Running php as a cgi with minimal changes

I found a pretty cool feature in Linux today which can map an extension to a binary. This is nice to get PHP to use a cgi, with out having to add #!/usr/bin/php to the top of all the scripts.

This was done on a CentOS 5 server running cpanel.

Contents 1 Prerequisites 2 To Do it 3 Additional Notes 4 Sources

Prerequisites

First, you must compile Kernel support for binfmt_misc or load the module. It seems to be by default.

Check that it is mounted with

/--(root@fox):[~]-[pts/2]-(04:46pm)
\-> mount | grep bin
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)

The following line may be a requirement on your server in /etc/fstab

 none /proc/sys/fs/binfmt_misc binfmt_misc defaults 0 0 

To Do it

cd /proc/sys/fs/binfmt_misc
echo ':PHP4:E::php4::/usr/local/php4/bin/php:' > register

This maps PHP4 mime (PHP4) type with the Extension (e) of .php4 (php4) to the binary /usr/local/php4/bin/php

So that is :MIME:E::extension::path:

To check and confirm run

cat /proc/sys/fs/binfmt_misc/PHP4
enabled
interpreter /usr/local/php4/bin/php
flags:
extension .php4

/proc/sys/fs/binfmt_misc/PHP4 is based on the first : : of what has been echo'd in.

If you mess up run

echo -1 > /proc/sys/fs/binfmt_misc/PHP4

Note: You need to have

AddHandler cgi-script .php4

In .htaccess or the apache configuration.

On centos using /etc/rc.d/rc.local is the best place to have this start on boot.

The .php4 scripts will need to be set to 755 or executable bit. Since this is CGI if you have suexec the correct permissions need to be used. This means, no 777, and no user nobody (if you are changing from a mod_php no suphp/phpsuexec)

Placing in a cgi-bin should negate the need for executable bit.

Additional Notes

I used this compile line Compile Line, when testing with PHP5:

./configure --enable-cgi --disable-cli --enable-bcmath --enable-calendar --enable-discard-path --enable-ftp 
--enable-gd-native-ttf --enable-magic-quotes --enable-sockets --prefix=/opt/php5 --with-freetype-dir=/usr 
--with-gd --with-gettext 
--with-jpeg-dir=/usr --with-mysql=/usr --with-mysql-sock=/var/lib/mysql/mysql.sock --with-png-dir=/usr --with-ttf 
--with-xpm-dir=/usr/X11R6 --with-zlib --with-zlib-dir=/usr --enable-inline-optimization --disable-debug 
--with-libxml-dir=/opt/libxml2/

PHPloader:

#!/bin/sh

if [ -e /proc/sys/fs/binfmt_misc/PHP4 ]; then
        echo -1 > /proc/sys/fs/binfmt_misc/PHP4
fi

if [ -e /proc/sys/fs/binfmt_misc/PHP5 ]; then
        echo -1 > /proc/sys/fs/binfmt_misc/PHP5
fi

if [ -e /proc/sys/fs/binfmt_misc/PHP ]; then
        echo -1 > /proc/sys/fs/binfmt_misc/PHP
fi



cd /proc/sys/fs/binfmt_misc
echo ':PHP5:E::php5::/opt/php5/bin/php:' > register

I called this /etc/rc.d/phploader.sh and added to /etc/rc.d/rc.local

The above would set the extension .php5, however adding or changing the line to

echo ':PHP5:E::php::/opt/php5/bin/php:' > register

Would set .php

Sources

http://us.php.net/manual/en/security.cgi-bin.shell.php

http://www.tat.physik.uni-tuebingen.de/~rguenth/linux/binfmt_misc.html

http://www.peregrinehw.com/downloads/apache/current/INSTALL-PHPSUEXEC