>From fstab: 10.10.10.10:/vol/shared /shared nfs defaults,exec,tcp,vers=3,intr,_netdev 0 0 >From /proc/mounts 10.10.10.10:/vol/shared /shared nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.10.10.10,mountvers=3,mountport=635,mountproto=tcp,local_lock=none,addr=10.10.10.10 0 0 The apache process user can execute scripts under nfs share: su - www-data -s /bin/bash -c "/shared/www_root/cgi2/test.sh" #working
On Thu, Jan 30, 2020 at 8:57 PM Igor Cicimov <icici...@gmail.com> wrote: > On Wed, Jan 29, 2020, 11:35 PM Michele Mase' <michele.m...@gmail.com> > wrote: > >> I'm trying to execute some gci scripts under a certain directory stored >> under an nfs share without any success; the same configuration is working >> outside nfs share (i.e. under local filesystem). >> What am I missing? >> Regards >> Michele Masè >> >> Local Working: curl https://www.example.com/cgi2/ >> >> Alias /cgi2/ /var/www/html.default/cgi2/ >> <Directory "/var/www/html.default/cgi2"> >> AddHandler cgi-script .cgi .pl .sh >> DirectoryIndex index.cgi index.html >> Options +ExecCGI >> </Directory> >> >> >> NFS Not Working: >> Alias /cgi2/ /shared/www_root/cgi2/ >> <Directory "/shared/www_root/cgi2/"> >> AddHandler cgi-script .cgi .pl .sh >> DirectoryIndex index.cgi index.html >> Options +ExecCGI >> </Directory> >> >> Error_Log: >> AH01262: Options ExecCGI is off in this directory: >> /shared/www_root/cgi2/index.cgi >> >> index.cgi script >> >> #!/usr/bin/perl >> >> print "Content-type: text/html\n\n"; >> print "<html>\n<body>\n"; >> print "<div style=\"width: 100%; font-size: 40px; font-weight: bold; >> text-align: center;\">\n"; >> print "CGI Test Page"; >> print "\n</div>\n"; >> print "</body>\n</html>\n"; >> >> apache2.4.x ubuntu18.04 libapache2-mod-apparmor not installed >> >> aa-status --verbose >> apparmor module is loaded. >> 8 profiles are loaded. >> 8 profiles are in enforce mode. >> /sbin/dhclient >> /usr/bin/man >> /usr/lib/NetworkManager/nm-dhcp-client.action >> /usr/lib/NetworkManager/nm-dhcp-helper >> /usr/lib/connman/scripts/dhclient-script >> /usr/sbin/tcpdump >> man_filter >> man_groff >> 0 profiles are in complain mode. >> 0 processes have profiles defined. >> 0 processes are in enforce mode. >> 0 processes are in complain mode. >> 0 processes are unconfined but have a profile defined. >> >> /proc/mounts >> 10.10.10.10:/vol/shared /shared nfs >> rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.10.10.10,mountvers=3,mountport=635,mountproto=tcp,local_lock=none,addr=10.10.10.10 >> 0 0 >> >> su - www-data -s /bin/bash -c "/bin/cat /shared/www_root/cgi2/index.cgi" >> #working >> -- >> Michele Masè >> > > Usually NFS shares are being mounted without exec permissions for > security, you need to make sure that is not the case. > >> -- Michele Masè
