0

I have a bash script that sets up a classpath for accessing a series of JARs (it's tf, the cross-platform, command line tool for Team Foundation Server). The file structure is something like:

/usr/bin/tee-clc/tf
/usr/bin/tee-clc/lib/*.jars

A Django server running via Apache starts a new tf process, executing the bash script; however, it can't access the jar files in the /usr/bin/tee-clc/lib folder. It seems likely that there's some sort of "sandboxing" or something similar to here but searching didn't get me very far. I would imagine the reason I can access the bash file is because it's in the path and executable but the JARs are somehow different?

Hopefully not too nebulous of a question: Why can't I access files (even 777'd) from a Bash script executing as the Apache user.

Update

I'm beginning to think it has a great deal to do with Python's subprocess.popen emulating a shell rather than actually using a shell. I don't think specifying the Shell=True parameter is the "fix" but I'm not sure how to get the Bash script to work without an actual shell...

Community
  • 1
Austin Hanson
  • 101
  • 3

1 Answers1

0

What are the directory permissions ?

Apache usually runs as a specific user - as far as I remember "apache" on Centos. You should ensure that apache user can read and execute directory where your files are.

For example you can try this to check if apache can see the files:

sudo -u apache ls -l /usr/bin/tee-clc/tf

Also I suggest to stop doing any bash CGI scripting at least until shellshock vulnerabilities are really fixed.

Andrew Schulman
  • 8,811
  • 21
  • 32
  • 47
mestia
  • 139
  • 4