about-filter in chroot on OpenBSD (httpd + slowcgi)
Paul W. Rankin
pwr at bydasein.com
Sun Mar 28 05:35:55 UTC 2021
Hello,
I'm running cgit on OpenBSD with httpd + slowcgi and can't seem to get
the about-filter to work. Both httpd and slowcgi run in the default
chroot of /var/www.
I've compiled lowdown with "-static -pie" to /var/www/bin/lowdown
(chroot /bin/lowdown) with permissions:
-rwxr-xr-x 1 root bin 1325512 Mar 4 01:38 /var/www/bin/lowdown
In my cgitrc (cgit.conf):
about-filter=/bin/lowdown
readme=:README.md
However, upon visiting an About page of a repo that includes a
README.md, I get only a blank page and the following is logged in
error.log:
lowdown: README.md: No such file or directory
Here's the cgit server section in httpd.conf:
server "git.bydasein.com" {
listen on * port 80
listen on * tls port 443
root "/cgi-bin/cgit.cgi"
tls {
certificate "/etc/ssl/bydasein.com.fullchain.pem"
key "/etc/ssl/private/bydasein.com.key"
}
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
location "/robots.txt" {
root "/htdocs/git.bydasein.com"
no fastcgi
}
location "/favicon.ico" {
root "/htdocs/git.bydasein.com"
no fastcgi
}
location "/cgit.css" {
root "/htdocs/git.bydasein.com"
no fastcgi
}
location "/custom.css" {
root "/htdocs/git.bydasein.com"
no fastcgi
}
fastcgi {
socket "/run/slowcgi.sock"
param CGIT_CONFIG "/conf/cgit.conf"
}
}
I'm pretty sure I can have this work if I disable the chroot in httpd
and/or slowcgi, but I'd prefer a solution that doesn't require that.
Does anyone have any ideas? Has anyone managed to get cgit running on
OpenBSD using httpd + slowcgi with chroot enabled?
Thanks for your time :)
--
Paul W. Rankin
https://bydasein.com
The single best thing you can do for the world is delete your social
media accounts.
More information about the CGit
mailing list