*WWW Server の移行 [#tc14fb36]
#counter([total|today|yesterday]);
**Blackcube Backupデータからの復帰 [#k3403d22]
1.OSのインストール 今回は8.2R AMD64
2./etc/ssh/sshd.config と ssh.config を編集してWinSCPからアクセス出来るように。
3./etc/hosts.allow を入れ替え
4.portupgrade install port treeを最新版に更新 rsync インストール
5./etc/masterpasswd を移植
6.backupからhomeを書き戻す
**FreeBSD 4.4-RELEASE で運用中のWWWサーバを新しいFreeBSD 6.2Rへ移行するメモ [#r34f9b91]
|CENTER:移動元||CENTER:移動先|
|CENTER:FreeBSD 4.4R ||CENTER:FreeBSD 6.2R|
|||#cp /etc/master.passwd /etc/master.passwd-dist|
|/etc/master.passwd|->|/etc/master.passwd|
|||#vipwでmaster.passwdを編集保存|
|||#mv /usr/home /usr/home-dist|
//|||#scp -rp www.smb.net:/usr/home/ /usr/home/|
|cd /usr/|||
|#tar cvfzp home_date.tar.gz home|||
|||#scp FreeBSD4.4Rmachine:/usr/home_date.tar.gz /usr/|
|||#tar xvfzp /usr/home_date.tar.gz|
|/etc/hosts.allow|->|/etc/hosts.allow|
|% tar cvfzp /usr/local/www/data.070910.tar.gz /usr/local/www/data|||
|||# scp www.smb.net:/usr/local/www/data.070910.tar.gz ./|
|||# mv data data-dist|
|||# tar xvfzp data.070910.tar.gz|
|cgiの移行|||
|ScriptAlias /cgi-bin/ "/usr/local/www/cgi-bin/"||ScriptAlias /cgi-bin/ "/usr/local/www/apache22/cgi-bin/"|
|cd /usr/local/www|||
|tar cvfzp cgi-bin.070913.tar.gz cgi-bin|||
|||cd /usr/local/www/apache22|
|||cp -rp cgi-bin/ cgi-bin-old|
|||scp www.smb.net:/usr/local/www/cgi-bin.070913.tar.gz ./|
|||tar xvfzp cgi-bin.070913.tar.gz|
|||cd /usr/local/www/apache22/cgi-bin-old|
|||cp -rp Count.cgi ../cgi-bin/|
~
|CENTER:移動元||CENTER:移動先|
|CENTER:FreeBSD 4.4R ||CENTER:FreeBSD 6.2R|
|||# /usr/sbin/sysinstall でinterfaceの設定を変える|
|||/etc/hosts の設定を確認|
|||/etc/resolv.conf の設定を確認|
|/etc/rc.conf||/etc/rc.conf で以下の#を除去|
|||#ifconfig_nve0="inet 219.117.246.201 netmask 255.255.255.224"|
|||#ifconfig_nve0_alias0="inet 219.117.246.214 netmask 255.255.255.255"|
|||#ifconfig_nve0_alias1="inet 219.117.246.214 netmask 255.255.255.255"|
|||#ifconfig_nve0_alias2="inet 219.117.246.214 netmask 255.255.255.255"|
|/usr/local/etc/apache/httpd.conf||/usr/local/etc/apache22/extra/httpd-vhosts.conf|
|||# cp httpd-vhosts.conf-ready2go httpd-vhosts.conf|
|||/usr/local/etc/apache22/httpd.conf|
|||#Include etc/apache22/extra/httpd-vhosts.conf の#除去|
|||#ServerName www.smb.net:80 も?|
|||/usr/local/etc/postfix/main.cf のホスト名を変更|
&lastmod;
**アプリケーションのインストール [#r1d6d915]
***/usr/ports/www/apache22 [#d6fdbc17]
===> Installing rc.d startup script(s)
===> Compressing manual pages for apache-2.2.4_2
===> Running ldconfig
/sbin/ldconfig -m /usr/local/lib
===> Registering installation for apache-2.2.4_2
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/lib/libapr-1.so.2
This port has installed the following startup scripts which may cause
these network services to be started at boot time.
/usr/local/etc/rc.d/apache22
/usr/local/etc/rc.d/htcacheclean
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://httpd.apache.org/
**手動起動 [#d7e18cb9]
# apachectl start
[Sun Sep 09 17:19:40 2007] [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter
# apachectl start
httpd (pid 81641) already running
**自動起動 [#u32999d4]
/usr/ports/www/apache22/files/apache22.sh.inを見ると
# Add the following lines to /etc/rc.conf to enable apache22:
# apache22_enable (bool): Set to "NO" by default.
# Set it to "YES" to enable apache22
# apache22_profiles (str): Set to "" by default.
# Define your profiles here.
# apache22limits_enable (bool):Set to "NO" by default.
# Set it to yes to run `limits $limits_args`
# just before apache starts.
# apache22_flags (str): Set to "" by default.
# Extra flags passed to start command.
# apache22limits_args (str): Default to "-e -C daemon"
# Arguments of pre-start limits run.
# apache22_http_accept_enable (bool): Set to "NO" by default.
# Set to yes to check for accf_http kernel
# module on start up and load if not loaded.
ので、/etc/rc.conf に、apache22_enable="YES"
**/usr/local/etc/apache22/ [#df58484d]
***httpd.conf [#j924b8d5]
ServerAdmin webmaster@smb.net
# Server-pool management (MPM specific)
#Include etc/apache22/extra/httpd-mpm.conf
# Multi-language error messages
Include etc/apache22/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
#Include etc/apache22/extra/httpd-autoindex.conf
# Language settings
#Include etc/apache22/extra/httpd-languages.conf
# User home directories
Include etc/apache22/extra/httpd-userdir.conf
# Real-time info on requests and configuration
Include etc/apache22/extra/httpd-info.conf
# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include etc/apache22/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include etc/apache22/extra/httpd-dav.conf
# Various default settings
#Include etc/apache22/extra/httpd-default.conf
# Secure (SSL/TLS) connections
##Include etc/apache22/extra/httpd-ssl.conf
**WWWCount [#d311b27b]
カウンターは普通にインストールすると、nobody:nogroupになるが、apache は wwwで動くために、
# chown www:www /usr/local/www/apache22/cgi-bin/Count.cgi
# chown -R www:www /usr/local/etc/Counter/data
する~
で、更新元から/usr/local/etc/Counter/dataをコピーしownerが??なら
# chown -R www:www /usr/local/etc/Counter/data
する
# whereis wwwcount
wwwcount: /usr/ports/www/wwwcount
# cd /usr/ports/www/wwwcount
# make install
===> Vulnerability check disabled, database not found
===> Extracting for wwwcount-2.5_2
=> MD5 Checksum mismatch for wwwcount2.5.tar.gz.
=> SHA256 Checksum mismatch for wwwcount2.5.tar.gz.
===> Refetch for 1 more times files: wwwcount2.5.tar.gz wwwcount2.5.tar.gz
===> Vulnerability check disabled, database not found
=> wwwcount2.5.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch from
http://www.muquit.com/muquit/software/Count/src/wwwcount2.5/.
fetch: wwwcount2.5.tar.gz: local modification time does not match remote
=> Attempting to fetch from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/.
fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/wwwcount2.5.tar.gz:
File unavailable (e.g., file not found, no access)
=> Couldn't fetch it - please try to retrieve this
=> port manually into /usr/ports/distfiles/ and try again.
*** Error code 1
Stop in /usr/ports/www/wwwcount.
*** Error code 1
Stop in /usr/ports/www/wwwcount.
ので、隣のマシンから、wwwcount2.5.tar.gz をscpしてきて
# make install
===> Vulnerability check disabled, database not found
===> Extracting for wwwcount-2.5_2
=> MD5 Checksum OK for wwwcount2.5.tar.gz.
=> SHA256 Checksum OK for wwwcount2.5.tar.gz.
===> Patching for wwwcount-2.5_2
===> Applying FreeBSD patches for wwwcount-2.5_2
===> wwwcount-2.5_2 depends on executable: gmake - found
===> Configuring for wwwcount-2.5_2
cd /usr/ports/www/wwwcount/work/wwwcount2.5; PREFIX=/usr/local ./Count-config
Welcome to the configuration procedure of Count 2.5
---------------------------------------------------
o You must know where your system keeps CGI programs (cgi-bin directory)
It is necessary to generate the install program.
This directory must exist. If this directory does not exist, the
configuration procedure will Abort!
o You have to decide a directory, where you will keep all counter related
stuff. This directory will have other directories inside. Default
values will be supplied, press Return key to accept the default value.
Try to Accept the default value, it will make your life much easier,
because not much error checking is done to verify input.
During installation, the directories will be created for you
if they do not exist and if you have the permission to do so.
++
Continue [y|n]?
You need to enter the full path of the directory where you system
keeps the CGI programs.
*cgi-bin directory [/usr/local/www/cgi-bin]: /usr/local/www/apache22/cgi-bin/
You need to enter the base directory of the counter related stuff.
It must be a absolute path.
*Base directory [/usr/local/etc/Counter]:
You need to enter the name directory of the configuration file.
* Config directory [/usr/local/etc/Counter/conf]:
You need to enter the name of the configuration file. Note, it
is not the path of the file, just the name. No / is allowed in the
name.
This file contains the information about
o if you want to ignore access from certain hosts
o host access authentication
You will create this file later by running the program "Gen_conf".
* Name of the configuration file [count.cfg]:
You need to enter the directory of the counter data file.
*Data directory [/usr/local/etc/Counter/data]:
*Digits directory [/usr/local/lib/Counter/digits]:
You need to enter the directory of the Log file.
*Log directory [/var/log]:
You need to enter the name of the Log file. Note, it just a name, not
the path. No / is allowed in the name.
This file hold the error messages of the counter. It also
logs if someone tried to access your counter remotely.
* Name of the log file [Counter.log]:
Your configuration:
----------------------------------------------------------------
CgiBinDir=/usr/local/www/apache22/cgi-bin/
BaseDir= /usr/local/etc/Counter
DigitDir=/usr/local/lib/Counter/digits
ConfDir= /usr/local/etc/Counter/conf
ConfFile=count.cfg
DataDir=/usr/local/etc/Counter/data
LogDir=/var/log
LogFile=Counter.log
----------------------------------------------------------------
Everything looks OK [y|n]? y
ED_PROTOTYPES_ -o extdgts extdgts.o ../../libs/combine/libCombine.a
cp extdgts ../../bin
/bin/ls -l ./bin
total 150
-rwxr-xr-x 1 root wheel 89481 Sep 10 05:04 Count.cgi
-rw-r--r-- 1 root wheel 43 Mar 19 2001 README
-rwxr-xr-x 1 root wheel 27405 Sep 10 05:04 extdgts
-rwxr-xr-x 1 root wheel 31442 Sep 10 05:04 mkstrip
cd /usr/ports/www/wwwcount/work/wwwcount2.5; ./Gen-conf
Welcome to the conf file generation procedure of Count 2.5
This program creates a workable conf file for your host only, you have
to edit it by hand if you want to add other hosts. The file will have
enough comments in it to help you out. You also have to hand edit it
if you want to use netmasks to mask out a entire network or a specific
range of hosts in a network.
First of all you must know your
1) fully qualified domain name (FQDN), for example,
if your hostname is foo and your domain name is bar.com,
then your FQDN is
foo.bar.com
2) IP address of your host, for example,
192.165.155.2
3) If your host has any nickname defined, for example,
www.foo.com. Note, th nick name also has to be a FQDN.
Continue [y|n]?y
No Error checking will be done with your hostname, therefore,
you better make sure you are entering the fully qualified domain name.
* Enter your fully qualified domain name [no default]: www.smb.net
No Error checking will be done with your IP address, therefore,
you better make sure you are entering the correct IP address.
* Enter your IP address [no default]: 219.117.246.201
* Does your host have any nickname [y|n]:? y
* Enter your host's nickname (FQDN) [no default]:
* Enter your host's nickname [no default]: www.niihama-med.or.jp
Now you need to decide if you will allow the users to create datafiles
for them automatically. If you allow, the counter datafile will be
created for the user if it does not exist and a pre-determined counter
number will be inserted to it. If you do not allow, you have to create
the datafile for each user, provided that the data directory has proper
write permission.
Allowing users to create datafile is very convenient, as you do not
have to be asked all the time when someone decides to use the counter.
But the dark side of this is, anyone will be able create datafiles in
the data directory. The decision is yours.
* Do you want to allow automatic file creation [[y|n]? y
Now you need to decide if you want to compile the program in strict
mode. If you compile the program in strict mode, the browsers which
do not return the environment variable HTTP_REFERER, will not be
served, that is no access hit will be recorded, no time or date
will be displayed. Instead, a string 888888 will be displayed.
The strict mode ensures that your counter data file can not be messed
by accessing the counter remotely from a browser which does not return
that variable. Note, good browsers like netscape returns this
variable. Other browsers e.g. Mosaic does not return this variable in
IMG GET method at this time. This strict mode is experimental at this
time!
* Do you want the program to run in strict mode [[y|n]? y
* Do you want to ignore access hits from your own host [y|n]? y
Ok, do you want the users to use the file rgb.txt for color name
lookup? It is very inefficient to search this file every time the
web page is loaded. If you answer yes, the color name
will be looked up and used. If you answer no, the color will be
looked up but instead of the counter image, the RGB value will
be displayed and the user will be asked to use the RGB value
instead. This will prevent users to use this file. However,
the convenience of allowing to use rgb.txt file is that color name e.g,
red, gold etc. can be used instead of cryptic red, green and blue
components of the color.
* Allow using the rgb.txt file [y|n]? y
You can decide if you want to allow reload count in your site.
When a visitor reloads a page and if you decided to count reload,
the counter will increment with each reload. It is a good idea
to ignore reload count as it minimizes remote abuse of the counter.
Howerver, there may be situation when you will have to count reload,
for example if visitors are coming through a proxy server. If you
decide to count reload, your users will have choice to ignore or
count reload for their counters with "reload=T or F" options.
* Do you want to allow the counter to be reloaded [y|n]? n
You can decide if you want to log the counter error messages
or warning messages to the log file. If you are concerned about disk
space, answer n to the question.
* Do you want to log error messages [[y|n]? y
You can decide if you want to show error messages to the browsers.
The counter error messages are verbose and may reveal information about
the system (e.g. full path of the data file or config file) in case of
error. If you are concerned with privacy or simply don't care to show
error messages to browsers (you are confident that the counter works
perfectly), then answer n to the question. If you answer n, then then
if there is an error or the access is denied, the visitor will see the
broken image (browser default).
* Do you want to show error messages to browsers [[y|n]? y
Created conf file "count.cfg"
Please look at it, you might want to edit it!
===> Installing for wwwcount-2.5_2
===> Generating temporary packing list
===> Checking if www/wwwcount already installed
cd /usr/ports/www/wwwcount/work/wwwcount2.5; yes "" | ./Count-install
*** You are installing Counter as root ***
-------------------------------------------------------------------------
Your configuration is shown below. You are only allowed to change the
cgi-bin directory. If you want to change it, edit the file Config.tmpl
and change the variable CGIBIN_DIR to the appropriate directory. Do not change
anything else.
cgi-bin directory = /usr/local/www/apache22/cgi-bin/
conf directory = /usr/local/etc/Counter/conf
conf file to install= count.cfg
digit directory = /usr/local/lib/Counter/digits
data directory = /usr/local/etc/Counter/data
log directory = /var/log
log file = Counter.log
RGB file to install = ./data/rgb.txt
-------------------------------------------------------------------------
Press Control-C to abort
Continue [y|n]? proceeding...
Now if you know what user and group id child processes of http
server use, I can change the ownership and access permission
accordigly. If you do not know, they are usually defined in the
file httpd.conf with User and Group. I suggest create a unique
user and group say httpd and set the User and Group to httpd.
*Do you know the user and group id of httpd' child process [y|n]:? *Enter
user id of httpd's child process [nobody]:? *Enter group id of httpd's child
process [nogroup]:? installing Count.cgi->/usr/local/www/apache22/cgi-bin/
installing count.cfg->/usr/local/etc/Counter/conf
installing sample datafile ./data/data/sample.dat->/usr/local/etc/Counter/data
installing rgb.txt->/usr/local/lib/Counter
installing Counter.log->/var/log
chown: nobody.nogroup: Invalid argument
installing image strip for digit style A->/usr/local/lib/Counter/digits/A
installing sample image peng.gif->/usr/local/lib/Counter/digits/A
installing image strip for digit style B->/usr/local/lib/Counter/digits/B
installing strip image for digit style C->/usr/local/lib/Counter/digits/C
installing strip image for digit style D->/usr/local/lib/Counter/digits/D
installing sample image lenna.gif->/usr/local/lib/Counter/digits/D
installing strip image for digit style E->/usr/local/lib/Counter/digits/E
installing image foo.gif in E->/usr/local/lib/Counter/digits/E
installing image yeehaw.gif in A->/usr/local/lib/Counter/digits/A
installing strip image for digit style cd->/usr/local/lib/Counter/digits/cd
installing strip image for digit style cdr->/usr/local/lib/Counter/digits/cdr
installing strip image for digit style cdd->/usr/local/lib/Counter/digits/cdd
installing strip image for digit style bang->/usr/local/lib/Counter/digits/bang
installing the mirroring script
cd /usr/ports/www/wwwcount/work/wwwcount2.5/utils/extdgts; install -s -o
root -g wheel -m 555 extdgts /usr/local/bin;
cd /usr/ports/www/wwwcount/work/wwwcount2.5/utils/mkstrip; install -s -o
root -g wheel -m 555 mkstrip /usr/local/bin; install -o root -g wheel -m 444
mkstrip.1 /usr/local/man/man1; install -o root -g wheel -m 555
mkstrip.sh /usr/local/lib/Counter/digits
===> Compressing manual pages for wwwcount-2.5_2
===> Registering installation for wwwcount-2.5_2
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
