ShopSite Forums

[David Gray]

I'm calling a php script via the Order API. This has been working great but
recently I added some code to write to a text log file and I get permission
denied. The log file is owned by "nobody" since the file was created and
also gets written to by another php script running via the web server
(Apache). Can you tell me who my script runs as when called by the Order
API? Can I arrange for my log file to be written both by my Order API script
and my web server script?

--

David P. Gray
Gray Design Associates

[Rob]

An order API script runs as the same permission as the webserver owner (i.e.
the same permissions if the script was called from the web directly). This
would be "nobody" if that is what the webservers runs under. As long as your
log file is writable by this owner, it should work unless there are file
locking issues.

Rob

"David Gray" <david@nospam.dgray.com> wrote in message
news:e7rm4c$gth$1@eval.shopsite.com...

I'm calling a php script via the Order API. This has been working great
but
recently I added some code to write to a text log file and I get
permission
denied. The log file is owned by "nobody" since the file was created and
also gets written to by another php script running via the web server
(Apache). Can you tell me who my script runs as when called by the Order
API? Can I arrange for my log file to be written both by my Order API
script
and my web server script?

--

David P. Gray
Gray Design Associates

[David Gray]

Thanks for the reply, Rob. I'm not sure if that is correct in my case
though. To test it I put a call to /usr/bin/id in the php script and these
are the results I got:

php run via browser: uid=65534(nobody) gid=998(www) groups=998(www)
php run via Order API: uid=3062(dgray) gid=1000(users) groups=1000(users)

The last one is the same one I get if I run "id" from the command line. Is
this something I should take up with my ISP (pair.com)?

--

David P. Gray
Gray Design Associates
"Rob" <rob@lexiconn.com> wrote in message
news:e7rq6r$j4g$1@eval.shopsite.com...

An order API script runs as the same permission as the webserver owner
(i.e.
the same permissions if the script was called from the web directly). This
would be "nobody" if that is what the webservers runs under. As long as
your
log file is writable by this owner, it should work unless there are file
locking issues.

Rob

"David Gray" <david@nospam.dgray.com> wrote in message
news:e7rm4c$gth$1@eval.shopsite.com...
I'm calling a php script via the Order API. This has been working great
but
recently I added some code to write to a text log file and I get
permission
denied. The log file is owned by "nobody" since the file was created and
also gets written to by another php script running via the web server
(Apache). Can you tell me who my script runs as when called by the Order
API? Can I arrange for my log file to be written both by my Order API
script
and my web server script?

--

David P. Gray
Gray Design Associates

[Rob]

David,

Ah ok. I believe pair runs ShopSite through a cgiwrap which makes ShopSite
run under your userid permissions. So, since ShopSite is the parent process
for an order API script, it will run as your userid as well.

You will want to make your log file world writable if you have both nobody
and your userid processes writing to it.

Rob

"David Gray" <david@nospam.dgray.com> wrote in message
news:e7tlg1$fi1$1@eval.shopsite.com...

Thanks for the reply, Rob. I'm not sure if that is correct in my case
though. To test it I put a call to /usr/bin/id in the php script and these
are the results I got:

php run via browser: uid=65534(nobody) gid=998(www) groups=998(www)
php run via Order API: uid=3062(dgray) gid=1000(users) groups=1000(users)

The last one is the same one I get if I run "id" from the command line. Is
this something I should take up with my ISP (pair.com)?

--

David P. Gray
Gray Design Associates
"Rob" <rob@lexiconn.com> wrote in message
news:e7rq6r$j4g$1@eval.shopsite.com...
An order API script runs as the same permission as the webserver owner
(i.e.
the same permissions if the script was called from the web directly).
This
would be "nobody" if that is what the webservers runs under. As long as
your
log file is writable by this owner, it should work unless there are file
locking issues.

Rob

"David Gray" <david@nospam.dgray.com> wrote in message
news:e7rm4c$gth$1@eval.shopsite.com...
I'm calling a php script via the Order API. This has been working great
but
recently I added some code to write to a text log file and I get
permission
denied. The log file is owned by "nobody" since the file was created
and
also gets written to by another php script running via the web server
(Apache). Can you tell me who my script runs as when called by the
Order
API? Can I arrange for my log file to be written both by my Order API
script
and my web server script?

--

David P. Gray
Gray Design Associates

[loren_d_c]

Pair is running the ShopSite cgi's through a program called 'suexec'
which changes the user the cgi's are run as to your own account user.
Since that is the user the ShopSite thankyou.cgi is run as, that will be
the same user that any child process (i.e. your custom php script) is
run as, too.

In general, I would say that if your Order API custom cgi is the same
ownership and permissions as the working thankyou.cgi, then it should
work too (at least as far as execute permissions go).

-Loren


David Gray wrote:

Thanks for the reply, Rob. I'm not sure if that is correct in my case
though. To test it I put a call to /usr/bin/id in the php script and these
are the results I got:

php run via browser: uid=65534(nobody) gid=998(www) groups=998(www)
php run via Order API: uid=3062(dgray) gid=1000(users) groups=1000(users)

The last one is the same one I get if I run "id" from the command line. Is
this something I should take up with my ISP (pair.com)?

[David Gray]

Thanks, Rob and Loren. Rob appears to be correct, I see my shopsite URLs
include cgi-sys/cgiwrap so looks like they use cgiwrap, not suExec. Either
way, the Order API runs my script as me, not nobody.

I notice my log file created by my script is actually owner "nobody", group
"users" so if I set directory and file mask to 775 instead of 755 that
should allow both me and nobody to write it.

--

David P. Gray
Gray Design Associates
"Loren" <loren_d_c@yahoo.com> wrote in message
news:e7u1uj$k0f$1@eval.shopsite.com...

Pair is running the ShopSite cgi's through a program called 'suexec'
which changes the user the cgi's are run as to your own account user.
Since that is the user the ShopSite thankyou.cgi is run as, that will be
the same user that any child process (i.e. your custom php script) is
run as, too.

In general, I would say that if your Order API custom cgi is the same
ownership and permissions as the working thankyou.cgi, then it should
work too (at least as far as execute permissions go).

-Loren


David Gray wrote:
Thanks for the reply, Rob. I'm not sure if that is correct in my case
though. To test it I put a call to /usr/bin/id in the php script and
these
are the results I got:

php run via browser: uid=65534(nobody) gid=998(www) groups=998(www)
php run via Order API: uid=3062(dgray) gid=1000(users)
groups=1000(users)

The last one is the same one I get if I run "id" from the command line.
Is
this something I should take up with my ISP (pair.com)?