Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SetEnv in apache not working

796 views
Skip to first unread message

phil-new...@ipal.net

unread,
Apr 4, 2001, 2:05:54 PM4/4/01
to
I have mod_env compiled in, and have tried specifying SetEnv in the
virtual host context, as well as in many other places. Yet, the
specified environment variables do not show up for the CGI. What
other settings may be required to get this going? Could PHP be
interfering with this?

root@pollux:/home/web/apache/bin 133> ./httpd -v
Server version: Apache/1.3.19 (Unix)
Server built: Apr 4 2001 04:30:41
root@pollux:/home/web/apache/bin 134> ./httpd -l
Compiled-in modules:
http_core.c
mod_env.c
mod_log_config.c
mod_mime.c
mod_negotiation.c
mod_status.c
mod_include.c
mod_autoindex.c
mod_dir.c
mod_cgi.c
mod_asis.c
mod_imap.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_access.c
mod_auth.c
mod_digest.c
mod_proxy.c
mod_expires.c
mod_headers.c
mod_setenvif.c
mod_php4.c
suexec: enabled; valid wrapper /home/web/apache/bin/suexec
root@pollux:/home/web/apache/bin 135> uname -a
Linux pollux.ipal.net 2.4.0 #1 Fri Jan 26 11:46:45 CST 2001 i686 unknown
root@pollux:/home/web/apache/bin 136>

root@pollux:/home/web/logs 144> tail errors.log
[Wed Apr 4 13:52:33 2001] [info] created shared memory segment #4358144
[Wed Apr 4 13:52:33 2001] [notice] Apache/1.3.19 (Unix) PHP/4.0.5RC4 configured -- resuming normal operations
[Wed Apr 4 13:52:33 2001] [notice] suEXEC mechanism enabled (wrapper: /home/web/apache/bin/suexec)
[Wed Apr 4 13:52:33 2001] [info] Server built: Apr 4 2001 04:30:41
[Wed Apr 4 14:03:31 2001] [info] removed PID file /ram/lock/httpd.pid (pid=32723)
[Wed Apr 4 14:03:31 2001] [notice] caught SIGTERM, shutting down
[Wed Apr 4 14:03:41 2001] [info] created shared memory segment #4521986
[Wed Apr 4 14:03:41 2001] [notice] Apache/1.3.19 (Unix) PHP/4.0.5RC4 configured -- resuming normal operations
[Wed Apr 4 14:03:41 2001] [notice] suEXEC mechanism enabled (wrapper: /home/web/apache/bin/suexec)
[Wed Apr 4 14:03:41 2001] [info] Server built: Apr 4 2001 04:30:41
root@pollux:/home/web/logs 145>

--
-----------------------------------------------------------------
| Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ |
| phil-...@ipal.net | Texas, USA | http://phil.ipal.org/ |
-----------------------------------------------------------------
--
PLEASE NOTE: comp.infosystems.www.authoring.cgi is a
SELF-MODERATED newsgroup. aa.net and boutell.com are
NOT the originators of the articles and are NOT responsible
for their content.

David Efflandt

unread,
Apr 4, 2001, 11:38:06 PM4/4/01
to
On 4 Apr 2001, phil-new...@ipal.net <phil-new...@ipal.net> wrote:
:I have mod_env compiled in, and have tried specifying SetEnv in the

:virtual host context, as well as in many other places. Yet, the
:specified environment variables do not show up for the CGI. What
:other settings may be required to get this going? Could PHP be
:interfering with this?

SetEnv is not trusted (or honored) under suexec (in a /~user dir or if a
user is specified for a vhost). However, you may find that it does appear
for the main docroot running as nobody or similar.

--
David Efflandt effl...@xnet.com http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/

phil-new...@ipal.net

unread,
Apr 5, 2001, 1:37:50 AM4/5/01
to
On 4 Apr 2001 21:38:06 -0600 David Efflandt <effl...@xnet.com> wrote:

| On 4 Apr 2001, phil-new...@ipal.net <phil-new...@ipal.net> wrote:
| :I have mod_env compiled in, and have tried specifying SetEnv in the
| :virtual host context, as well as in many other places. Yet, the
| :specified environment variables do not show up for the CGI. What
| :other settings may be required to get this going? Could PHP be
| :interfering with this?
|
| SetEnv is not trusted (or honored) under suexec (in a /~user dir or if a
| user is specified for a vhost). However, you may find that it does appear
| for the main docroot running as nobody or similar.

Actually, I found that from an earlier followup (that didn't get
crossposted here) and hacked suexec to fix it. The hack was one
which could still be safe. I accepts only environment variables
with a name beginning with "CONF_".

--
-----------------------------------------------------------------
| Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ |
| phil-...@ipal.net | Texas, USA | http://phil.ipal.org/ |
-----------------------------------------------------------------

Michael Wines

unread,
Apr 5, 2001, 5:44:43 AM4/5/01
to
On 4 Apr 2001 12:05:54 -0600, in comp.infosystems.www.authoring.cgi,
phil-new...@ipal.net wrote:

:I have mod_env compiled in, and have tried specifying SetEnv in the


:virtual host context, as well as in many other places. Yet, the
:specified environment variables do not show up for the CGI. What
:other settings may be required to get this going? Could PHP be
:interfering with this?

No

:suexec: enabled; valid wrapper /home/web/apache/bin/suexec

suexec is interfering with it


Have a quick look at the code in suexec.c You will
see a list of environment variables which it considers
safe to pass to your script, including all environment
variables beginning with HTTP_

Try using and environment variable name beginning with
HTTP_ in your SetEnv directive. Note that "HTTP" must
be upper case.

phil-new...@ipal.net

unread,
Apr 5, 2001, 4:28:25 PM4/5/01
to
On 5 Apr 2001 03:44:43 -0600 Michael Wines <twig...@purethought.com> wrote:
| On 4 Apr 2001 12:05:54 -0600, in comp.infosystems.www.authoring.cgi,
| phil-new...@ipal.net wrote:
|
| :I have mod_env compiled in, and have tried specifying SetEnv in the
| :virtual host context, as well as in many other places. Yet, the
| :specified environment variables do not show up for the CGI. What
| :other settings may be required to get this going? Could PHP be
| :interfering with this?
|
| No
|
| :suexec: enabled; valid wrapper /home/web/apache/bin/suexec
|
| suexec is interfering with it
|
|
| Have a quick look at the code in suexec.c You will
| see a list of environment variables which it considers
| safe to pass to your script, including all environment
| variables beginning with HTTP_
|
| Try using and environment variable name beginning with
| HTTP_ in your SetEnv directive. Note that "HTTP" must
| be upper case.

Lots of quick responses to this. I had overlooked suexec.

What I did was hack suexec.c to accept "CONF_" as a prefix
in addition to "HTTP_" as a prefix and the other names it
accepts. I didn't want to be configuring things with names
that might be set by the clients, for security reasons.

--
-----------------------------------------------------------------
| Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ |
| phil-...@ipal.net | Texas, USA | http://phil.ipal.org/ |
-----------------------------------------------------------------

0 new messages