Bug 69820 - Permissions leave nut-cgi clients basically unusable
Permissions leave nut-cgi clients basically unusable
Product: Red Hat Linux
Classification: Retired
Component: nut (Show other bugs)
i386 Linux
medium Severity low
: ---
: ---
Assigned To: Ngo Than
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2002-07-25 14:54 EDT by Michal Jaegermann
Modified: 2007-04-18 12:44 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-02-11 18:03:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Michal Jaegermann 2002-07-25 14:54:01 EDT
Description of Problem:
In a default installation if one will attempt to execute programs supplied
in 'nut-cgi' package they will run with "apache.apache" ownership.  The problem
is that before they will do something they need to get an information from
files in /etc/ups (in particular from /etc/ups/upsset.conf, to even start
to do something outside of an immediate exit, but not only) and most of these
are unreadable.  They should be at least readable to an "apache" group to be of
any use and then indeed nut-cgi clients can do something.

A some rudimentary documentation would also be nice.  Something which would
say, roughly, "Add in your httpd configuration an alias definition like
ScriptAlias /nut/ "/var/www/nut-cgi-bin/", restrict an access to it properly
and drop among your documents nut.html, say, with a content somewhat like that:

  <TITLE>NUT support</TITLE>
<!-- Background white -->

  <H1 ALIGN="CENTER">NUT tools (UPS access)</H1>
  The following UPS tools are available here
  <A HREF="nut/multimon.cgi" >multimon.cgi</A>

  <A HREF="nut/upsimage.cgi" >upsimage.cgi</A>

  <A HREF="nut/upsset.cgi" >upsset.cgi</A>

  <A HREF="nut/upsstats.cgi" >upsstats.cgi</A>


Then you can try what these will do."

If we could have some description explaing what these are acutally _supposed_ 
to do, without referring to sources, that would be a riot.  'multimon.cgi' is
quite obvious.  What other are really doing, and/or what has to be configured
before they will become truly useful, is not entirely clear.

As things stand now 'rpm -qd nug-cgi' draws blank and typing 'grep -i cgi *'
in /usr/share/doc/nut-0.45.4/docs directory is not very illuminating either.
An advice there really boils down to "configure properly".  Indeed.

Version-Release number of selected component (if applicable):
Comment 1 Ngo Than 2003-02-11 18:03:24 EST
it's fixed 1.2.0-5 or newer.

Note You need to log in before you can comment on or make changes to this bug.