I have read this forum to bits and can't find an answer to how I can protect a script.sh file on ccgi.
I think we all know .htaccess will only work with .htm ect.
Am i allowed to use space above the web root and use putty to reach it?
Is there another way?
Thanks in advance.

"If a problem is proving difficult to answer... maybe I don't have enought information".
gbj

Protect it in what way?

So knowone can see it - put it in a .htaccess password protected directory
So you can only run it and not view it - put it in cgi-bin (which is the only place it can run from anyway).
or somethig else?

You don't have any access to directories above webroot on the ccgi server like you do on your www webspace.

Once again thanks for a great reply.
As the mist clears may I use this to not only clarify this for myself but anyone else who is interested.

Object of exercise is to place a secured backup script in place and run it from a crotab.
1. Secure CGI-BIN on ccgi with .htaccess.
2. Place the file backup.sh in the cgi-bin folder as it is the only place a .sh can be run from.
3. Test that it runs by calling it using telnet or putty.
4. Again using one of the above... putty, follow the crontab tutorial at plusnet usertools and go $ crontab -e... setup a timed call to bachup.sh.

The script will contain my mysql details, so it must be protected from the outside world.

Cross fingers
If it works, thank PV for is great guidance.
If it dosn't work, ask PV for more help.
Many thanks
gbj

Hi again,

Progress Report
1. Set up .htaccess in the cgi-bin folder.
2. Going /cgi-bin brings up the .htaccess login and it works.
3. Close the browser and relaunch, then /cgi-bin/crontab2.sh, and I go straight to the file... no login required.
I gave the file 750 rights, and there are error messages saying it will not run, but it is not protected.

If I do this in a .htaccess protected folder called "backup01" , but outside cgi-bin for instance, then both the folder and the file are protected.

At this stage, I have to conclude that .htaccess does not stop access to a .sh file in the cgi-bin folder.

If I am correct, that means that I can not have any scripts with passwords in the cgi-bin folder!!

Have I lost the plot?... any advice welcome.
Polite answers please... I am a learner.

Many thanks all,
gbj

You cannot protect cgi-bin with .htaccess & passwords because it is a special folder. Also you only need the .sh in cgi-bin if you want to run it from a webpage/url.

So, create yourself a directory in your root folder (say scripts) and password protect it using .htaccess/.hpasswd

Then just run the script from cron specifying $HOME/scripts/something.sh. Cron does not know about .htaccess files so it has access to the directory. Ensure your scripts are set to set to 700 (rwx------).

Once again thanks for your excellent reply.

Progress report.

1. Created a folder called "backup01" and protected it with .htaccess... works fine.

2. Placed a script called cronjob2.sh in the folder, gave it 700 file status and tested that it was protected.

3. Logged in to putty, navigated to "backup01" and typed in "cronjob2.sh" enter... somthing along the lines of  "object not recognised", but it did send me an email with the correct name and date gzipped.. but empty.
To be honest I made a number of attempts at this and am a bit vague about my exact actions.

The script I am using is a hack of a number I have found and is as follows...

#! /bin/bash
#plusnet version
DBHOST=humbug.plus.net
DBNAME=myname_pn
DBPASS=******
DBUSER=myname
#Keep the " around your address
EMAIL="me@myname.plus.com"
#Change the 'table_name' to match your table name in the database
/usr/local/bin/mysqldump -h $DBHOST -u$DBUSER -p$DBPASS --opt $DBNAME  table_name01 > backup.sql
gzip backup.sql
DATE=`date +%Y%m%d` ; mv backup.sql.gz $DBNAME-backup-$DATE.sql.gz
echo 'myname: Your mySQL Backup is attached' | mutt -a $DBNAME-backup-$DATE.sql.gz $EMAIL -s "MySQL Backup-myname_pn"
rm $DBNAME-backup-$DATE.sql.gz

I feel success may be just round the corner and would appreciate that last bit of help for anyone who has the experience I so obvoiusly lack.

Questions are:-
Line 1: is it "#! /bin/bash" with a space or "#!/bin/bash"?... I see both.
Line 10: I don't understand the path i have there... is this my local path or the path on humbug to execute mysqldump? I think that this is my problem line in the code.

many thanks
gbj

Line 1: you can use either method
Line 10: It is the path to the mysqldump command on the ccgi server. On plusnet this is /usr/bin/mysqldump so use that path instead of /usr/local/bin.  However, you shuld have received a ./cronjob2.sh: line 10: /usr/local/bin/mysqldump: No such file or directory error rather than an object expected.

On shared servers, the location of programs can differ depending on where they are installed. To find the location of any program to use in a script use the whereis command:

Hi again
Your answers are great.

I still don't seem to be able to connect to humbug.
Here is the putty readout

Last login: Thu Mar 16 09:20:17 2006 from godricbj.plus.com
godricbj@cshell02:~$ whereis mysqldump
mysqldump: /usr/bin/mysqldump /usr/share/man/man1/mysqldump.1.gz
godricbj@cshell02:~$ cd backup01
godricbj@cshell02:~/backup01$ ls
backup.sql?.gz  cronjob2.sh  old-cronjob2.sh
godricbj@cshell02:~/backup01$ bash cronjob2.sh
/usr/bin/mysqldump: Got error: 2002: Can't connect to local MySQL server through                      socket '/var/run/mysqld/mysqld.sock' (2) when trying to connect
.gz already exists; do you wish to overwrite (y or n)? n
        not overwritten
mv: cannot stat `backup.sql.gz': No such file or directory
-backup-20060316.sql.gz: No such file or directory
-backup-20060316.sql.gz: unable to attach file.
rm: cannot remove `godricbj_pn\r-backup-20060316.sql.gz': No such file or directory

Knocking it down one at a time, I check the path to mysqldump, then run cronjob2.sh and get error:2002.
Is this a symlink to another box?
Do I need more in my line 10 to get it to let me in?
My present line 10 is...

/usr/bin/mysqldump -u$DBUSER -p$DBPASS --opt $DBNAME  test01 > backup.sql
I removed "-h $DBHOST" as I assumed that it was not needed.
Before removing it I got..

error: 2005: Unknown MySQL Server Host

As ever all help is most gratefully recieved.

Many thanks
gbj

The socket error is because you did not specify a host. The $DBHOST is required.

I've just tried your script (copied & pasted from your earlier post & corrected the past to mysqldump), added my details and it worked fine for me. The only difference being i'm on rumpus.

Try using humbug instead of humbug.plus.net although it should not make any difference (I used rumpus.plus.net).

Also how did you upload the script. If via FTP did you upload in ascii mode.

What  password are you using, the one you logged into the ccgi with or the one supplied in the email when you enabled MySQL. You should not use your ccgi password.

yes *yes* YES
it works... and i think i know why it didn't before.
its a bit of a trap i think... i was using cuteftp and editing using wordpad... like clicking edit in cuteftp which downloads the file into wordpad... edit save... close wordpad and then upload with cuteftp. It seems to muck up the file.
I now edit only with notepad, and this works.

now to refinement...
it works with a list of tables... leave out the list and it downloads the whole database... this is all good... But I don't seem to be able to use "--ignore-table=database_name.table_name" which is availabe from mysql 4.1.9 and since humbug says its 4.1.11 I think i should be able to use it. It says it does not recognise the command. Maybe my syntax is wrong...

/usr/bin/mysqldump -h $DBHOST -u$DBUSER -p$DBPASS --opt $DBNAME --ignore-table=$DBNAME.test01 > backup.sql

It would be really nice to make this package of work available to others in a completed checked out form, and to that end may i ask for your help on this final item.
Once again your help has been invaluable.
gbj

While rumpus and humbug are running 4.1.11, the ccgi servers are still on 4.0.24 hence why mysqldump does not recongnse the ignore.

I will raise this issue with PN as the ccgi/cshell servers should have been upgraded when the mysql servers were.

Once again many many thanks... I could have been going round in ever decreasing circles trying to find that one out.

Would it be useful for me to put all this in a document, have it ok'ed, and have someone place it in ccgi tutorials, or is too basic?

Come what may, it would be good to do this when ignore-tables is available, then it makes a simple but reasonably complete backup package.

Once again, I am so grateful for all your help.

gbj