account created. Sent login information to sammy@gmail.com. Please check your email.
Check your inbox for the message from the OTRS. You will see a message with the new account credentials:
Hi sammy,
You or someone impersonating you has created a new OTRS account for
you.
Full name: sammy
User name: sammy@email.com
Password : Sammy_Password
You can log in via the following URL. We encourage you to change your password
via the Preferences button after logging in.
http://example.com/otrs/customer.pl
Now, use the provided credentials to access the customer front-end and create another ticket. All new tickets created using the customer front-end will immediately appear on the agent’s dashboard:
On the agent dashboard, you can see the information on all current tickets: their status (new, opened, escalated, etc.), their age (the time elapsed from the moment when the ticket was received), and subject.
You can click on the ticket number (in the TICKET# column) to view its details. The agent can also take actions on the ticket here, like changing its priority or state, moving it to another queue, closing it, or adding a note.
You have now successfully set up your OTRS account.
In this tutorial, you set up OTRS and created test help desk tickets. Now you can accept and process requests from your users using both the web interface and email.
You can learn more about OTRS by reading the OTRS Admin Manual. If you want to read more about how to use MySQL, see our An Introduction to Queries in MySQL article, or explore DigitalOcean’s Managed Databases product.
]]>I can not execute my CGI files in my virtual host, this is the configuration of my file: /etc/apache2/conf-available/serve-cgi-bin.conf
<IfModule mod_alias.c>
<IfModule mod_cgi.c>
Define ENABLE_USR_LIB_CGI_BIN
</IfModule>
<IfModule mod_cgid.c>
Define ENABLE_USR_LIB_CGI_BIN
</IfModule>
<IfDefine ENABLE_USR_LIB_CGI_BIN>
ScriptAlias "/cgi-bin/" "/var/www/814.pe/public_html/cgi-bin/"
#Modified by me - start
#<Directory "/var/www/814.pe/public_html/cgi-bin/">
# AllowOverride None
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# AddHandler cgi-script .cgi .pl
# Require all granted
# SetHandler cgi-script
# </Directory>
#Modified by me - end
<Directory "/var/www/814.pe/public_html/cgi-bin/mt/">
Options +ExecCGI
AddHandler cgi-script .cgi .pl
</Directory>
and this is the conf of my domain in which I try to run the scripts: /etc/apache2/sites-available/814.pe.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin daniel@814.pe
ServerName 814.pe
ServerAlias www.814.pe
DocumentRoot /var/www/814.pe/public_html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
# Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.814.pe [OR]
RewriteCond %{SERVER_NAME} =814.pe
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
#Modified by me - start
#ScriptAlias /cgi-bin/ /var/www/814.pe/public_html/cgi-bin/
#<Directory "/var/www/814.pe/public_html/cgi-bin/">
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# AddHandler cgi-script .cgi .pl
# AllowOverride None
# Require all granted
# </Directory>
#Modified by me - end
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
This is what i get in console apache error log: Browser say: “Internal Server Error” Console say: “[cgi:error] [pid 20550] [client 190.216.190.76:34913] End of script output before headers: test.cgi”
The problem gets worse if I decide to run the files in a folder inside my CGI-BIN folder: Browser say: Not Found" Console say: “script not found or unable to stat: /var/www/814.pe/public_html/cgi-bin/mt/test.cgi”
Whai i really need is make run this CGI files inside of a directory calls mt
Im using APACHE on Ubuntu 14.04.5 x64
Thnak you so much for oyur help guys.
]]>I upgrade muy PERL version, but still doesn’t work,
Thank for your time guys…
]]>Perl 5 is a mature, full-featured programming language. It’s used in production projects of all types, including mission critical business systems all over the world. The Perlbrew software package lets you install, remove, and switch between versions of the Perl 5 programming language.
Perlbrew installs Perl in your home directory, and each version of Perl you install is independent from the others. This lets you test your code against multiple Perl versions without interfering with, or being influenced by, any other version. This includes your operating system’s default Perl package, which is typically much older than the latest stable version.
In this tutorial, you’ll install Perlbrew and use it to install and test a version of Perl 5.
To follow along with this guide you’ll need:
Before you install Perlbrew, you’ll need a few prerequisite packages. Perlbrew needs gcc
, a compiler, and bzip2
, a compression utility, in order to compile and install Perl. These packages are not installed by default on CentOS 7, but if you have added some packages to your server, you may already have these two packages. You can find out what you’re missing easily enough.
Note: The package version numbers you see in the following examples may be higher than shown in this guide because revisions are periodically being made to these packages.
Building Perl requires two gcc-related packages, libgcc
and gcc
. To see if you already have these packages, execute the following command:
- rpm -qa | grep gcc
If they’re installed, you’ll see the following output:
Is the gcc package installed?libgcc-4.8.5-11.el7.x86_64
gcc-4.8.5-11.el7.x86_64
CentOS 7 only includes the libgcc
package by default, so you can install gcc
with the following command:
sudo yum install gcc
You also need the bzip2-libs
and bzip2
packages. Check to see that they’re installed as well:
- rpm -qa | grep bzip2
If they’re both installed, you’ll see the following:
Is the bzip2 package installed?bzip2-libs-1.0.6-13.el7.x86_64
bzip2-1.0.6-13.el7.x86_64
By default, CentOS 7 only includes the bzip2-libs
package. Add the bzip2
package:
- sudo yum install bzip2
Finally, install the patch
utility.
- sudo yum install patch
With the prerequisites out of the way, you can install Perlbrew. Download the installation script to your server:
- curl -L https://install.perlbrew.pl -o install.perlbrew.pl
To audit the contents of the script before running it, open it in a text editor to view its contents:
- vi install.perlbrew.pl
Once you’re comfortable with the script’s contents, pipe the script to bash
to run the installation script:
- cat install.perlbrew.pl | bash
This will create a new directory structure in /home/sammy/perl5
, where Perlbrew will store its support files and versions of Perl. You’ll see the following output from the installation script:
Output## Download the latest perlbrew
## Installing perlbrew
perlbrew is installed: ~/perl5/perlbrew/bin/perlbrew
perlbrew root (~/perl5/perlbrew) is initialized.
Append the following piece of code to the end of your ~/.bash_profile and start a
new shell, perlbrew should be up and fully functional from there:
source ~/perl5/perlbrew/etc/bashrc
Simply run `perlbrew` for usage details.
Happy brewing!
## Installing patchperl
## Done.
Next, use the perlbrew
utility to create some initial configuration files and directories in /home/sammy/perl5/perlbrew
:
~/perl5/perlbrew/bin/perlbrew self-install
You’ll see the following output:
OutputYou are already running the installed perlbrew:
/home/sammy/perl5/perlbrew/bin/perlbrew
Perlbrew is now installed, but you’ll want to modify your shell’s configuration files to make it easier to use.
.bash_profile
to Include PerlbrewBefore using Perlbrew to install a version of Perl, you should edit your .bash_profile
file so it automatically sets some important Perlbrew environment variables. Perlbrew makes this easy by including the needed code in another configuration file which you can include in your .bash_profile
.
Open the file ~/.bash_profile
in your editor:
- vi ~/.bash_profile
Add the following line at the bottom of the file to include the Perlbrew settings:
source ~/perl5/perlbrew/etc/bashrc
Save the file and exit the editor.
Then log out and then log back in to ensure that your .bash_profile
file loads Perlbrew’s settings. It will now add /home/sammy/perl5/perlbrew/bin
to the front of your PATH
environment variable, and set some other environment variables Perlbrew needs.
Verify that these environment variables have been set by running the env
command and filtering the results with grep
for the text PERL
:
env | grep PERL
You should see entries similar to the following:
OutputPERLBREW_BASHRC_VERSION=0.78
PERLBREW_ROOT=/home/sammy/perl5/perlbrew
PERLBREW_HOME=/home/sammy/.perlbrew
These environment variables tell Perlbrew where important directories are located. The version number may be higher if Perlbrew was revised after this tutorial was published.
Typing which perlbrew
should now identify the full path to the perlbrew
command:
which perlbrew
You should see the following in your terminal:
Expected Output~/perl5/perlbrew/bin/perlbrew
Now that Perlbrew is installed and configured, let’s start using it.
Let’s use Perlbrew to install a stable version of Perl 5. Use the perlbrew
command to see which Perl versions are available for installation:
perlbrew available
You’ll see a listing similar to the following partial listing:
Partial Listing perl-5.25.11
perl-5.24.1
perl-5.22.3
perl-5.20.3
perl-5.18.4
...
Odd-numbered major versions, such as perl-5.25
, are under active development and are not considered stable or production-ready. In general, you won’t use versions older than 5.10.1
unless you have legacy code that requires one of these older versions.
According to the output, perl-5.24.1
is the most recent stable version, as it has the largest even major number. You can pick any Perl version shown in the list, but for this tutorial, we’ll install perl-5.24.1
.
Install it with perlbrew install
:
perlbrew install perl-5.24.1
The Perl installation can take quite a while to build and install, generally about 20 minutes. Do not interrupt the build process. If you want to see the build’s progress, you can open a separate terminal session and monitor the build log with tail -f ~/perl5/perlbrew/build.perl-5.24.1.log
.
After the build completes, you will see the following output from Perlbrew:
[secondary_label Output]
perl-5.24.1 is successfully installed.
When the build completes, the last line of the build log file will be:
Output
##### Brew Finished #####
You can repeat this process for each version of Perl you want to install. This guide only demonstrates installing one version, but this step can be repeated for as many versions as you need.
Next, let’s look at how to use Perlbrew to work with multiple versions of Perl.
At this point there are two versions of Perl on your system: the vendor version provided with the operating system, and the Perl version you just installed within the ~/perl5
directory with Perlbrew.
To use your new Perl installation, run the following command:
perlbrew use perl-5.24.1
This command updates the PERLBREW_PERL
environment variable to point to the specified Perl version for your current login session.
If you want a version of Perl to be your default each time you log in, run this command:
perlbrew switch perl-5.24.1
This command sets the PERLBREW_PERL
environment variable to point to the specified Perl version every time you log in.
Verify that you’re now using Perl 5.24.1:
perl -V
You should see the following output:
Parial Output...
%ENV:
PERLBREW_BASHRC_VERSION="0.78"
PERLBREW_HOME="/home/sammy/.perlbrew"
PERLBREW_MANPATH="/home/sammy/perl5/perlbrew/perls/perl-5.24.1/man"
PERLBREW_PATH="/home/sammy/perl5/perlbrew/bin:/home/sammy/perl5/perlbrew/perls/perl-5.24.1/bin"
PERLBREW_PERL="perl-5.24.1"
PERLBREW_ROOT="/home/sammy/perl5/perlbrew"
PERLBREW_VERSION="0.78"
@INC:
/home/sammy/perl5/perlbrew/perls/perl-5.24.1/lib/site_perl/5.24.1/x86_64-linux
/home/sammy/perl5/perlbrew/perls/perl-5.24.1/lib/site_perl/5.24.1
/home/sammy/perl5/perlbrew/perls/perl-5.24.1/lib/5.24.1/x86_64-linux
/home/sammy/perl5/perlbrew/perls/perl-5.24.1/lib/5.24.1
.
Perlbrew installs just the core Perl code. To see which modules comprise the core for a particular version of Perl, execute this command:
- corelist -v 5.24.1
At any time after using the perlbrew use
or perlbrew switch
commands, you can return to using the vendor version of Perl by using the command perlbrew off
. If you used perlbrew switch
to set a new default Perl, you can remove that default setting with perlbrew switch-off
.
The perlbrew
command, issued with no flags, generates a simple listing of helpful commands. The command perlbrew help
generates more detailed help information.
Let’s install some additional Perl modules.
Perl provides a vast array of public code modules that extend the core language. These modules are stored in the Comprehensive Perl Archive Network (CPAN). The code you are thinking of writing may already be written, tested, and available in CPAN. You can use the CPAN repository to avoid re-inventing the wheel.
App::cpanminus is a Perl module that lets you explore the CPAN repository and download modules. It’s popular and easy to use. Let’s install this module and use it to test your new Perl installation.
Ensure you are using your new Perl installation:
- perlbrew use perl-5.24.1
Install the cpanminus module with:
- curl -L https://cpanmin.us | perl - App::cpanminus
You’ll see the following output:
Output--> Working on App::cpanminus
Fetching http://www.cpan.org/authors/id/M/MI/MIYAGAWA/App-cpanminus-1.7043.tar.gz ... OK
Configuring App-cpanminus-1.7043 ... OK
Building and testing App-cpanminus-1.7043 ... OK
Successfully installed App-cpanminus-1.7043
1 distribution installed
Verify that the cpanminus module is now present:
- perlbrew list-modules
You should see App::cpanimus
in the output:
OutputApp::cpanminus
Perl
You can now use the command-line utility cpanm
to install additional modules and their dependencies. Let’s use it to install the Email::Simple
module, which you’d need if you were writing some Perl code to send email messages.
cpanm Email::Simple
When the installation is complete, review the list of modules again:
perlbrew list-modules
You’ll see the following output:
Expected OutputApp::cpanminus
Email::Date::Format
Email::Simple
Perl
The Email::Simple
module requires the Email:Date::Format
module. The cpanm
program installed the dependency for you.
If you are not sure what to install to round out your core Perl installation, take a look at Task::Kensho, which describes numerous modules addressing a wide range of tasks that are considered production-ready.
In this tutorial you installed Perlbrew and used it to install a local version of Perl in your home directory. You also learned how to use Perlbrew to install and manage multiple versions of Perl, and how to install additional modules from the CPAN repository with the cpanm
utility. You can use the same process to install different versions of Perl 5, so you can install the version you need for your app.
I’m trying to set up bugzilla after ubuntu 16.04 upgrade. page wont load getting
"Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log."
think perl might be the problem
]]>My client wants FTP access to a subfolder on the site - loathe to let them have full access so created a user with access to /home/FTPUSER and symlink to this from my /srv/users/serverpilot/apps/APPNAME/public/ folder so that they cannot access the system files for their main site, etc from a script.
PHP files from this folder are working fine but the client now wants to be able to run CGI/Perl scripts from this folder. I have tried following instructions at https://serverpilot.io/community/articles/how-to-create-a-cgi-bin-directory.html (updating the document root) but can’t get CGI or Perl scripts to run, instead being returned as plain text.
Any thoughts?
Cole
]]>~$ cpan Terminal does not support AddHistory.
cpan shell – CPAN exploration and modules installation (v2.00) Enter ‘h’ for help.
cpan[1]> install File::Copy::Recursive Reading ‘/home/…/.cpan/Metadata’ Database was generated on Thu, 08 Sep 2016 23:17:02 GMT Running install for module ‘File::Copy::Recursive’ Running make for D/DM/DMUEY/File-Copy-Recursive-0.38.tar.gz Fetching with HTTP::Tiny: http://cpan.mirrors.ionfish.org/authors/id/D/DM/DMUEY/File-Copy-Recursive-0.38.tar.gz Fetching with HTTP::Tiny: http://cpan.mirrors.ionfish.org/authors/id/D/DM/DMUEY/CHECKSUMS Checksum for /home/…/.cpan/sources/authors/id/D/DM/DMUEY/File-Copy-Recursive-0.38.tar.gz ok Scanning cache /home/…/.cpan/build for sizes …DONE
CPAN.pm: Building D/DM/DMUEY/File-Copy-Recursive-0.38.tar.gz
Checking if your kit is complete… Looks good Writing Makefile for File::Copy::Recursive Writing MYMETA.yml and MYMETA.json Can’t exec “make”: No such file or directory at /usr/share/perl/5.18/CPAN/Distribution.pm line 2084. DMUEY/File-Copy-Recursive-0.38.tar.gz make – NOT OK ‘YAML’ not installed, will not store persistent state Running make test Can’t test without successful make Running make install Make had returned bad status, install seems impossible Failed during this command: DMUEY/File-Copy-Recursive-0.38.tar.gz : make NO
]]>Currently on Debian 8
]]>""Forbidden
You don’t have permission to access /cgi-bin/index.cgi on this server.
Apache/2.2.15 (CentOS) Server at xxxxxx.net Port 80""
For your information, I follow below induction to install LAMP, https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-6
In Apache error logs,
[Sun Aug 16 17:16:41 2015] [error] [client 175.145.50.251] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /var/www/cgi-bin/index.cgi
my is my httpd.conf
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.2/> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
# for a discussion of each configuration directive.
#
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "/etc/httpd" will be interpreted by the
# server as "/etc/httpd/logs/foo.log".
#
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# Don't give away too much information about all the subcomponents
# we are running. Comment out this line if you don't mind remote sites
# finding out what major optional modules you are running
ServerTokens OS
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation
# (available at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
ServerRoot "/etc/httpd"
#
# PidFile: The file in which the server should record its process
# identification number when it starts. Note the PIDFILE variable in
# /etc/sysconfig/httpd must be set appropriately if this location is
# changed.
#
PidFile run/httpd.pid
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 60
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive Off
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# ServerLimit: maximum value for MaxClients for the lifetime of the server
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule worker.c>
StartServers 4
MaxClients 300
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, in addition to the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
Listen 80
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so
#
# The following modules are not loaded by default:
#
#LoadModule asis_module modules/mod_asis.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule cgid_module modules/mod_cgid.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule filter_module modules/mod_filter.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule unique_id_module modules/mod_unique_id.so
#
#
# Load config files from the config directory "/etc/httpd/conf.d".
#
Include conf.d/*.conf
#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
#ExtendedStatus On
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group #-1 on these systems!
#
User apache
Group apache
### Section 2: 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. admin@your-domain.com
#
ServerAdmin laju.sangat.net@gmail.com
#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If this is not set to valid DNS name for your host, server-generated
# redirections will not work. See also the UseCanonicalName directive.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address anyway, and this will make
# redirections work in a sensible way.
#
ServerName xxxxx.net:80
#
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the
# ServerName directive.
#
UseCanonicalName Off
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/var/www/html"
#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes +ExecCGI -MultiViews +SymLinksIfOwnerMatch
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
#
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.
#
# The path to the end user account 'public_html' directory must be
# accessible to the webserver userid. This usually means that ~userid
# must have permissions of 711, ~userid/public_html must have permissions
# of 755, and documents contained therein must be world-readable.
# Otherwise, the client will only receive a "403 Forbidden" message.
#
# See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden
#
<IfModule mod_userdir.c>
#
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).
#
UserDir disabled
#
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disabled" line above, and uncomment
# the following line instead:
#
#UserDir public_html
</IfModule>
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
# The index.html.var file (a type-map) is used to deliver content-
# negotiated documents. The MultiViews Option can be used for the
# same purpose, but it is much slower.
#
DirectoryIndex at_domains_index.html index.html index.cgi index.php index.pl index.xhtml index.htm index.shtml index.cfm
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
#
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
TypesConfig /etc/mime.types
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain
#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
#
# EnableMMAP: Control whether memory-mapping is used to deliver
# files (assuming that the underlying OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. On some systems, turning it off (regardless of
# filesystem) can improve performance; for details, please see
# http://httpd.apache.org/docs/2.2/mod/core.html#enablemmap
#
#EnableMMAP off
#
# EnableSendfile: Control whether the sendfile kernel support is
# used to deliver files (assuming that the OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#enablesendfile
#
#EnableSendfile off
#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog logs/error_log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# "combinedio" includes actual counts of actual bytes received (%I) and sent (%O); this
# requires the mod_logio module to be loaded.
#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
#CustomLog logs/access_log common
#
# If you would like to have separate agent and referer logfiles, uncomment
# the following directives.
#
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
#
# For a single logfile with access, agent, and referer information
# (Combined Logfile Format), use the following directive:
#
CustomLog logs/access_log combined
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature On
#
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
#
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL. So "/icons" isn't aliased in this
# example, only "/icons/". If the fakename is slash-terminated, then the
# realname must also be slash terminated, and if the fakename omits the
# trailing slash, the realname must also omit it.
#
# We include the /icons/ alias for FancyIndexed directory listings. If you
# do not use FancyIndexing, you may comment this out.
#
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
#
# WebDAV module configuration section.
#
<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB /var/lib/dav/lockdb
</IfModule>
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
#
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
#
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/var/www/cgi-bin">
AllowOverride All
Options None
Order allow,deny
Allow from all
</Directory>
#
# Redirect allows you to tell clients about documents which used to exist in
# your server's namespace, but do not anymore. This allows you to tell the
# clients where to look for the relocated document.
# Example:
# Redirect permanent /foo http://www.example.com/bar
#
# Directives controlling the display of server-generated directory listings.
#
#
# IndexOptions: Controls the appearance of server-generated directory
# listings.
#
IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8
#
# AddIcon* directives tell the server which icon to show for different
# files or filename extensions. These are only displayed for
# FancyIndexed directories.
#
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif /core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
#
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
#
DefaultIcon /icons/unknown.gif
#
# AddDescription allows you to place a short description after a file in
# server-generated indexes. These are only displayed for FancyIndexed
# directories.
# Format: AddDescription "description" filename
#
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
#
# ReadmeName is the name of the README file the server will look for by
# default, and append to directory listings.
#
# HeaderName is the name of a file which should be prepended to
# directory indexes.
ReadmeName README.html
HeaderName HEADER.html
#
# IndexIgnore is a set of filenames which directory indexing should ignore
# and not include in the listing. Shell-style wildcarding is permitted.
#
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
#
# DefaultLanguage and AddLanguage allows you to specify the language of
# a document. You can then use content negotiation to give a browser a
# file in a language the user can understand.
#
# Specify a default language. This means that all data
# going out without a specific language tag (see below) will
# be marked with this one. You probably do NOT want to set
# this unless you are sure it is correct for all cases.
#
# * It is generally better to not mark a page as
# * being a certain language than marking it with the wrong
# * language!
#
# DefaultLanguage nl
#
# Note 1: The suffix does not have to be the same as the language
# keyword --- those with documents in Polish (whose net-standard
# language code is pl) may wish to use "AddLanguage pl .po" to
# avoid the ambiguity with the common suffix for perl scripts.
#
# Note 2: The example entries below illustrate that in some cases
# the two character 'Language' abbreviation is not identical to
# the two character 'Country' code for its country,
# E.g. 'Danmark/dk' versus 'Danish/da'.
#
# Note 3: In the case of 'ltz' we violate the RFC by using a three char
# specifier. There is 'work in progress' to fix this and get
# the reference data for rfc1766 cleaned up.
#
# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
# Norwegian (no) - Polish (pl) - Portugese (pt)
# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
#
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
#
# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
#
# Just list the languages in decreasing order of preference. We have
# more or less alphabetized them here. You probably want to change this.
#
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
#
# ForceLanguagePriority allows you to serve a result page rather than
# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
# [in case no accepted languages matched the available variants]
#
ForceLanguagePriority Prefer Fallback
#
# Specify a default charset for all content served; this enables
# interpretation of all content as UTF-8 by default. To use the
# default browser choice (ISO-8859-1), or to allow the META tags
# in HTML content to override this choice, comment out this
# directive:
#
AddDefaultCharset UTF-8
#
# AddType allows you to add to or override the MIME configuration
# file mime.types for specific file types.
#
#AddType application/x-tar .tgz
#
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
# Despite the name similarity, the following Add* directives have nothing
# to do with the FancyIndexing customization directives above.
#
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
#
# MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
AddHandler cgi-script .cgi .pl
#
# For files that include their own HTTP headers:
#
#AddHandler send-as-is asis
#
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
# to be distributed in multiple languages.)
#
AddHandler type-map var
#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#
#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /var/www/error/include/ files and
# copying them to /your/include/path/, even on a per-VirtualHost basis.
#
Alias /error/ "/var/www/error/"
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
# ErrorDocument 410 /error/HTTP_GONE.html.var
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
</IfModule>
</IfModule>
#
# The following directives modify normal HTTP response behavior to
# handle known problems with browser implementations.
#
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
#
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.
#
#<Location /server-status>
# SetHandler server-status
# Order deny,allow
# Deny from all
# Allow from .example.com
#</Location>
#
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".example.com" to match your domain to enable.
#
#<Location /server-info>
# SetHandler server-info
# Order deny,allow
# Deny from all
# Allow from .example.com
#</Location>
#
# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:
#
#<IfModule mod_proxy.c>
#ProxyRequests On
#
#<Proxy *>
# Order deny,allow
# Deny from all
# Allow from .example.com
#</Proxy>
#
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
#
#ProxyVia On
#
# To enable a cache of proxied content, uncomment the following lines.
# See http://httpd.apache.org/docs/2.2/mod/mod_cache.html for more details.
#
#<IfModule mod_disk_cache.c>
# CacheEnable disk /
# CacheRoot "/var/cache/mod_proxy"
#</IfModule>
#
#</IfModule>
# End of proxy directives.
### Section 3: Virtual Hosts
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
# Use name-based virtual hosting.
#
#NameVirtualHost *:80
#
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
Thanks
]]>Also I want to install these : DBI, DBD::mysql perl modules GD lib, GD perl module
]]>2015-07-27 22:53:40 781 (ERROR): Your operating system’s RPM update method (yum) could not locate the glibc package. This is an indication of an improper setup. You must correct this error before you proceed. 2015-07-27 22:53:40 782 (ERROR): 2015-07-27 22:53:40 783 (FATAL):
]]>This article covers a version of Ubuntu that is no longer supported. If you are currently operate a server running Ubuntu 12.04, we highly recommend upgrading or migrating to a supported version of Ubuntu:
Reason: Ubuntu 12.04 reached end of life (EOL) on April 28, 2017 and no longer receives security patches or updates. This guide is no longer maintained.
See Instead: This guide might still be useful as a reference, but may not work on other Ubuntu releases. If available, we strongly recommend using a guide written for the version of Ubuntu you are using. You can use the search functionality at the top of the page to find a more recent version.
The Apache web server is the most popular web server in the world. It can be used to deliver static and dynamic web content to visitors in a multitude of different contexts.
One of the most common ways of generating dynamic content is through the use of CGI
, or the common gateway interface. This provides a standard way of executing scripts that generate web content that can written in a variety of programming languages.
Running any kind of executable code within a web-space comes with a certain amount of risk. In this guide, we will demonstrate how to implement CGI scripting with the suexec
module, which allows you to run scripts in a way that doesn’t elevate privileges unnecessarily.
In this guide, we will be configuring an Ubuntu 12.04 VPS with a standard LAMP (Linux, Apache, MySQL, PHP) installation. We assume that you have already installed these basic components and have them working in a basic configuration.
To learn how to install a LAMP stack on Ubuntu, click here.
We will be referencing the software as it is in its initial state following that tutorial.
In Ubuntu’s Apache configuration, CGI scripts are actually already configured within a specific CGI directory. This directory is empty by default.
CGI scripts can be any program that has the ability to output HTML or other objects or formats that a web browser can render.
If we go to the Apache configuration directory, and look at the modules that Apache has enabled in the mods-enabled
directory, we will find a file that enables this functionality:
less /etc/apache2/mods-enabled/cgi.load
LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
This file contains the directive that enables the CGI module. This allows us to use this functionality in our configurations.
Although the module is loaded, it does not actually serve any script content on its own. It must be enabled within a specific web environment explicitly.
We will look at the default Apache virtual host file to see how it does this:
sudo nano /etc/apache2/sites-enabled/000-default
While we are in here, let’s set the server name to reference our domain name or IP address:
<pre> <VirutalHost *:80> ServerName <span class=“highlight”>your_domain_or_IP_address</span> ServerAdmin <span class=“highlight”>your_email_address</span> . . . </pre>
We can see a bit down in the file the part that is applicable to CGI scripts:
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
Let’s break down what this portion of the configuration is doing.
The ScriptAlias
directive gives Apache permission to execute the scripts contained in a specific directory. In this case, the directory is /usr/lib/cgi-bin/
. While the second argument gives the file path to the script directory, the first argument, /cgi-bin/
, provides the URL path.
This means that a script called “script.pl” located in the /usr/lib/cgi-bin
directory would be executed when you access:
<pre> <span class=“highlight”>your_domain.com</span>/cgi-bin/script.pl </pre>
Its output would be returned to the web browser to render a page.
The Directory
container contains rules that apply to the /usr/lib/cgi-bin
directory. You will notice an option that mentions CGI:
Options +ExecCGI ...
This option is actually unnecessary since we are setting up options for a directory that has already been declared a CGI directory by ScriptAlias
. It does not hurt though, so you can keep it as it is.
If you wished to put CGI files in a directory outside of the ScriptAlias, you will have to add these two options to the directory section:
<pre> Options +ExecCGI AddHandler cgi-script <span class=“highlight”>.pl .rb [extensions to be treated as CGI scripts]</span> </pre>
When you are done examining the file, save and close it. If you made any changes, restart the web server:
sudo service apache2 restart
We will create a basic, trivial CGI script to show the steps necessary to get a script to execute correctly.
As we saw in the last section, the directory designated in our configuration for CGI scripts is /usr/lib/cgi-bin
. This directory is not writeable by non-root users, so we will have to use sudo:
sudo nano /usr/lib/cgi-bin/test.pl
We gave the file a “.pl” extension because this will be a Perl script, but Apache will attempt to run any file within this directory and will pass it to the appropriate program based on its first line.
We will specify that the script should be interpreted by Perl by starting the script with:
#!/usr/bin/perl
Following this, the first thing that the script must output is the content-type that will be generated. This is necessary so that the web browser knows how to display the output it is given. We will print out the HTML content type, which is “text/html”, using Perl’s regular print function.
print "Content-type: text/html\n\n";
After this, we can do whatever functions or calculations are necessary to produce the text that we want on our website. In our example, we will not produce anything that wouldn’t be easier as just plain HTML, but you can see that this allows for dynamic content if your script was more complex.
The previous two components and our actual HTML content combine to make the following script:
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "<html><head><title>Hello There...</title></head>";
print "<body>";
print "<h1>Hello, World.</h1><hr>";
print "<p>This is some regular text.</p>";
print "<p>The possibilities are great.</p>";
print "</body></html>";
Save and close the file.
Now, we have a file, but it isn’t marked as executable. Let’s change that:
sudo chmod 755 /usr/lib/cgi-bin/test.pl
Now, if we navigate to our domain name, followed by the CGI directory (/cgi-bin/), followed by our script name (test.pl), we should see the output of our script.
Point your browser to:
<pre> <span class=“highlight”>your_domain.com</span>/cgi-bin/test.pl </pre>
You should see something that looks like this:
Not very exciting, but rendered correctly.
If we choose to view the source of the page, we will see only the arguments given to the print functions, minus the content-type header:
There are some security concerns implicit in setting a script as executable by anybody. Ideally, a script should only be able to be executed by a single, locked down user. We can set up this situation by using the suexec
module.
We will actually install a modified suexec module that allows us to configure the directories in which it operates. Normally, this would not be configurable without recompiling from source.
Install the alternate module with this command:
sudo apt-get install apache2-suexec-custom
Now, we can enable the module by typing:
sudo a2enmod suexec
Next, we will create a new user that will own our script files. If we have multiple sites being served, each can have their own user and group:
sudo adduser script_user
Feel free to enter through all of the prompts (including the password prompt). This user does not need to be fleshed out.
Next, let’s create a scripts directory within this new user’s home directory:
sudo mkdir /home/script_user/scripts
Suexec requires very strict control over who can write to the directory. Let’s transfer ownership to the script_user user and change the permissions so that no one else can write to the directory:
sudo chown script_user:script_user /home/script_user/scripts
sudo chmod 755 /home/script_user/scripts
Next, let’s create a script file and copy and paste our script from above into it:
sudo -u script_user nano /home/script_user/scripts/attempt.pl
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "<html><head><title>Hello There...</title></head>";
print "<body>";
print "<h1>Hello, World.</h1><hr>";
print "<p>This is some regular text.</p>";
print "<p>The possibilities are great.</p>";
print "</body></html>";
Make it executable next. We will only let our script_user have any permissions on the file. This is what the suexec module allows us to do:
sudo chmod 700 /home/script_user/scripts/attempt.pl
Next, we will edit our Apache virtual host configuration to allow scripts to be executed by our new user.
Open the default virtual host file:
sudo nano /etc/apache2/sites-enabled/000-default
First, let’s make our CGI directory. Instead of using the ScriptAlias
directive, as we did above, let’s demonstrate how to use the regular Alias
directory combined with the ExecCGI
option and the SetHandler
directive.
Add this section:
Alias /scripts/ /home/script_user/scripts/
<Directory "/home/script_user/scripts">
Options +ExecCGI
SetHandler cgi-script
</Directory>
This allows us to access our CGI scripts by going to the “/scripts” sub-directory. To enable the suexec capabilities, add this line outside of the “Directory” section, but within the “VirtualHost” section:
SuexecUserGroup script_user script_user
Save and close the file.
We also need to specify the places that suexec will consider a valid directory. This is what our customizable version of suexec allows us to do. Open the suexec configuration file:
sudo nano /etc/apache2/suexec/www-data
At the top of this file, we just need to add the path to our scripts directory.
/home/script_user/scripts/
Save and close the file.
Now, all that’s left to do is restart the web server:
sudo service apache2 restart
If we open our browser and navigate here, we can see the results of our script:
<pre> <span class=“highlight”>your_domain.com</span>/scripts/attempt.pl </pre>
Please note that with suexec configured, your normal CGI directory will not work properly, because it does not pass the rigorous tests that suexec requires. This is intended behavior to control what permissions scripts have.
You can now create scripts and execute them in a relatively secure way. CGI scripts are very helpful for quickly including dynamic content on your site. Suexec allows you to lock down this ability for greater security.
Be careful when using suexec, because it can actually create more security vulnerabilities if it is configured incorrectly. To learn about the potential vulnerabilities of this set up, research setuid configuration.
<div class=“author”>By Justin Ellingwood</div>
]]><h2><strong>Status:</strong> Deprecated</h2>
<p>This article covers a version of CentOS that is no longer supported. If you are currently operating a server running CentOS 6, we highly recommend upgrading or migrating to a supported version of CentOS.</p>
<p><strong>Reason:</strong> <a href=“https://wiki.centos.org/About/Product”>CentOS 6 reached end of life (EOL) on November 30th, 2020</a> and no longer receives security patches or updates. For this reason, this guide is no longer maintained.</p>
<p><strong>See Instead:</strong><br> This guide might still be useful as a reference, but may not work on other CentOS releases. If available, we strongly recommend using a guide written for the version of CentOS you are using.<br></p></span>
<h2>Introduction</h2>
<p>Perl is a popular programming language that allows you to quickly create scripts and install additional libraries.</p>
<p>We have previously covered <a href=“https://www.digitalocean.com/community/articles/how-to-install-nagios-on-centos-6”>how to install Nagios monitoring server on CentOS 6 x64</a>. This time, we will expand on this idea and create Nagios plugins using Perl. These plugins will be running on client VPS, and be executed via NRPE.</p>
<h2>Step 1 - Install RPMForge Repository and NRPE on client VPS</h2>
<pre> rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm yum -y install perl nagios-nrpe useradd nrpe && chkconfig nrpe on </pre>
<h2>Step 2 - Create your Perl Script</h2>
<p>It would be a good idea to keep your plugins in same directory as other Nagios plugins (<B>/usr/lib64/nagios/plugins/</B> for example).</p>
<p>For our example, we will create a script that checks current disk usage by calling “df” from shell, and throw an alert if it is over 85% used:</p>
<pre> #!/usr/bin/perl use strict; use warnings; use feature qw(switch say);
my $used_space = df -h / \|awk 'FNR == 2 {print \$5}'
;
given ($used_space) { chomp($used_space); when ($used_space lt ‘85%’) { print “OK - $used_space of disk space used.”; exit(0); } when ($used_space eq ‘85%’) { print “WARNING - $used_space of disk space used.”; exit(1); } when ($used_space gt ‘85%’) { print “CRITICAL - $used_space of disk space used.”; exit(2); } default { print “UNKNOWN - $used_space of disk space used.”; exit(3); } } </pre>
<img src=“https://assets.digitalocean.com/articles/community/usedspace.pl.png” width=“680”>
<p>We will save this script in <B>/usr/lib64/nagios/plugins/usedspace.pl</B> and make it executable:</p>
<pre> chmod +x /usr/lib64/nagios/plugins/usedspace.pl </pre>
<p>The entire Nagios NRPE plugin boils down to using exit codes to trigger alerts.</p>
<p>You introduce your level of logic to the script, and if you want to trigger an alert (whether it is OK, WARNING, CRITICAL, or UNKNOWN) - you specify an exit code.</p>
<p>Refer to the following Nagios Exit Codes:</p>
<h3>Nagios Exit Codes</h3>
<table border=0 cellpadding=0> <thead> <tr> <td width=120 align=center><B>Exit Code</B></td> <td align=center><B>Status</B></td> </tr> <tr align=center> <td width=120>0</td> <td align=center>OK</td> </tr> <tr align=center> <td width=120>1</td> <td align=center>WARNING</td> </tr> <tr align=center> <td width=120>2</td> <td align=center>CRITICAL</td> </tr> <tr align=center> <td width=120>3</td> <td align=center>UNKNOWN</td> </tr> </thead> </table>
<h2>Step 3 - Add Your Script to NRPE configuration on client host</h2>
<p>Delete original <B>/etc/nagios/nrpe.cfg</B> and add the following lines to it:</p>
<pre> log_facility=daemon pid_file=/var/run/nrpe/nrpe.pid server_port=5666 nrpe_user=nrpe nrpe_group=nrpe allowed_hosts=198.211.117.251 dont_blame_nrpe=1 debug=0 command_timeout=60 connection_timeout=300 include_dir=/etc/nrpe.d/
command[usedspace_perl]=/usr/lib64/nagios/plugins/usedspace.pl </pre>
<p>Where 198.211.117.251 is our monitoring server from previous articles. Change these to your own values.</p>
<p>Make sure to restart Nagios NRPE service:</p>
<pre> service nrpe restart </pre>
<h2>Step 4 - Add Your New Command to Nagios Checks on Nagios Monitoring Server</h2>
<p>Define new command in <B>/etc/nagios/objects/commands.cfg</B></p>
<pre> define command{ command_name usedspace_perl command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c usedspace_perl } </pre>
<p>As you can see, it uses NRPE to make TCP connections to port 5666 and run command ‘usedspace_perl’, which we defined in <B>/etc/nagios/nrpe.cfg</B> on that remote host.</p>
<p>Add this check to your Nagios configuration file for client VPS.</p>
<p>For our example, we will monitor a server called CentOSDroplet and edit <B>/etc/nagios/servers/CentOSDroplet.cfg</B></p>
<pre> define service { use generic-service host_name CentOSDroplet service_description Custom Disk Checker In Perl check_command usedspace_perl } </pre>
<img src=“https://assets.digitalocean.com/articles/community/CentOSDroplet.cfg-perl.png” width=“680”>
<p>Restart Nagios:</p>
<pre> service nagios restart </pre>
<p>Verify that the new check is working:</p>
<img src=“https://assets.digitalocean.com/articles/community/nagios-centos-perl.png” width=“680”>
<p>And you are all done!</p>
]]>