Perl
Category: perl
In /etc/httpd.conf:
server "www.example.com" { listen on * port 80 root "/htdocs/perl" location "*.pl" { fastcgi } location "/.well-known/acme-challenge/*" { root "/acme" request strip 2 } }
To figure out what files need to be copied into the chroot:
$ ldd /usr/bin/perl
/usr/bin/perl:
Start End Type Open Ref GrpRef Name 0000022622dc8000 0000022622dcd000 exe 1 0 0 /usr/bin/perl 000002285bdc7000 000002285c133000 rlib 0 1 0 /usr/lib/libperl.so.20.0 00000228c7de6000 00000228c7e16000 rlib 0 2 0 /usr/lib/libm.so.10.1 000002282f00d000 000002282f101000 rlib 0 2 0 /usr/lib/libc.so.96.0 0000022914fb2000 0000022914fb2000 ld.so 0 1 0 /usr/libexec/ld.so
So I start with this initial guess to build the chroot. I run the following as root:
mkdir -p /var/www/usr/{bin,lib,libexec} cp /usr/bin/perl /var/www/usr/bin/ cp -p /usr/lib/lib{c,m,perl}.so* /var/www/usr/lib/ cp /usr/libexec/ld.so /var/www/usr/libexec/
We need to turn on slowcgi:
$ doas rcctl enable slowcgi $ doas rcctl start slowcgi
Then we run:
$ doas chroot -u www -g daemon /var/www perl
I test some random gibberish to make sure perl works inside the chroot:
print "shibboleth";
Then ctrl+d to escape; and since it echoes shibboleth
, it works.
Next, I create the directory to hold perl scripts:
mkdir -p /var/www/htdocs/perl/
Now I put an index.pl in /var/www/htdocs/perl/ just to see if the web server loads it:
#!/usr/bin/perl -w use strict; print "Content-Type:text/html\n\n"; print "This is the index file for www.example.com\n";
Make sure to set the proper permissions:
$ doas chown -R www:daemon /var/www/htdocs/perl/ $ doas chmod +x /var/www/htdocs/perl/index.pl
At this point I try running this command:
$ curl example.com/index.pl
I get a 500 Internal Error, which means perl is not able to execute properly.
So I search for missing perl libraries:
$ doas find / -iname '*perl*'
The interesting one is the folder /usr/libdata/perl5 . We definitely need these libraries, so I update my script for creating the chroot:
mkdir -p /var/www/usr/{bin,lib,libexec,libdata} cp /usr/bin/perl /var/www/usr/bin/ cp -p /usr/lib/lib{c,m,perl,pthread,util,z}.so* /var/www/usr/lib/ cp /usr/libexec/ld.so /var/www/usr/libexec/ cp -R /usr/libdata/perl5 /var/www/usr/libdata/ mkdir -p /var/www/{tmp,dev} chown www:daemon /var/www/tmp touch /var/www/dev/null