*WWW Server の移行 [#tc14fb36]
#counter([total|today|yesterday]);

**Blackcube Backupデータからの復帰 [#k3403d22]
1.OSのインストール 今回は8.2R AMD64

2./etc/ssh/sshd.config と ssh.config を編集してWinSCPからアクセス出来るように。

3./etc/hosts.allow を入れ替え

4.portupgrade install port treeを最新版に更新 rsync インストール

5./etc/masterpasswd を移植

6.backupからhomeを書き戻す



**FreeBSD 4.4-RELEASE で運用中のWWWサーバを新しいFreeBSD 6.2Rへ移行するメモ [#r34f9b91]
|CENTER:移動元||CENTER:移動先|
|CENTER:FreeBSD 4.4R ||CENTER:FreeBSD 6.2R|
|||#cp /etc/master.passwd /etc/master.passwd-dist|
|/etc/master.passwd|->|/etc/master.passwd|
|||#vipwでmaster.passwdを編集保存|
|||#mv /usr/home /usr/home-dist|
//|||#scp -rp www.smb.net:/usr/home/ /usr/home/|
|cd /usr/|||
|#tar cvfzp home_date.tar.gz home|||
|||#scp FreeBSD4.4Rmachine:/usr/home_date.tar.gz /usr/|
|||#tar xvfzp /usr/home_date.tar.gz|
|/etc/hosts.allow|->|/etc/hosts.allow|
|% tar cvfzp /usr/local/www/data.070910.tar.gz /usr/local/www/data|||
|||# scp www.smb.net:/usr/local/www/data.070910.tar.gz ./|
|||# mv data data-dist|
|||# tar xvfzp data.070910.tar.gz|
|cgiの移行|||
|ScriptAlias /cgi-bin/ "/usr/local/www/cgi-bin/"||ScriptAlias /cgi-bin/ "/usr/local/www/apache22/cgi-bin/"|
|cd /usr/local/www|||
|tar cvfzp cgi-bin.070913.tar.gz cgi-bin|||
|||cd /usr/local/www/apache22|
|||cp -rp cgi-bin/ cgi-bin-old|
|||scp www.smb.net:/usr/local/www/cgi-bin.070913.tar.gz ./|
|||tar xvfzp cgi-bin.070913.tar.gz|
|||cd /usr/local/www/apache22/cgi-bin-old|
|||cp -rp Count.cgi ../cgi-bin/|
~
|CENTER:移動元||CENTER:移動先|
|CENTER:FreeBSD 4.4R ||CENTER:FreeBSD 6.2R|
|||# /usr/sbin/sysinstall でinterfaceの設定を変える|
|||/etc/hosts の設定を確認|
|||/etc/resolv.conf の設定を確認|
|/etc/rc.conf||/etc/rc.conf で以下の#を除去|
|||#ifconfig_nve0="inet 219.117.246.201  netmask 255.255.255.224"|
|||#ifconfig_nve0_alias0="inet 219.117.246.214 netmask 255.255.255.255"|
|||#ifconfig_nve0_alias1="inet 219.117.246.214 netmask 255.255.255.255"|
|||#ifconfig_nve0_alias2="inet 219.117.246.214 netmask 255.255.255.255"|
|/usr/local/etc/apache/httpd.conf||/usr/local/etc/apache22/extra/httpd-vhosts.conf|
|||# cp httpd-vhosts.conf-ready2go httpd-vhosts.conf|
|||/usr/local/etc/apache22/httpd.conf|
|||#Include etc/apache22/extra/httpd-vhosts.conf の#除去|
|||#ServerName www.smb.net:80 も?|
|||/usr/local/etc/postfix/main.cf  のホスト名を変更|


&lastmod;



**アプリケーションのインストール [#r1d6d915]
***/usr/ports/www/apache22 [#d6fdbc17]
 ===> Installing rc.d startup script(s)
 ===>   Compressing manual pages for apache-2.2.4_2
 ===>   Running ldconfig
 /sbin/ldconfig -m /usr/local/lib
 ===>   Registering installation for apache-2.2.4_2
 ===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
 /usr/local/lib/libapr-1.so.2
 
      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
 /usr/local/etc/rc.d/apache22
 /usr/local/etc/rc.d/htcacheclean
 
      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.
 
      For more information, and contact details about the security
      status of this software, see the following webpage:
 http://httpd.apache.org/

**手動起動 [#d7e18cb9]
 # apachectl start
 [Sun Sep 09 17:19:40 2007] [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter
 # apachectl start
 httpd (pid 81641) already running
**自動起動 [#u32999d4]
/usr/ports/www/apache22/files/apache22.sh.inを見ると
 # Add the following lines to /etc/rc.conf to enable apache22:
 # apache22_enable (bool):      Set to "NO" by default.
 #                             Set it to "YES" to enable apache22
 # apache22_profiles (str):     Set to "" by default.
 #                              Define your profiles here.
 # apache22limits_enable (bool):Set to "NO" by default.
 #                             Set it to yes to run `limits $limits_args`
 #                             just before apache starts.
 # apache22_flags (str):        Set to "" by default.
 #                             Extra flags passed to start command.
 # apache22limits_args (str):   Default to "-e -C daemon"
 #                             Arguments of pre-start limits run.
 # apache22_http_accept_enable (bool): Set to "NO" by default.
 #                             Set to yes to check for accf_http kernel
 #                             module on start up and load if not loaded.
ので、/etc/rc.conf に、apache22_enable="YES" 
**/usr/local/etc/apache22/ [#df58484d]
***httpd.conf [#j924b8d5]
 ServerAdmin webmaster@smb.net
 # Server-pool management (MPM specific)
 #Include etc/apache22/extra/httpd-mpm.conf
 
 # Multi-language error messages
 Include etc/apache22/extra/httpd-multilang-errordoc.conf
 
 # Fancy directory listings
 #Include etc/apache22/extra/httpd-autoindex.conf
 
 # Language settings
 #Include etc/apache22/extra/httpd-languages.conf
 
 # User home directories
 Include etc/apache22/extra/httpd-userdir.conf
 
 # Real-time info on requests and configuration
 Include etc/apache22/extra/httpd-info.conf
 
 # Virtual hosts
 Include etc/apache22/extra/httpd-vhosts.conf
 
 # Local access to the Apache HTTP Server Manual
 #Include etc/apache22/extra/httpd-manual.conf
 
 # Distributed authoring and versioning (WebDAV)
 #Include etc/apache22/extra/httpd-dav.conf
 
 # Various default settings
 #Include etc/apache22/extra/httpd-default.conf
 
 # Secure (SSL/TLS) connections
 ##Include etc/apache22/extra/httpd-ssl.conf

**WWWCount [#d311b27b]
カウンターは普通にインストールすると、nobody:nogroupになるが、apache は wwwで動くために、
 # chown www:www /usr/local/www/apache22/cgi-bin/Count.cgi
 # chown -R www:www /usr/local/etc/Counter/data
する~
で、更新元から/usr/local/etc/Counter/dataをコピーしownerが??なら
 # chown -R www:www /usr/local/etc/Counter/data
する



 # whereis wwwcount
 wwwcount: /usr/ports/www/wwwcount
 # cd /usr/ports/www/wwwcount
 # make install
 ===>  Vulnerability check disabled, database not found
 ===>  Extracting for wwwcount-2.5_2
 => MD5 Checksum mismatch for wwwcount2.5.tar.gz.
 => SHA256 Checksum mismatch for wwwcount2.5.tar.gz.
 ===>  Refetch for 1 more times files: wwwcount2.5.tar.gz wwwcount2.5.tar.gz
 ===>  Vulnerability check disabled, database not found
 => wwwcount2.5.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
 => Attempting to fetch from
 http://www.muquit.com/muquit/software/Count/src/wwwcount2.5/.
 fetch: wwwcount2.5.tar.gz: local modification time does not match remote
 => Attempting to fetch from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/.
 fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/wwwcount2.5.tar.gz:
 File unavailable (e.g., file not found, no access)
 => Couldn't fetch it - please try to retrieve this
 => port manually into /usr/ports/distfiles/ and try again.
 *** Error code 1
 
 Stop in /usr/ports/www/wwwcount.
 *** Error code 1
 
 Stop in /usr/ports/www/wwwcount.

ので、隣のマシンから、wwwcount2.5.tar.gz をscpしてきて

 # make install
 ===>  Vulnerability check disabled, database not found
 ===>  Extracting for wwwcount-2.5_2
 => MD5 Checksum OK for wwwcount2.5.tar.gz.
 => SHA256 Checksum OK for wwwcount2.5.tar.gz.
 ===>  Patching for wwwcount-2.5_2
 ===>  Applying FreeBSD patches for wwwcount-2.5_2
 ===>   wwwcount-2.5_2 depends on executable: gmake - found
 ===>  Configuring for wwwcount-2.5_2
 cd /usr/ports/www/wwwcount/work/wwwcount2.5; PREFIX=/usr/local ./Count-config
    Welcome to the configuration procedure of Count 2.5
    ---------------------------------------------------
 
    o You must know where your system keeps CGI programs (cgi-bin directory)
      It is necessary to generate the install program.
      This directory must exist. If this directory does not exist, the
      configuration procedure will Abort!
 
    o You have to decide a directory, where you will keep all counter related
      stuff. This directory will have other directories inside. Default
      values will be supplied, press Return key to accept the default value.
 
      Try to Accept the default value, it will make your life much easier,
      because not much error checking is done to verify input.
 
    During installation, the directories will be created for you
    if they do not exist and if you have the permission to do so.
    ++
 Continue [y|n]?
 
    You need to enter the full path of the directory where you system
    keeps the CGI programs.
 
 *cgi-bin directory [/usr/local/www/cgi-bin]: /usr/local/www/apache22/cgi-bin/
 
    You need to enter the base directory of the counter related stuff.
    It must be a absolute path.
 
 *Base directory [/usr/local/etc/Counter]:
 
    You need to enter the name directory of the configuration file.
 
 * Config directory [/usr/local/etc/Counter/conf]: 
 
    You need to enter the name of the configuration file. Note, it
    is not the path of the file, just the name. No / is allowed in the
    name.
    This file contains the information about
 
        o if you want to ignore access from certain hosts
        o host access authentication
 
    You will create this file later by running the program "Gen_conf".
 
 * Name of the configuration file [count.cfg]:
 
    You need to enter the directory of the counter data file.
 
 *Data directory [/usr/local/etc/Counter/data]:
 
 *Digits directory [/usr/local/lib/Counter/digits]:
 
    You need to enter the directory of the Log file.
 
 *Log directory [/var/log]:
 
    You need to enter the name of the Log file. Note, it just a name, not
    the path. No / is allowed in the name.
    This file hold the error messages of the counter. It also
    logs if someone tried to access your counter remotely.
 
 * Name of the log file [Counter.log]:
 
 Your configuration:
 ----------------------------------------------------------------
 CgiBinDir=/usr/local/www/apache22/cgi-bin/
 BaseDir= /usr/local/etc/Counter
 DigitDir=/usr/local/lib/Counter/digits
 ConfDir= /usr/local/etc/Counter/conf
 ConfFile=count.cfg
 DataDir=/usr/local/etc/Counter/data
 LogDir=/var/log
 LogFile=Counter.log
 ----------------------------------------------------------------
 Everything looks OK [y|n]? y
 
 ED_PROTOTYPES_ -o extdgts extdgts.o ../../libs/combine/libCombine.a
 cp extdgts ../../bin
 /bin/ls -l ./bin
 total 150
 -rwxr-xr-x  1 root  wheel  89481 Sep 10 05:04 Count.cgi
 -rw-r--r--  1 root  wheel     43 Mar 19  2001 README
 -rwxr-xr-x  1 root  wheel  27405 Sep 10 05:04 extdgts
 -rwxr-xr-x  1 root  wheel  31442 Sep 10 05:04 mkstrip
 cd /usr/ports/www/wwwcount/work/wwwcount2.5; ./Gen-conf
    Welcome to the conf file generation procedure of Count 2.5
 
    This program creates a workable conf file for your host only, you have
    to edit it by hand if you want to add other hosts. The file will have
    enough comments in it to help you out. You also have to hand edit it
    if you want to use netmasks to mask out a entire network or a specific
    range of hosts in a network.
 
    First of all you must know your
        1) fully qualified domain name (FQDN), for example,
            if your hostname is foo and your domain name is bar.com,
            then your FQDN is
            foo.bar.com
 
        2) IP address of your host, for example,
            192.165.155.2
 
        3) If your host has any nickname defined, for example,
            www.foo.com. Note, th nick name also has to be a FQDN.
 
 Continue [y|n]?y
 
    No Error checking will be done with your hostname, therefore,
    you better make sure you are entering the fully qualified domain name.
 
 * Enter your fully qualified domain name [no default]: www.smb.net
 
    No Error checking will be done with your IP address, therefore,
    you better make sure you are entering the correct IP address.
 
 * Enter your IP address [no default]: 219.117.246.201
 
 * Does your host have any nickname [y|n]:? y
 * Enter your host's nickname (FQDN) [no default]:
 * Enter your host's nickname [no default]: www.niihama-med.or.jp
 
    Now you need to decide if you will allow the users to create datafiles
    for them automatically. If you allow, the counter datafile will be
    created for the user if it does not exist and a pre-determined counter
    number will be inserted to it. If you do not allow, you have to create
    the datafile for each user, provided that the data directory has proper
    write permission.
 
    Allowing users to create datafile is very convenient, as you do not
    have to be asked all the time when someone decides to use the counter.
    But the dark side of this is, anyone will be able create datafiles in
    the data directory. The decision is yours.
 
 * Do you want to allow automatic file creation [[y|n]? y
 
    Now you need to decide if you want to compile the program in strict
    mode. If you compile the program in strict mode, the browsers which
    do not return the environment variable HTTP_REFERER, will not be
    served, that is no access hit will be recorded, no time or date
    will be displayed. Instead, a string 888888 will be displayed.
 
    The strict mode ensures that your counter data file can not be messed
    by accessing the counter remotely from a browser which does not return
    that variable. Note, good browsers like netscape returns this
    variable. Other browsers e.g. Mosaic does not return this variable in
    IMG GET method at this time.  This strict mode is experimental at this
    time!
 * Do you want the program to run in strict mode [[y|n]? y
 * Do you want to ignore access hits from your own host [y|n]? y
 
    Ok, do you want the users to use the file rgb.txt for color name
    lookup? It is very inefficient to search this file every time the
    web page is loaded. If you answer yes, the color name
    will be looked up and used. If you answer no, the color will be
    looked up but instead of the counter image, the RGB value will
    be displayed and the user will be asked to use the RGB value
    instead. This will prevent users to use this file. However,
    the convenience of allowing to use rgb.txt file is that color name e.g,
    red, gold etc.  can be used instead of cryptic red, green and blue
    components of the color.
 
 * Allow using the rgb.txt file [y|n]? y
 
    You can decide if you want to allow reload count in your site.
    When a visitor reloads a page and if you decided to count reload,
    the counter will increment with each reload. It is a good idea
    to ignore reload count as it minimizes remote abuse of the counter.
    Howerver, there may be situation when you will have to count reload,
    for example if visitors are coming through a proxy server. If you
    decide to count reload, your users will have choice to ignore or
    count reload for their counters with "reload=T or F" options.
 
 * Do you want to allow the counter to be reloaded [y|n]? n
 
    You can decide if you want to log the counter error messages
    or warning messages to the log file. If you are concerned about disk
    space, answer n to the question.
 
 * Do you want to log error messages [[y|n]? y
    You can decide if you want to show error messages to the browsers.
    The counter error messages are verbose and may reveal information about
    the system (e.g. full path of the data file or config file) in case of
    error. If you are concerned with privacy or simply don't care to show
    error messages to browsers (you are confident that the counter works
    perfectly), then answer n to the question. If you answer n, then then
    if there is an error or the access is denied, the visitor will see the
    broken image (browser default).
 
 * Do you want to show error messages to browsers [[y|n]? y
 
    Created conf file "count.cfg"
    Please look at it, you might want to edit it!
 
 ===>  Installing for wwwcount-2.5_2
 ===>   Generating temporary packing list
 ===>  Checking if www/wwwcount already installed
 cd /usr/ports/www/wwwcount/work/wwwcount2.5; yes "" | ./Count-install
 
    *** You are installing Counter as root ***
 
 
 -------------------------------------------------------------------------
 Your configuration is shown below. You are only allowed to change the
 cgi-bin directory. If you want to change it, edit the file Config.tmpl
 and change the variable CGIBIN_DIR to the appropriate directory. Do not change
 anything else.
 
 cgi-bin directory   = /usr/local/www/apache22/cgi-bin/
 conf directory      = /usr/local/etc/Counter/conf
 conf file to install= count.cfg
 digit directory     = /usr/local/lib/Counter/digits
 data directory      = /usr/local/etc/Counter/data
 log directory       = /var/log
 log file            = Counter.log
 RGB file to install = ./data/rgb.txt
 -------------------------------------------------------------------------
 Press Control-C to abort
 Continue [y|n]? proceeding...
 
    Now if you know what user and group id child processes of http
    server use, I can change the ownership and access permission
    accordigly. If you do not know, they are usually defined in the
    file httpd.conf with User and Group. I suggest create a unique
    user and group say httpd and set the User and Group to httpd.
 
 *Do you know the user and group id of httpd' child process [y|n]:? *Enter
 user  id of httpd's child process [nobody]:? *Enter group id of httpd's child
 process [nogroup]:? installing Count.cgi->/usr/local/www/apache22/cgi-bin/
 installing count.cfg->/usr/local/etc/Counter/conf
 installing sample datafile ./data/data/sample.dat->/usr/local/etc/Counter/data
 installing rgb.txt->/usr/local/lib/Counter
 installing Counter.log->/var/log
 chown: nobody.nogroup: Invalid argument
 installing image strip for digit style A->/usr/local/lib/Counter/digits/A
 installing sample image peng.gif->/usr/local/lib/Counter/digits/A
 installing image strip for digit style B->/usr/local/lib/Counter/digits/B
 installing strip image for digit style C->/usr/local/lib/Counter/digits/C
 installing strip image for digit style D->/usr/local/lib/Counter/digits/D
 installing sample image lenna.gif->/usr/local/lib/Counter/digits/D
 installing strip image for digit style E->/usr/local/lib/Counter/digits/E
 installing image foo.gif in  E->/usr/local/lib/Counter/digits/E
 installing image yeehaw.gif in  A->/usr/local/lib/Counter/digits/A
 installing strip image for digit style cd->/usr/local/lib/Counter/digits/cd
 installing strip image for digit style cdr->/usr/local/lib/Counter/digits/cdr
 installing strip image for digit style cdd->/usr/local/lib/Counter/digits/cdd
 installing strip image for digit style bang->/usr/local/lib/Counter/digits/bang
 installing the mirroring script
 cd /usr/ports/www/wwwcount/work/wwwcount2.5/utils/extdgts;  install  -s -o 
 root -g wheel -m 555 extdgts /usr/local/bin;
 cd /usr/ports/www/wwwcount/work/wwwcount2.5/utils/mkstrip;  install  -s -o 
 root -g wheel -m 555 mkstrip /usr/local/bin;  install  -o root -g wheel -m 444
 mkstrip.1 /usr/local/man/man1;  install  -o root -g wheel -m 555 
 mkstrip.sh /usr/local/lib/Counter/digits
 ===>   Compressing manual pages for wwwcount-2.5_2
 ===>   Registering installation for wwwcount-2.5_2

トップ   編集 差分 履歴 添付 複製 名前変更 リロード   新規 一覧 検索 最終更新   ヘルプ   最終更新のRSS