Enjoying Open Source Software

CGI with Awk on OpenBSD httpd

Remember that for httpd OpenBSD chroots to /var/www.

To run an Awk CGI-script on OpenBSD httpd:

  • set up configurations file(s)
  • put your script in /var/www/cgi-bin/
  • populatie the chroot (meaning: /var/www/) with the needed binaries and libraries.

Prepare /etc/httpd

Below follows some content for /etc/httpd, with some lines for SSL certificate through the acme-client. For security, we included some simple basic authentication with htpasswd.

ext_ip = ""

server "" {
        listen on $ext_ip port 80
        listen on $ext_ip tls port 443
        root "/htdocs/"
        directory { index "index.html" }
        location "/.well-known/acme-challenge/*" {
                root "/acme"
                request strip 2
        location "/cgi-bin/*" {
                authenticate MySecretRealm with "/data/htpasswd"
                root "/"
        tls {
                certificate     "/etc/ssl/"
                key             "/etc/ssl/private/"

Check the file for syntax errors with: httpd -n

Off course you can start with http only. leaving out the port 443 and the tls-part.

Setup htpasswd

mkdir /var/www/data
htpasswd /var/www/data/htpasswd UserName
chown -R :www /var/www/data

Create a CGI-script

Here is a nice example script:

#!/bin/awk -f

    printf("Status: 200 OK\n");
    printf("Content-type: text/plain\n\n");

    for ( key in ENVIRON ) {
        print key " : " ENVIRON[key];

Put this script in /var/www/cgi-bin/test.awk

Populate the chroot

Create a subdirectory for bin and lib files Use ldd to determine. which lib files are needed.

mkdir -p /var/www/usr/{bin,lib,libexec}
cd /var/www/usr/bin/
cp /usr/bin/awk .
ldd /var/www/usr/bin/awk

And copy the lib files

cp /usr/lib/* /var/www/usr/lib/
cp /usr/lib/* /var/www/usr/lib/
cp /usr/libexec/ /var/www/usr/libexec/

Enable and start slowcgi and httpd

rcctl enable slowcgi
rcctl enable httpd
rcctl start slowcgi
rcctl start httpd

Now, point your browser to:


and enjoy :)

When in trouble, look for error messages in your logfiles in /var/www/logs/.

Another possibility is to run /usr/sbin/httpd -dvvv and see if this turns up some helpful messages.