To setup php mysql and perl cgi-bin,
yum install httpd php mysql mysql-server php-mysql
yum install perl mod_perl perl-DBD-mysql
then the info.php script in /var/www/cgi-bin works. But php scripts in
individual directory will not work.
configuration and management commands:
. instead of chkconfig service on and service service start
. now use systemctl enable servicename systemctl start servicename
using the same systemctl command.
. system enable httpd.service
. system start httpd.service
Firewall:
FC18 starts to use firewallD for dynamic firewall operation avoiding
restarting unnecssary restart.
Instead of using lokkit -p 80:tcp
It is now
firewall-cmd --add-service=http
You will get the following error:
[Fri Dec 09 03:07:47 2011] [error] [client 128.198.16.92] PHP Fatal error:
Unkn
own: Failed opening required '/home/cs301/public_html/cgi-bin/php/info.php'
(include_path='.:/usr/share/pear:/usr/share/php') in Unknown on line 0,
referer: htt
p://walrus.uccs.edu/~cs301/cgi-bin/php/
To allow individual user to have public and run scripts such as php
The block directory no long in /etc/httpd/conf/httpd.conf
enable individual public_html access by
cd /etc/httpd/conf.d/
edit userdir.conf
comment out line 17
UserDir disabled
uncomment line 24
#UserDir public_html
run "systemctl restart httpd.service
test the access on individual web page
We install suphp
yum install mod_suphp
yum info suphp
vi /usr/share/doc/mod_suphp-0.6.3/README.fedora
edit /etc/httpd/conf.d/mod_suphp.conf
Add the folowing two directives at the top
and wrap up with so that it onlys applies to the individual
directory and not that on /var/www/cgi-bin or html otherwise those php script
in system directories will not work.
LoadModule suphp_module modules/mod_suphp.so
### Uncomment to activate mod_suphp
suPHP_AddHandler php5-script
The commented line "suPHP_AddHandler php5-script" has to be uncommented,
for mod_suphp to work.
Add block directive at the end of mod_suphp.conf
set check_vhost_docroot=false in the /etc/suphp.conf
!!! note that in suphp.conf file, mod_suphp uses ; as comment character.
; use # will caurse an error for httpd operation!!! What a convention!
Also the public_html directory where the scripts resides cannot have group
writable, change it to 711.
SELinux Access control for allowing individual access:
SELinux further restrict individual homedirs access.
We need to change the mandatory access control by running the following cmd:
setsebool httpd_enable_homedirs true
systemctl restart httpd.service
" Internal Server Error
UID of script "/var/www/html/ictf/index.php" is smaller than min_uid
suPHP 0.6.3"
Need to turn off suphp on those php directory under apache or root
make sure you have
wrapped the directives right after LoadModule in
mod_suphp.conf with
....
Note that /var/named/chroot/etc/named.conf
contains the actual configuration file, not /etc/named.conf
This is due to the use of chroot to prevent the illegal access to other system
directory when bind is compromised.
I copied named.conf directory from gandalf to /etc/named.conf of walrus
but only change IP address 197 on /etc/named.conf, not
/var/named/chroot/etc/named.conf therefore external system cannot access
walrus name service, local is ok (why?)
// need to add 128.198.60.197 to the listen-on list otherwise it will not
// accept the outside query. Also need to add 128.198.0.0/16 to allow-query
// may add 0.0.0.0/0 to allow all
//
options {
listen-on port 53 { 127.0.0.1; 128.198.60.197; };
allow-query { localhost; 0.0.0.0/0; };
setsebool -P named_write_master_zones 1
make sure chroot has right named access
SELinux is preventing /usr/sbin/named from append access on the file
named.run.
***** Plugin catchall_boolean (89.3 confidence) suggests *******************
If you want to allow BIND to write the master zone files. Generally this is
used for dynamic DNS or zone transfers.
Then you must tell SELinux about this by enabling the
'named_write_master_zones' boolean.
Do
setsebool -P named_write_master_zones 1
http://www.yolinux.com/TUTORIALS/LinuxTutorialWebSiteConfig.html#DNS
chcon -u system_u -r object_r -t named_conf_t /var/named/chroot/etc/named.conf
/var/named/chroot/etc/named.root.hints
[mysql section]
service mysqld start
set mysql root password
shell> mysql -u root mysql
mysql> UPDATE user SET Password=PASSWORD('new_password')
WHERE user='root';
mysql> FLUSH PRIVILEGES;
[mediawiki section]
To restore the wiki sites,
dump mysql database on the original site to a mysql backup file backup.sql`
restore it with
msyql -u root -p < backup.sql
Double check on the privileges on the mysql entry for ctfwikiuser
grant all privileges on ctfwikidb.* to ctfwikiuser@"localhost" identified by
'xxxx'
mysql> update user set password=password('xxxx') where
user='ctfwikiuser';
Query OK, 0 rows affected (0.00 sec)
Rows matched: 3 Changed: 0 Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> grant all privileges on ctfwikidb.* to ctfwikiuser@"localhost"
identified by 'xxxx';
Query OK, 0 rows affected (0.00 sec)
[root@walrus wiki]# mysqldump -u root -pxxxxx --database ipv6wikidb >
ipv6.sql
[root@walrus wiki]# scp ipv6.sql chow@gandalf:wiki
[root@gandalf wiki]# mysql -u root -pXXXXXX < ipv6.sql
download the new mediawiki.tgz and tar it and move the new directory renmae it
/var/www/html/
copy original LocalSettings.php extensions images
skins/common/images/.png file over to the new source directory
cp ../ictf.bak/LocalSettings.php .
cp -rf ../ictf.bak/extensions/ .
cp -rf ../ictf.bak/images/ .
chcon -R -t httpd_sys_content_t ictf
chown -R apache:apache ictf
chown -R apache:apache uclionLogo.png
# I have moved Logo.png to images instead of skins/common/images directory
# to make it easier to copy from backup site to new site
Also a restore.pl script was created in /root/wiki directory to untar
mediawiki software and copy above LocalSettings.php and directories to new
site.
[root@walrus wiki]# ./restore.pl evoate
[root@walrus images]# cd ../maintenance/
[root@walrus maintenance]# php update.php
in ipv6 and rras during php update.php
got
Database returned error "1064: You have an error in your SQL syntax; check the
manual that corresponds
to your MySQL server version for the right syntax to use near 'Type=InnoDB' at
line 7 (localhost)"
msg.
In
http://www.mwusers.com/forums/showthread.php?16075-Update-to-1.16.0-getting-CREATE-TABLE-error-with-Update.php
it shows that
I found my problem. It required a small change in LocalSettings.php.
Code:
# MySQL table options to use during installation or update
## $wgDBTableOptions = "TYPE=InnoDB";
$wgDBTableOptions = "ENGINE=InnoDB";
Setting up SSH without password
On client:
1. run ssh-keygen (it generates public key and private key)
2. run ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
3. ssh remote-host (or scrp or rsync)