[apache2] Execution d'un script python en cgi


J’aimerais exécuter un script python avec apache en tant que cgi. Malgré des heures de conf impossible d’avoir autre chose que du plaintext quand je tente t’accéder à localhost/

Voici mon fichier de configuration apache (toute la configuration apache est par défaut sauf la section /var/www):

# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.

# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#	/etc/apache2/
#	|-- apache2.conf
#	|	`--  ports.conf
#	|-- mods-enabled
#	|	|-- *.load
#	|	`-- *.conf
#	|-- conf-enabled
#	|	`-- *.conf
# 	`-- sites-enabled
#	 	`-- *.conf
# * apache2.conf is the main configuration file (this file). It puts the pieces
#   together by including all remaining configuration files when starting up the
#   web server.
# * ports.conf is always included from the main configuration file. It is
#   supposed to determine listening ports for incoming connections which can be
#   customized anytime.
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
#   directories contain particular configuration snippets which manage modules,
#   global configuration fragments, or virtual host configurations,
#   respectively.
#   They are activated by symlinking available configuration files from their
#   respective *-available/ counterparts. These should be managed by using our
#   helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
#   their respective man pages for detailed information.
# * The binary is called apache2. Due to the use of environment variables, in
#   the default configuration, apache2 needs to be started/stopped with
#   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
#   work with the default configuration.

# Global configuration

# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# NOTE!  If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the Mutex documentation (available
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
# you will save yourself a lot of trouble.
# Do NOT add a slash at the end of the directory path.
#ServerRoot "/etc/apache2"

# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
Mutex file:${APACHE_LOCK_DIR} default

# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars

# Timeout: The number of seconds before receives and sends time out.
Timeout 300

# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive On

# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100

# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
KeepAliveTimeout 5

# These need to be set in /etc/apache2/envvars

# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog ${APACHE_LOG_DIR}/error.log

# LogLevel: Control the severity of messages logged to the error_log.
# Available values: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the log level for particular modules, e.g.
# "LogLevel info ssl:warn"
LogLevel warn

# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

# Include list of ports to listen on
Include ports.conf

# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
	Options FollowSymLinks
	AllowOverride None
	Require all denied

<Directory /usr/share>
	AllowOverride None
	Require all granted

<Directory /var/www/>
	Options Indexes FollowSymLinks ExecCGI
	AddHandler cgi-script .py
	DirectoryIndex index.py
	AllowOverride None
	Require all granted

#<Directory /srv/>
#	Options Indexes FollowSymLinks
#	AllowOverride None
#	Require all granted

# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride
# directive.
AccessFileName .htaccess

# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
	Require all denied

# The following directives define some format nicknames for use with
# a CustomLog directive.
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.

# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf

# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 ls -al /var/www/
total 12
drwxr-xr-x  2 glaucos root 4096 Nov 26 11:21 .
drwxr-xr-x 13 root    root 4096 Oct 14 21:13 ..
-rwxrwxr-x  1 glaucos root   73 Nov 26 11:21 index.py
cat index.py
print("Content-type: text/html;")

/usr/bin/python -V Python 2.7.5+
Je me demande même si le problème vient de la configuration d’apache :stuck_out_tongue:

Quelqu’un a-t-il une idée ?

Merci d’avance,

pour info j’ai ceci dans


Alias /python /home/limax/apache/python <Directory /home/limax/apache/python> AddDefaultCharset UTF-8 SetEnv PYTHONIOENCODING utf8 Options Indexes FollowSymLinks MultiViews ExecCGI DirectoryIndex index.py AddHandler cgi-script .cgi .py .py3 .wsgi AllowOverride None #Order allow,deny #allow from all Require all granted </Directory>

Le dossier est ici /home/limax/apache/python

edit: print(“Content-type: text/html;”) c’est du python3

Code: /usr/bin/python -V Python 2.7.5+ :018
c’est du python2.7 il semble normal que tu es des problèmes

Essaye ceci pour index.py

#!/usr/bin/python3 print("Content-Type: text/html ;charset=utf-8\n") print("<p>TEST!</p>")


merci de ta réponse. J’ai modifié l’interpréteur et la conf d’apache:

<Directory /var/www/> AddDefaultCharset UTF-8 SetEnv PYTHONIOENCODING utf8 Options Indexes FollowSymLinks MultiViews ExecCGI AddHandler cgi-script .py DirectoryIndex index.py AllowOverride None Require all granted </Directory>

Mais j’ai toujours le texte de mon code quand je demande localhost/ La directive directoryindex est bien prise en compte mais pour une raison obscure impossible d’exécuter de cgi…

Tu as deux sorte:
/var/www = par défaut, pour html, php, etc
(par défaut /usr/…/cgi-bin, mais tu peux changer:)/var/www/cgi-bin = pour c, c++, python

(Si je me souviens bien) Les deux dans le même répértoire ne fonctionne pas. (Peut-être c’est configurable.)
N’oublie pas aussi les droits executable sur les .py

En bas du bloc /var/www/ tu peux ajouter un même pour cgi(python), exemple:
Alias /python /var/www/python
<Directory /var/www/python>
Options Indexes FollowSymLinks MultiViews ExecCGI
AllowOverride None
Order all,deny
allow from all
Require all granted

Peut-être utile:
Order all,deny
allow from all
remplacer par:
Order deny,all
allow from ::1
Pour n’autoriser que l’utilisateur en localhost, à distant tous sera refuser.

Et comme dis plus haut, faut bien différencier python2.x de python 3.x, sinon sa marche pas et par défaut je penses tu n’as pas d’info sur les erreurs (mais peut-être dans les logs /var/log/apache2/…).

Pour que sa fonctionne faut installer:
libapache2-mod-python pour python2
libapache2-mod-wsgi-py3 pour python3

et si tu veux:

Peut-être que les logs d’Apache donneraient des informations utiles concernant le problème rencontré :whistle:

merci pour ces conseils. J’ai donc installé les libapache2-mod-wsgi-py3 et fastcgi. Mais ce n’est pas nécessaire pour que ça fonctionne normalement, si ?
Les logs d’apache2 [Wed Nov 27 12:39:12.901610 2013] [mpm_prefork:notice] [pid 9781] AH00169: caught SIGTERM, shutting down [Wed Nov 27 12:39:13.978740 2013] [:notice] [pid 9935] FastCGI: process manager initialized (pid 9935) [Wed Nov 27 12:39:13.990351 2013] [mpm_prefork:notice] [pid 9933] AH00163: Apache/2.4.6 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.5-1 mod_wsgi/3.4 Python/3.3.2+ configured -- resuming normal operations [Wed Nov 27 12:39:13.990413 2013] [core:notice] [pid 9933] AH00094: Command line: '/usr/sbin/apache2'
Pas d’erreur, apache2 semble simplement être configuré pour ne pas interprêter les cgis.

Pourtant, j’ai ajouté à apache2.conf:

<Directory /var/www/>
	Options Indexes FollowSymLinks
	DirectoryIndex index.py
	AllowOverride None
	Require all granted

ScriptAlias /cgi/ /var/www/python/
<Directory /var/www/python> 
#tous les fichiers sont exécutés
Options +ExecCGI
SetHandler cgi-script
AllowOverride None
DirectoryIndex index.py
allow from all
Require all granted

je demande localhost/cgi/ dans mon navigateur, le link est correct et j’accède bien à index.py dans /var/www/python/ mais seulement au code source qui n’est pas exécuté :imp:

Peut-être qu’il faut rajouter un module encore pour les cgi ?



J’ai regardé en diagonale, mais sur mon apache je suis obligé de rendre les scripts python exécutables pour qu’ils s’exécutent :116

# ls -al |grep py -rwxr-xr-x 1 www-data www-data 931 juil. 17 2012 enregistrement.py

Comme c’est de l’usage interne, c’est dans /var/www/monrep/enregistrement.py, avec un fichier dans /etc/apache2/conf.d contenant :

# configuration pour cgi python <Directory "/var/www/monrep"> AllowOverride None Options +ExecCGI Order allow,deny Allow from all AddHandler cgi-script .py AddHandler default-handler .html .htm

Et un fichier de test (c’était pour l’inclusion de cx_Oracle, j’avais une maison close dans le path) test.py :


-- coding: utf-8 --

import sys
import cgitb

initialisation du retour

print ‘Content-type: text/html\n’








Importation de cx_Oracle

import cx_Oracle

Erreur : le module cx_Oracle ne semble pas être installé !





Sinon ça fonctionne aussi très bien avec lighttp :mrgreen:


J’avais ça dans conf-enabled:

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory /usr/lib/cgi-bin/>
AllowOverride None
Options +ExecCGI +Indexes -MultiViews +SymLinksIfOwnerMatch
Require all granted
AddHandler cgi-script .py

Et en effet le module CGI n’était jamais activé, d’où le problème, résolu par un simple:

root@debian:/etc/apache2/mods-enabled# ln -s ../mods-available/cgi.load cgi.load


Tu peux même changer:
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory /usr/lib/cgi-bin/>


ScriptAlias /python/ /var/www/python/
<Directory /var/www/python/>

Pour rester dans /var/www/(python/) au lieu de /usr/lib/cgi-bin/.

Avec wsgi pour python3, je penses pas qu’il faut avoir: AddHandler cgi-script .py
Ça fonctionnait directement chez moi (si je me souviens bien).

Avec juste

ScriptAlias /python/ /var/www/python/
<Directory /var/www/python/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
allow from all
Require all granted

ça marche, ScriptAlias sous-entend execcgi et addhandler en effet.

Merci à tous pour votre aide :slightly_smiling: !

ok mais si tu utilises python3 tu auras sans doute besoin pour les accents de rajouter

AddDefaultCharset UTF-8 SetEnv PYTHONIOENCODING utf8

voir http://www.debian-fr.org/python-3-web-utf-8-accent-t45739.html

edit il semble que ce soit plutôt: SetEnv PYTHONIOENCODING utf-8

Perso je préfères que l’utf-8 soit: supporter, mais activer/utiliser que manuellement dans mes scripts python.
Utiliser juste: AddDefaultCharset UTF-8, avec # -- coding: utf-8 --, devrait faire cela.
(J’ai pas tester et ne le peux pas, mais si sa marche, c’est mieux pour le developpement, on sait quoi on fait.)