Missing CGI.pm and Other Mysteries
I have reached the point in my career as a columnist when there is too much mail to ignore. I'm not drowning in torrents of e-mail, mind you, but it's still a nice surprise to receive responses from readers. Some of the mail that I have received over the last month or two, though, warrants extended response. In addition to answering some brief questions about CGI.pm and the guestbook program that appeared in the January issue, I will discuss security issues relevant to CGI programmers and Web administrators.
One of the first questions that I received—from several readers of my column in the January issue—is, “Where is CGI.pm?” These readers were surprised that the programs included with my column and which were supposed to work, were failing on them. In particular, they were getting messages like this:
Can't locate CGI.pm in @INC at - line 1. BEGIN failed—compilation aborted at - line 1.
What was going wrong here? Why wasn't CGI.pm on their systems?
The simple answer to this question is that CGI.pm, for all of its useful and amazing features, is just one of the many terrific Perl 5 modules that isn't included with the standard Perl distribution. Perl comes with a number of basic modules, but these are only the tip of the iceberg. Most of the modules you might want to use are available from CPAN, the Comprehensive Perl Archive Network—such as those for database server access (obviating the need for separate Perl executables, such as oraperl and sybperl), manipulation of times and dates, handling of e-mail folders, and many more.
CPAN is a set of FTP sites that mirror each other at regular intervals, and which allow programmers to download the most recent versions of various modules programmers have generously donated to the Perl community. One of these modules, and one which I tend to use often in my professional life and in my LJ column, is CGI.pm—which, as you might have guessed, is a module that makes it relatively easy for us to write CGI programs.
The easiest way to get to CPAN is via the reflector at perl.com, a site run and maintained by Tom Christiansen, one of the luminaries of the Perl community. If you go to http://www.perl.com/CPAN, making sure you leave off the final slash, you will be able to select a site near you from which you can download various Perl modules. Alternatively, you can include the final slash, as well as the rest of the path name relative to CPAN, and enter a random site from the full CPAN network, as follows:
This URL will result in a listing of the various module categories available for downloading. Each category contains one or more modules; for CGI.pm, we need to enter the CGI category, where we can find (as of this writing) the file CGI.pm-2.30.tar.gz.
After downloading this file, use the gunzip program to uncompress the file, and then the tar program to expand it. Do this with these commands:
gunzip --verbose CGI.pm-2.30.tar.gz tar -xvvf CGI.pm-2.30.tar.gz
The doubled v option specifies additional “verbosity” when expanding files; while you can certainly untar CGI.pm without using any verbosity, I prefer to see what I'm expanding, rather than simply let the command go about its business.
If you are using a system with GNU tar (as is the case with virtually all Linux systems), you can combine these two operations by using the z option with tar:
tar -zxvvf CGI.pm-2.30.tar.gz
After unpacking CGI.pm in this way, you should be able to enter the newly-created directory (named CGI.pm-2.30 in the above example), configure, and compile the file with the standard Perl module installation commands. Here is what that process looked like on my system:
 /downloads% cd CGI.pm-2.30  /downloads/CGI.pm-2.30% perl Makefile.PL Checking if your kit is complete... Looks good Writing Makefile for CGI  /downloads/CGI.pm-2.30% make cp CGI/Carp.pm ./blib/lib/CGI/Carp.pm cp CGI/Fast.pm ./blib/lib/CGI/Fast.pm cp CGI/Push.pm ./blib/lib/CGI/Push.pm cp CGI.pm ./blib/lib/CGI.pm Magnifying ./blib/man3/CGI::Fast.3 Magnifying ./blib/man3/CGI::Carp.3 Magnifying ./blib/man3/CGI::Push.3 Magnifying ./blib/man3/CGI.3Now that you have configured and compiled CGI.pm, install it into your system with the command make install. In order to do this, you will need to be logged in as the root user, as shown here:
 /downloads/CGI.pm-2.30# make install Skipping /usr/lib/perl5/site_perl/./CGI/Carp.pm (unchanged) Skipping /usr/lib/perl5/site_perl/./CGI/Fast.pm (unchanged) Skipping /usr/lib/perl5/site_perl/./CGI/Push.pm (unchanged) Installing /usr/lib/perl5/site_perl/./CGI.pm Skipping /usr/lib/perl5/man/man3/./CGI::Fast.3 (unchanged) Skipping /usr/lib/perl5/man/man3/./CGI::Carp.3 (unchanged) Skipping /usr/lib/perl5/man/man3/./CGI::Push.3 (unchanged) Installing /usr/lib/perl5/man/man3/./CGI.3 Writing /usr/lib/perl5/site_perl/i586-linux/auto/CGI/.packlist Appending installation info to /usr/lib/perl5/i386-linux/5.003/perllocal.podThat's it. Now, @INC (the Perl variable that knows where to look for Perl modules) will include CGI.pm, and you will no longer get those nasty error messages complaining that Perl cannot find the file.
Note that Red Hat Linux users might want to use the RPM (Red Hat Package Manager) version of CGI.pm (and other Perl modules) rather than the standard distribution. The advantage of doing this is that installation updates the RPM database and keeps track of the files on your system in an elegant way. The disadvantage is that it often takes a few days or weeks for the latest and greatest version of CGI.pm to appear on the Red Hat servers—and other, less popular modules are sometimes completely unavailable as RPMs. You can find various RPMs at the Red Hat site (and its mirrors), at ftp.redhat.com.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide