ZoneMinder Forums

Did you run the "chmod a+x zms nph-zms"? Because one of your previous posts showed that zms did not have the execute bit set.

-rwxrwxrwx 1 apache apache 1739398 2010-02-02 17:59 nph-zms
-rwxrwxrwx 1 apache apache 1739398 2010-02-02 21:08 zms

I did and just checked it to make sure it took.

stimburg wrote:Just to test to see if a cgi could be parsed by my webserver I created a test.cgi and placed it in the same directory as the zms file. It's a simple cgi script set up to print hello world and works fine in the browser. The web server parsed it with no problems.

I noticed this line

Code: Select all

AddHandler cgi-script .cgi .pl

The AddHandler directive means that your test script would work even if the cgi-bin wasn't set up properly. Rename it to something without a .cgi extension and try again. Also could you post the contents of the test script?

When I renamed the file to just "test" it just displayed the code in the browser.

Okay, make sure the test script has the execute bit set and try again.
If it still just shows the code then edit your http.conf file and make sure the following is in it:
This is assuming the cgi-bin is located in /var/www/htdocs/cgi-bin
If its somewhere else then use that location.

My httpd.conf file is identical to that already.

Just made sure it was set to execute and still displays the guts of the test file.

Can you post the apache config file on pastebin please
as well as a tail of the following log, apache error_log,
and what path is configured in zm.conf for ZM_PATH_CGI
and iin the ZM Options/paths/ ZM_PATH_ZMS?

Did you make a backup of the config files before you changed/touched any of them and what else might have you changed?
Just to be sure, this is on a Slackware 13 installation?

cordel wrote:Can you post the apache config file on pastebin please
as well as a tail of the following log, apache error_log,
and what path is configured in zm.conf for ZM_PATH_CGI
and iin the ZM Options/paths/ ZM_PATH_ZMS?

Did you make a backup of the config files before you changed/touched any of them and what else might have you changed?
Just to be sure, this is on a Slackware 13 installation?

Apache httpd.conf
http://pastebin.com/mb9a171e


ZM_PATH_CGI=/var/www/htdocs/zm/cgi-bin/

PATH_ZMS zm/cgi-bin/zms

This is Slackware 13 and I don't have a backup copy of httpd.conf. The only thing this system did before installing a 4 port video card was a DNS masquerade and backup file storage. It's pretty much a virgin copy of slackware besides that. Just put it together a few months ago to replace an older dying box I had that I did the same things with.

ScriptAlias /cgi-bin/ "/var/www/htdocs/zm/cgi-bin/"
<Directory "/var/www/htdocs/zm/cgi-bin/">
AllowOverride None
Options +ExecCGI -Includes
Order allow,deny
Allow from all
</Directory>

PATH_ZMS zm/cgi-bin/zms

PATH_ZMS should be;
PATH_ZMS cgi-bin/zms

As it is define above in your script alias as from the web root cgi-bin/

In some fashion, the cgi-bin directory has become available to the web root though and I have not noticed where that is happening but is a security concern. You should not be able to download the script. But one thing at a time.

Also, above your script alias:

<Directory "/srv/httpd/htdocs">
Options Indexes FollowSymLinks SymLinksifOwnerMatch ExecCGI

You would not typically set ExecCGI in your web root and is another security concern
that you should be aware of. Though please work one change at a time incase the behavior changes inappropriately, you know what change it was that has done it.

PATH_ZMS zm/cgi-bin/zms

has been changed to

PATH_ZMS cgi-bin/zms

<Directory>
Options Indexes FollowSymLinks SymLinksifOwnerMatch ExecCGI

Removed ExecCGI just from the DocumentRoot section.

Restart apache and the result would be?

Restarted Apache and ZMS still wants to download.

Can you meet me on our IRC?

Is it on EFNet and what channel?