httpd'conf

1
httpd.conf

• Divided into 3 sections
• Global environment (normally not touched), Main
  server configuration (read it carefully!),
  Virtual hosts (normally not touched)
• Main server configuration (Section 2)
• Who are we
• User wwwrun
• Group www
• Name on server and admin
• ServerAdmin geirs_at_iu.hio.no
• ServerName compaq.iu.hio.no
• Points at document root
• DocumentRoot "/usr/local/apache2/htdocs"

2
httpd.conf

• Main settings for /
• Restrictive settings
• ltDirectory /gt
• Options FollowSymLinks
• AllowOverride None
• lt/Directorygt
• Main settings for DocumentRoot
• Access control for any directory under
  "/usr/local/apache2/htdocs" (DocumentRoot)
• ltDirectory "/usr/local/apache2/htdocs"gt
• Give a directory listing if no .html file exists
  and follow links
• Options Indexes FollowSymLinks
• Does not look for any .htaccess files
• AllowOverride None
• Who can get information from this server
• Order allow, deny
• Allow from all
• lt/Directorygt

3
httpd.conf

• User directory
• Web directory appended to each use user (/user)
• UserDir public_html
• User directories
• ltDirectory /home//public_htmlgt
• AllowOverride FileInfo AuthConfig Limit
  Indexes
• Options MultiViews Indexes SymLinksIfOwnerMatc
  h IncludesNoExec
• ltLimit GET POST OPTIONS PROPFINDgt
• Order allow,deny
• Allow from all
• lt/Limitgt
• ltLimitExcept GET POST OPTIONS PROPFINDgt
• Order deny,allow
• Deny from all
• lt/LimitExceptgt
• lt/Directorygt

4
httpd.conf

• Documentation
• www.apache.org
• Go to (click on) HTTP Server (httpd.apache.org)
• Go to Documentation Apache 2.0 (httpd.apache.org/d
  ocs-2.0)
• Then look at the User's Guide (Configuration
  Sections)

5
http.conf

• Directory index
• Default file if a directory is requested
• DirectoryIndex index.html index.phtml
• Access file name
• AccessFileName to override the default settings
  for each directory
• AccessFileName .htaccess
• Script aliases
• Directories for serverscripts
• ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/
  "
• ScriptAlias /cgi-bin-geirs/ "/home/geirs/cgi-bin/"

6
User administration

• Introduction
• You shall write a Perl script to create a couple
  of hundred users
• The script shall read an input file (with users)
  and create two output files.
• This shall be done in one go (only one Enter
  touch)
• The two output files will be additions to
  /etc/passwd and /etc/shadow
• Keep a backup of the old /etc/passwd and
  /etc/shadow
• compaq cp /etc/passwd /etc/passwd.old
• Merge the additions manually like
• compaq cat /etc/passwd.add gtgt /etc/passwd
  (and for the shadow file)
• A good advice is to run perl with the -w switch
• !/usr/bin/perl -w
• Create all necessary user directories and files
  (see /etc/skel)
• Create a default web page
• Make necessary changes in httpd.conf so that each
  user has its own script directory
• The last point might be the third output file
  from the script
• Perl
• Resources www.perl.com or man perl

7
User administration

• Strategy
• Start with reading the existing /etc/passwd
• Use a hash array to keep track of existing uid's
  and users
• The first new uid may as an example be the
  highest one 1
• --------------------------------------------------
  -
• Start reading the file with new users
• Extract the students name
• Get rid of all spaces
• Change all norwegian letters (æøå) into eoa
• Change all capital letters to small letters
• Then create a user name from e.g. the first five
  letters of the first name and the first letter of
  the last name
• Check that the user name does not exist
• If it does, add a digit to the user name until it
  is unique
• Give the new user name an uid
• Add the user name and uid to the hash array

8
User administration

• Strategy
• Generate a password and encrypt it
• Generate a home directory and the necessary
  subdirectories
• Generate ScriptAlias to httpd.conf
• Create a standard home page
• Change the ownership to the whole home directory
• Read the next user and start over again
• -------------------------------------------------
• Generating passwords
• One strategy is to start with a string seq
  llLLddss where l stands for lower case letter,
  L stands for upper case letter, d stands for
  digit and s stands for special character
• Permute the characters in the string randomly to
  as an example perm LsddlLls
• Then read one character at a time from perm to
  generate a password

9
User administration

• Reading the password file for users

PASSWD"/etc/passwd" open(PASSWD,
"PASSWD") Les igjennom passordfilen
(registrerte brukere) maxuid 0 while (line
ltPASSWDgt) chop(line) (login,x,uid,x)
split("",line) userslogin uid
Ta vare på login uidsuid login
og uid if (uid gt maxuid and uid lt 60000)
maxuid uid Første "ledige" uid
close(PASSWD)
10
User administration

• Generating a random lower case string

geirs_at_compaq/bingt cat string.pl !/usr/bin/perl
-w sub generate_string _at_letters
("a".."z") nl _at_letters string ""
for (i0ilt8i) string .
letters(time rand(32767))nl return
string for (j0jlt10j) passwd
generate_string() print "passwd\n" geirs_at_co
mpaq/bingt string.pl dsarzgzr xylpvnej geghwhhc k
ikujokh nivlvhij iqaehhar sbmhmrqq airawpxq fsjrax
ci hnszpgah geirs_at_compaq/bingt