WWW Server の移行

WWW Server の移行†

Blackcube　Backupデータからの復帰†

1.OSのインストール　今回は8.2R AMD64

2./etc/ssh/sshd.config と ssh.config を編集してWinSCPからアクセス出来るように。

3./etc/hosts.allow を入れ替え

4.portupgrade install port treeを最新版に更新　rsync インストール

5./etc/masterpasswd を移植

6.backupからhomeを書き戻す

FreeBSD 4.4-RELEASE で運用中のWWWサーバを新しいFreeBSD 6.2Rへ移行するメモ†

2011-11-23 (水) 09:00:06

アプリケーションのインストール†

/usr/ports/www/apache22†

===> Installing rc.d startup script(s)
===>   Compressing manual pages for apache-2.2.4_2
===>   Running ldconfig
/sbin/ldconfig -m /usr/local/lib
===>   Registering installation for apache-2.2.4_2
===> SECURITY REPORT:
     This port has installed the following files which may act as network
     servers and may therefore pose a remote security risk to the system.
/usr/local/lib/libapr-1.so.2

     This port has installed the following startup scripts which may cause
     these network services to be started at boot time.
/usr/local/etc/rc.d/apache22
/usr/local/etc/rc.d/htcacheclean

     If there are vulnerabilities in these programs there may be a security
     risk to the system. FreeBSD makes no guarantee about the security of
     ports included in the Ports Collection. Please type 'make deinstall'
     to deinstall the port if this is a concern.

     For more information, and contact details about the security
     status of this software, see the following webpage:
http://httpd.apache.org/

手動起動†

# apachectl start
[Sun Sep 09 17:19:40 2007] [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter
# apachectl start
httpd (pid 81641) already running

自動起動†

/usr/ports/www/apache22/files/apache22.sh.inを見ると

# Add the following lines to /etc/rc.conf to enable apache22:
# apache22_enable (bool):      Set to "NO" by default.
#                             Set it to "YES" to enable apache22
# apache22_profiles (str):     Set to "" by default.
#                              Define your profiles here.
# apache22limits_enable (bool):Set to "NO" by default.
#                             Set it to yes to run `limits $limits_args`
#                             just before apache starts.
# apache22_flags (str):        Set to "" by default.
#                             Extra flags passed to start command.
# apache22limits_args (str):   Default to "-e -C daemon"
#                             Arguments of pre-start limits run.
# apache22_http_accept_enable (bool): Set to "NO" by default.
#                             Set to yes to check for accf_http kernel
#                             module on start up and load if not loaded.

ので、/etc/rc.conf に、apache22_enable="YES"　

/usr/local/etc/apache22/†

httpd.conf†

ServerAdmin webmaster@smb.net
# Server-pool management (MPM specific)
#Include etc/apache22/extra/httpd-mpm.conf

# Multi-language error messages
Include etc/apache22/extra/httpd-multilang-errordoc.conf

# Fancy directory listings
#Include etc/apache22/extra/httpd-autoindex.conf

# Language settings
#Include etc/apache22/extra/httpd-languages.conf

# User home directories
Include etc/apache22/extra/httpd-userdir.conf

# Real-time info on requests and configuration
Include etc/apache22/extra/httpd-info.conf

# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf

# Local access to the Apache HTTP Server Manual
#Include etc/apache22/extra/httpd-manual.conf

# Distributed authoring and versioning (WebDAV)
#Include etc/apache22/extra/httpd-dav.conf

# Various default settings
#Include etc/apache22/extra/httpd-default.conf

# Secure (SSL/TLS) connections
##Include etc/apache22/extra/httpd-ssl.conf

WWWCount†

カウンターは普通にインストールすると、nobody:nogroupになるが、apache は wwwで動くために、

# chown www:www /usr/local/www/apache22/cgi-bin/Count.cgi
# chown -R www:www /usr/local/etc/Counter/data

する
で、更新元から/usr/local/etc/Counter/dataをコピーしownerが？？なら

# chown -R www:www /usr/local/etc/Counter/data

する

# whereis wwwcount
wwwcount: /usr/ports/www/wwwcount
# cd /usr/ports/www/wwwcount
# make install
===>  Vulnerability check disabled, database not found
===>  Extracting for wwwcount-2.5_2
=> MD5 Checksum mismatch for wwwcount2.5.tar.gz.
=> SHA256 Checksum mismatch for wwwcount2.5.tar.gz.
===>  Refetch for 1 more times files: wwwcount2.5.tar.gz wwwcount2.5.tar.gz
===>  Vulnerability check disabled, database not found
=> wwwcount2.5.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch from
http://www.muquit.com/muquit/software/Count/src/wwwcount2.5/.
fetch: wwwcount2.5.tar.gz: local modification time does not match remote
=> Attempting to fetch from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/.
fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/wwwcount2.5.tar.gz:
File unavailable (e.g., file not found, no access)
=> Couldn't fetch it - please try to retrieve this
=> port manually into /usr/ports/distfiles/ and try again.
*** Error code 1

Stop in /usr/ports/www/wwwcount.
*** Error code 1

Stop in /usr/ports/www/wwwcount.

ので、隣のマシンから、wwwcount2.5.tar.gz　をscpしてきて

# make install
===>  Vulnerability check disabled, database not found
===>  Extracting for wwwcount-2.5_2
=> MD5 Checksum OK for wwwcount2.5.tar.gz.
=> SHA256 Checksum OK for wwwcount2.5.tar.gz.
===>  Patching for wwwcount-2.5_2
===>  Applying FreeBSD patches for wwwcount-2.5_2
===>   wwwcount-2.5_2 depends on executable: gmake - found
===>  Configuring for wwwcount-2.5_2
cd /usr/ports/www/wwwcount/work/wwwcount2.5; PREFIX=/usr/local ./Count-config
   Welcome to the configuration procedure of Count 2.5
   ---------------------------------------------------

   o You must know where your system keeps CGI programs (cgi-bin directory)
     It is necessary to generate the install program.
     This directory must exist. If this directory does not exist, the
     configuration procedure will Abort!

   o You have to decide a directory, where you will keep all counter related
     stuff. This directory will have other directories inside. Default
     values will be supplied, press Return key to accept the default value.

     Try to Accept the default value, it will make your life much easier,
     because not much error checking is done to verify input.

   During installation, the directories will be created for you
   if they do not exist and if you have the permission to do so.
   ++
Continue [y|n]?

   You need to enter the full path of the directory where you system
   keeps the CGI programs.

*cgi-bin directory [/usr/local/www/cgi-bin]: /usr/local/www/apache22/cgi-bin/

   You need to enter the base directory of the counter related stuff.
   It must be a absolute path.

*Base directory [/usr/local/etc/Counter]:

   You need to enter the name directory of the configuration file.

* Config directory [/usr/local/etc/Counter/conf]: 

   You need to enter the name of the configuration file. Note, it
   is not the path of the file, just the name. No / is allowed in the
   name.
   This file contains the information about

       o if you want to ignore access from certain hosts
       o host access authentication

   You will create this file later by running the program "Gen_conf".

* Name of the configuration file [count.cfg]:

   You need to enter the directory of the counter data file.

*Data directory [/usr/local/etc/Counter/data]:

*Digits directory [/usr/local/lib/Counter/digits]:

   You need to enter the directory of the Log file.

*Log directory [/var/log]:

   You need to enter the name of the Log file. Note, it just a name, not
   the path. No / is allowed in the name.
   This file hold the error messages of the counter. It also
   logs if someone tried to access your counter remotely.

* Name of the log file [Counter.log]:

Your configuration:
----------------------------------------------------------------
CgiBinDir=/usr/local/www/apache22/cgi-bin/
BaseDir= /usr/local/etc/Counter
DigitDir=/usr/local/lib/Counter/digits
ConfDir= /usr/local/etc/Counter/conf
ConfFile=count.cfg
DataDir=/usr/local/etc/Counter/data
LogDir=/var/log
LogFile=Counter.log
----------------------------------------------------------------
Everything looks OK [y|n]? y

ED_PROTOTYPES_ -o extdgts extdgts.o ../../libs/combine/libCombine.a
cp extdgts ../../bin
/bin/ls -l ./bin
total 150
-rwxr-xr-x  1 root  wheel  89481 Sep 10 05:04 Count.cgi
-rw-r--r--  1 root  wheel     43 Mar 19  2001 README
-rwxr-xr-x  1 root  wheel  27405 Sep 10 05:04 extdgts
-rwxr-xr-x  1 root  wheel  31442 Sep 10 05:04 mkstrip
cd /usr/ports/www/wwwcount/work/wwwcount2.5; ./Gen-conf
   Welcome to the conf file generation procedure of Count 2.5

   This program creates a workable conf file for your host only, you have
   to edit it by hand if you want to add other hosts. The file will have
   enough comments in it to help you out. You also have to hand edit it
   if you want to use netmasks to mask out a entire network or a specific
   range of hosts in a network.

   First of all you must know your
       1) fully qualified domain name (FQDN), for example,
           if your hostname is foo and your domain name is bar.com,
           then your FQDN is
           foo.bar.com

       2) IP address of your host, for example,
           192.165.155.2

       3) If your host has any nickname defined, for example,
           www.foo.com. Note, th nick name also has to be a FQDN.

Continue [y|n]?y

   No Error checking will be done with your hostname, therefore,
   you better make sure you are entering the fully qualified domain name.

* Enter your fully qualified domain name [no default]: www.smb.net

   No Error checking will be done with your IP address, therefore,
   you better make sure you are entering the correct IP address.

* Enter your IP address [no default]: 219.117.246.201

* Does your host have any nickname [y|n]:? y
* Enter your host's nickname (FQDN) [no default]:
* Enter your host's nickname [no default]: www.niihama-med.or.jp

   Now you need to decide if you will allow the users to create datafiles
   for them automatically. If you allow, the counter datafile will be
   created for the user if it does not exist and a pre-determined counter
   number will be inserted to it. If you do not allow, you have to create
   the datafile for each user, provided that the data directory has proper
   write permission.

   Allowing users to create datafile is very convenient, as you do not
   have to be asked all the time when someone decides to use the counter.
   But the dark side of this is, anyone will be able create datafiles in
   the data directory. The decision is yours.

* Do you want to allow automatic file creation [[y|n]? y

   Now you need to decide if you want to compile the program in strict
   mode. If you compile the program in strict mode, the browsers which
   do not return the environment variable HTTP_REFERER, will not be
   served, that is no access hit will be recorded, no time or date
   will be displayed. Instead, a string 888888 will be displayed.

   The strict mode ensures that your counter data file can not be messed
   by accessing the counter remotely from a browser which does not return
   that variable. Note, good browsers like netscape returns this
   variable. Other browsers e.g. Mosaic does not return this variable in
   IMG GET method at this time.  This strict mode is experimental at this
   time!
* Do you want the program to run in strict mode [[y|n]? y
* Do you want to ignore access hits from your own host [y|n]? y

   Ok, do you want the users to use the file rgb.txt for color name
   lookup? It is very inefficient to search this file every time the
   web page is loaded. If you answer yes, the color name
   will be looked up and used. If you answer no, the color will be
   looked up but instead of the counter image, the RGB value will
   be displayed and the user will be asked to use the RGB value
   instead. This will prevent users to use this file. However,
   the convenience of allowing to use rgb.txt file is that color name e.g,
   red, gold etc.  can be used instead of cryptic red, green and blue
   components of the color.

* Allow using the rgb.txt file [y|n]? y

   You can decide if you want to allow reload count in your site.
   When a visitor reloads a page and if you decided to count reload,
   the counter will increment with each reload. It is a good idea
   to ignore reload count as it minimizes remote abuse of the counter.
   Howerver, there may be situation when you will have to count reload,
   for example if visitors are coming through a proxy server. If you
   decide to count reload, your users will have choice to ignore or
   count reload for their counters with "reload=T or F" options.

* Do you want to allow the counter to be reloaded [y|n]? n

   You can decide if you want to log the counter error messages
   or warning messages to the log file. If you are concerned about disk
   space, answer n to the question.

* Do you want to log error messages [[y|n]? y
   You can decide if you want to show error messages to the browsers.
   The counter error messages are verbose and may reveal information about
   the system (e.g. full path of the data file or config file) in case of
   error. If you are concerned with privacy or simply don't care to show
   error messages to browsers (you are confident that the counter works
   perfectly), then answer n to the question. If you answer n, then then
   if there is an error or the access is denied, the visitor will see the
   broken image (browser default).

* Do you want to show error messages to browsers [[y|n]? y

   Created conf file "count.cfg"
   Please look at it, you might want to edit it!

===>  Installing for wwwcount-2.5_2
===>   Generating temporary packing list
===>  Checking if www/wwwcount already installed
cd /usr/ports/www/wwwcount/work/wwwcount2.5; yes "" | ./Count-install

   *** You are installing Counter as root ***


-------------------------------------------------------------------------
Your configuration is shown below. You are only allowed to change the
cgi-bin directory. If you want to change it, edit the file Config.tmpl
and change the variable CGIBIN_DIR to the appropriate directory. Do not change
anything else.

cgi-bin directory   = /usr/local/www/apache22/cgi-bin/
conf directory      = /usr/local/etc/Counter/conf
conf file to install= count.cfg
digit directory     = /usr/local/lib/Counter/digits
data directory      = /usr/local/etc/Counter/data
log directory       = /var/log
log file            = Counter.log
RGB file to install = ./data/rgb.txt
-------------------------------------------------------------------------
Press Control-C to abort
Continue [y|n]? proceeding...

   Now if you know what user and group id child processes of http
   server use, I can change the ownership and access permission
   accordigly. If you do not know, they are usually defined in the
   file httpd.conf with User and Group. I suggest create a unique
   user and group say httpd and set the User and Group to httpd.

*Do you know the user and group id of httpd' child process [y|n]:? *Enter
user  id of httpd's child process [nobody]:? *Enter group id of httpd's child
process [nogroup]:? installing Count.cgi->/usr/local/www/apache22/cgi-bin/
installing count.cfg->/usr/local/etc/Counter/conf
installing sample datafile ./data/data/sample.dat->/usr/local/etc/Counter/data
installing rgb.txt->/usr/local/lib/Counter
installing Counter.log->/var/log
chown: nobody.nogroup: Invalid argument
installing image strip for digit style A->/usr/local/lib/Counter/digits/A
installing sample image peng.gif->/usr/local/lib/Counter/digits/A
installing image strip for digit style B->/usr/local/lib/Counter/digits/B
installing strip image for digit style C->/usr/local/lib/Counter/digits/C
installing strip image for digit style D->/usr/local/lib/Counter/digits/D
installing sample image lenna.gif->/usr/local/lib/Counter/digits/D
installing strip image for digit style E->/usr/local/lib/Counter/digits/E
installing image foo.gif in  E->/usr/local/lib/Counter/digits/E
installing image yeehaw.gif in  A->/usr/local/lib/Counter/digits/A
installing strip image for digit style cd->/usr/local/lib/Counter/digits/cd
installing strip image for digit style cdr->/usr/local/lib/Counter/digits/cdr
installing strip image for digit style cdd->/usr/local/lib/Counter/digits/cdd
installing strip image for digit style bang->/usr/local/lib/Counter/digits/bang
installing the mirroring script
cd /usr/ports/www/wwwcount/work/wwwcount2.5/utils/extdgts;  install  -s -o 
root -g wheel -m 555 extdgts /usr/local/bin;
cd /usr/ports/www/wwwcount/work/wwwcount2.5/utils/mkstrip;  install  -s -o 
root -g wheel -m 555 mkstrip /usr/local/bin;  install  -o root -g wheel -m 444
mkstrip.1 /usr/local/man/man1;  install  -o root -g wheel -m 555 
mkstrip.sh /usr/local/lib/Counter/digits
===>   Compressing manual pages for wwwcount-2.5_2
===>   Registering installation for wwwcount-2.5_2

備忘録

Base System:FreeBSD

1. FreeBSD 6.2Rのインストール
   1. portupgrade のインストール
   2. ports collection の更新
   3. sudo のインストール
   4. portaudit のインストール
   5. 時刻同期
   6. screen
2. Tips
   1. portsのインストールオプションの解除・確認・設定
   2. 起動メニュー待ち時間
   3. コンテンツの一括凍結

edit

http://piano2nd.smb.net/webalizer/

https://piano2nd.smb.net/PukiWiki/

https://www.smb.net/PukiWiki/

最新の60件

edit

2011-11-23 (水) 09:00:06