Ubuntu
apache2 package

threaded MPM on focal selects cgid instead of cgi but doesn't work

Bug #2012154 reported by Steve Langasek

This bug report will be marked for expiration in 55 days if no further activity occurs. (find out why)

6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Incomplete
Undecided
Unassigned

Bug Description

apache2 2.4.41-4ubuntu3.14 on focal. With mpm_worker selected, 'a2enmod cgi' redirects to cgid:

# a2enmod cgi
Your MPM seems to be threaded. Selecting cgid instead of cgi.
Enabling module cgid.
To activate the new configuration, you need to run:
  systemctl restart apache2
#

However, after restarting apache2, attempting to access a CGI returns a 503.

access log:

10.131.50.215 - - [18/Mar/2023:20:34:54 +0000] "GET /madison.cgi HTTP/1.1" 503 568 "-" "Wget/1.20.3 (linux-gnu)"

error log:

[Sat Mar 18 20:34:54.428705 2023] [cgid:error] [pid 3571669:tid 140058430510848] (13)Permission denied: [client 10.131.50.215:34668] AH01257: unable to connect to cgi daemon after multiple tries: /srv/ubuntu-archive/madison.cgi

/run/apache2/ contains:

srwx------ 1 www-data root 0 Mar 18 21:45 cgisock.3576630

Permissions on /run/apache2 were for some reason 0600 root root. Changing this to 0700 www-data root doesn't change anything.

# fuser -v /run/apache2/cgisock.3576630
                     USER PID ACCESS COMMAND
/run/apache2/cgisock.3576630:
                     www-data 3576631 F.... apache2
#

Not sure what's wrong here, but I do think that 'a2enmod cgi' if it's going to redirect to cgid should somehow manage to make cgid work.

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Maybe I'm missing some step when trying to reproduce the problem, but:

$ lxc launch ubuntu:focal apache2
$ lxc shell apache2
# apt update && apt install -y apache2
# a2dismod mpm_event
Module mpm_event disabled.
To activate the new configuration, you need to run:
  systemctl restart apache2
# a2enmod mpm_worker
Enabling module mpm_worker.
To activate the new configuration, you need to run:
  systemctl restart apache2
# a2enmod cgi
Enabling module cgid.
To activate the new configuration, you need to run:
  systemctl restart apache2
# systemctl restart apache2
# ls -la /run/apache2/
total 4
drwxr-xr-x 2 root root 80 Mar 21 02:28 .
drwxr-xr-x 24 root root 760 Mar 21 02:20 ..
-rw-r--r-- 1 root root 6 Mar 21 02:28 apache2.pid
srwx------ 1 www-data root 0 Mar 21 02:28 cgisock.16732
# cat > /var/www/html/foo.cgi << _EOF_
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, World.";
_EOF_
# chmod +x /var/www/html/foo.cgi
# vim /etc/apache2/sites-enabled/000-default.conf
...
        <Directory "/var/www/html">
                Options +ExecCgi
                AddHandler cgi-script .cgi
        </Directory>
...
:wq
# systemctl restart apache2

Then, in another terminal:

$ curl 10.96.142.106/foo.cgi
Hello, World.

I'm running:

# apt policy apache2
apache2:
  Installed: 2.4.41-4ubuntu3.14
  Candidate: 2.4.41-4ubuntu3.14
  Version table:
 *** 2.4.41-4ubuntu3.14 500
        500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
        100 /var/lib/dpkg/status
     2.4.41-4ubuntu3 500
        500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages

Maybe there's something weird going with the CGI script?

Changed in apache2 (Ubuntu):
status: New → Incomplete
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.