threaded MPM on focal selects cgid instead of cgi but doesn't work
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
apache2 2.4.41-4ubuntu3.14 on focal. With mpm_worker selected, 'a2enmod cgi' redirects to cgid:
# a2enmod cgi
Your MPM seems to be threaded. Selecting cgid instead of cgi.
Enabling module cgid.
To activate the new configuration, you need to run:
systemctl restart apache2
#
However, after restarting apache2, attempting to access a CGI returns a 503.
access log:
10.131.50.215 - - [18/Mar/
error log:
[Sat Mar 18 20:34:54.428705 2023] [cgid:error] [pid 3571669:tid 140058430510848] (13)Permission denied: [client 10.131.
/run/apache2/ contains:
srwx------ 1 www-data root 0 Mar 18 21:45 cgisock.3576630
Permissions on /run/apache2 were for some reason 0600 root root. Changing this to 0700 www-data root doesn't change anything.
# fuser -v /run/apache2/
/run/apache2/
#
Not sure what's wrong here, but I do think that 'a2enmod cgi' if it's going to redirect to cgid should somehow manage to make cgid work.
Maybe I'm missing some step when trying to reproduce the problem, but:
$ lxc launch ubuntu:focal apache2 html/foo. cgi << _EOF_ html/foo. cgi sites-enabled/ 000-default. conf
Options +ExecCgi
AddHandler cgi-script .cgi
</Directory>
$ lxc shell apache2
# apt update && apt install -y apache2
# a2dismod mpm_event
Module mpm_event disabled.
To activate the new configuration, you need to run:
systemctl restart apache2
# a2enmod mpm_worker
Enabling module mpm_worker.
To activate the new configuration, you need to run:
systemctl restart apache2
# a2enmod cgi
Enabling module cgid.
To activate the new configuration, you need to run:
systemctl restart apache2
# systemctl restart apache2
# ls -la /run/apache2/
total 4
drwxr-xr-x 2 root root 80 Mar 21 02:28 .
drwxr-xr-x 24 root root 760 Mar 21 02:20 ..
-rw-r--r-- 1 root root 6 Mar 21 02:28 apache2.pid
srwx------ 1 www-data root 0 Mar 21 02:28 cgisock.16732
# cat > /var/www/
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, World.";
_EOF_
# chmod +x /var/www/
# vim /etc/apache2/
...
<Directory "/var/www/html">
...
:wq
# systemctl restart apache2
Then, in another terminal:
$ curl 10.96.142. 106/foo. cgi
Hello, World.
I'm running:
# apt policy apache2 archive. ubuntu. com/ubuntu focal-updates/main amd64 Packages security. ubuntu. com/ubuntu focal-security/main amd64 Packages dpkg/status 4.41-4ubuntu3 500 archive. ubuntu. com/ubuntu focal/main amd64 Packages
apache2:
Installed: 2.4.41-4ubuntu3.14
Candidate: 2.4.41-4ubuntu3.14
Version table:
*** 2.4.41-4ubuntu3.14 500
500 http://
500 http://
100 /var/lib/
2.
500 http://
Maybe there's something weird going with the CGI script?