[arch-general] community/NUT access cgi in /usr/share/nut/cgi without FollowSymLinks?

David C. Rankin drankinatty at suddenlinkmail.com
Sat Jun 6 08:33:57 UTC 2020

On 06/05/2020 04:04 AM, Maxime Gauduin via arch-general wrote:
> Hi David,
> I haven't used apache in years so please take this with a grain of
> salt. On nginx I'm using the alias directive, restricting access to
> the upsset.cgi to my local network [0], as suggested by the nut
> documentation in /etc/upsset.conf. It seems apache has a similar alias directive so you may be able to achieve the same without using any symlink [1].
> [0] https://paste.xinu.at/BNUJFeuBycXUw8fB/
> [1] https://httpd.apache.org/docs/2.4/mod/mod_alias.html#alias
> Cheers,

Thanks for the reply,

  I already use the alias for the html directory, but the problem is with the
cgi scripts since the default cgi-bin directory is /srv/http/cgi-bin, you
cannot declare a second alias for cgi-bin to /usr/share/nut/cgi -- apache will
fail to start due to conflicting aliases.

Currently I have:

## nut directory
Alias /nut/ "/usr/share/nut/html/"
Alias /nut "/usr/share/nut/html/"
<Directory "/usr/share/nut/html">
<Directory "/usr/share/nut/cgi">
    Options +ExecCGI

  The problem is that the link in the nut files is hardwired to, e.g.:


so it looks for the cgi-bin directory off of the document root not under
/usr/share/nut/cgi and you can't alias to /cgi-bin/nut to /usr/share/nut/cgi
because /cgi-bin/nut will never match due to the default alias of /cgi-bin.

  So it looks like the way I have it will have to work, otherwise we have to
hack the urls in the nut/html files to look for the cgi scripts in
/usr/share/nut/cgi instead of under /cgi-bin/nut

David C. Rankin, J.D.,P.E.

More information about the arch-general mailing list