Title: httpd'conf
1httpd.conf
- Divided into 3 sections
- Global environment (normally not touched), Main
server configuration (read it carefully!),
Virtual hosts (normally not touched) - Main server configuration (Section 2)
- Who are we
- User wwwrun
- Group www
- Name on server and admin
- ServerAdmin geirs_at_iu.hio.no
- ServerName compaq.iu.hio.no
- Points at document root
- DocumentRoot "/usr/local/apache2/htdocs"
2httpd.conf
- The configuration file is most likely in the
directory /usr/local/apache2/conf/ - This is compiled in the daemon but cat be
overridden at startup of the daemon - The configuration is divided into sections which
can be included in httpd.conf at your own wish.
In my /usr/local/apache2/conf/extra/ I have the
following files - total 56
- -rw-r--r-- 1 root root 2845 2007-01-15 1334
httpd-autoindex.conf - -rw-r--r-- 1 root root 1690 2007-02-21 1426
httpd-dav.conf - -rw-r--r-- 1 root root 2344 2007-01-15 1334
httpd-default.conf - -rw-r--r-- 1 root root 1103 2007-01-15 1334
httpd-info.conf - -rw-r--r-- 1 root root 5040 2007-01-15 1334
httpd-languages.conf - -rw-r--r-- 1 root root 800 2007-01-15 1334
httpd-manual.conf - -rw-r--r-- 1 root root 3523 2007-01-15 1334
httpd-mpm.conf - -rw-r--r-- 1 root root 2186 2007-01-15 1334
httpd-multilang-errordoc.conf - -rw-r--r-- 1 root root 10253 2007-01-15 1334
httpd-ssl.conf - -rw-r--r-- 1 root root 815 2007-01-15 1334
httpd-userdir.conf - -rw-r--r-- 1 root root 1453 2007-01-15 1334
httpd-vhosts.conf
3httpd.conf
- The most important directives in this file are
- ServerRoot
- Listen
- LoadModule
- User
- Group
- ServerAdmin
- DocumentRoot
- Options
- AllowOverride
- Order, Deny, Allow
- DirectoryIndex
- AddType
- Include
- UserDir
- ScriptAlias
4httpd.conf
- ServerRoot
- The ServerRoot directive sets the directory in
which the server lives. Typically it will contain
the subdirectories conf/ and logs/. Relative
paths in other configuration directives (such as
Include or LoadModule, for example) are taken as
relative to this directory. - Listen
- The Listen directive instructs Apache to listen
to only specific IP addresses or ports by
default it responds to requests on all IP
interfaces. Listen is now a required directive.
If it is not in the config file, the server will
fail to start. This is a change from previous
versions of Apache. - LoadModule
- The LoadModule directive links in the object file
or library filename and adds the module structure
named module to the list of active modules.
Module is the name of the external variable of
type module in the file, and is listed as the
Module Identifier in the module documentation.
5httpd.conf
- User
- The User directive sets the user ID as which the
server will answer requests. In order to use this
directive, the server must be run initially as
root. If you start the server as a non-root user,
it will fail to change to the lesser privileged
user, and will instead continue to run as that
original user. If you do start the server as
root, then it is normal for the parent process to
remain running as root. - Group
- The Group directive sets the group under which
the server will answer requests. In order to use
this directive, the server must be run initially
as root. If you start the server as a non-root
user, it will fail to change to the specified
group, and will instead continue to run as the
group of the original user. - ServerAdmin
- The ServerAdmin sets the contact address that the
server includes in any error messages it returns
to the client. If the httpd doesn't recognize the
supplied argument as an URL, it assumes, that
it's an email-address and prepends it with
mailto in hyperlink targets. However, it's
recommended to actually use an email address,
since there are a lot of CGI scripts that make
that assumption. If you want to use an URL, it
should point to another server under your
control. Otherwise users may not be able to
contact you in case of errors.
6httpd.conf
- DocumentRoot
- This directive sets the directory from which
httpd will serve files. Unless matched by a
directive like Alias, the server appends the path
from the requested URL to the document root to
make the path to the document. - Options
- The Options directive controls which server
features are available in a particular directory. - AllowOverride
- When the server finds an .htaccess file (as
specified by AccessFileName) it needs to know
which directives declared in that file can
override earlier configuration directives. - Order, Deny, Allow
- The Order directive controls the default access
state and the order in which Allow and Deny
directives are evaluated.
7httpd.conf
- DirectoryIndex
- The DirectoryIndex directive sets the list of
resources to look for, when the client requests
an index of the directory by specifying a / at
the end of the directory name. Local-url is the
(-encoded) URL of a document on the server
relative to the requested directory it is
usually the name of a file in the directory.
Several URLs may be given, in which case the
server will return the first one that it finds.
If none of the resources exist and the Indexes
option is set, the server will generate its own
listing of the directory. - AddType
- The AddType directive maps the given filename
extensions onto the specified content type.
MIME-type is the MIME type to use for filenames
containing extension. This mapping is added to
any already in force, overriding any mappings
that already exist for the same extension. This
directive can be used to add mappings not listed
in the MIME types file (see the TypesConfig
directive). - Include
- This directive allows inclusion of other
configuration files from within the server
configuration files.
8httpd.conf
- UserDir
- The UserDir directive sets the real directory in
a user's home directory to use when a request for
a document for a user is received. - ScriptAlias
- The ScriptAlias directive has the same behavior
as the Alias directive, except that in addition
it marks the target directory as containing CGI
scripts that will be processed by mod_cgi's
cgi-script handler. URLs with a case-sensitive
(-decoded) path beginning with URL-path will be
mapped to scripts beginning with the second
argument, which is a full pathname in the local
filesystem.
9httpd.conf
- The directives can be invoked under certain
conditions and some conditions are - IfModule
- Directory
- FilesMatch
10httpd.conf
- IfModule
- The ltIfModule testgt...lt/IfModulegt section is used
to mark directives that are conditional on the
presence of a specific module. The directives
within an ltIfModulegt section are only processed
if the test is true. If test is false, everything
between the start and end markers is ignored. - Directory
- ltDirectorygt and lt/Directorygt are used to enclose
a group of directives that will apply only to the
named directory and sub-directories of that
directory. Any directive that is allowed in a
directory context may be used. Directory-path is
either the full path to a directory, or a
wild-card string using Unix shell-style matching.
In a wild-card string, ? matches any single
character, and matches any sequences of
characters. You may also use character ranges.
None of the wildcards match a /' character, so
ltDirectory //public_htmlgt will not match
/home/user/public_html, but ltDirectory
/home//public_htmlgt will match. - FilesMatch
- The ltFilesMatchgt directive limits the scope of
the enclosed directives by filename, just as the
ltFilesgt directive does. However, it accepts a
regular expression.
11httpd.conf
- Main settings for /
- Restrictive settings
- ltDirectory /gt
- Options FollowSymLinks
- AllowOverride None
- lt/Directorygt
- Main settings for DocumentRoot
- Access control for any directory under
"/usr/local/apache2/htdocs" (DocumentRoot) - ltDirectory "/usr/local/apache2/htdocs"gt
- Give a directory listing if no .html file exists
and follow links - Options Indexes FollowSymLinks
- Does not look for any .htaccess files
- AllowOverride None
- Who can get information from this server
- Order allow, deny
- Allow from all
- lt/Directorygt
12httpd.conf
- User directory
- Web directory appended to each use user (/user)
- UserDir public_html
- User directories
- ltDirectory /home//public_htmlgt
- AllowOverride FileInfo AuthConfig Limit
Indexes - Options MultiViews Indexes SymLinksIfOwnerMatc
h IncludesNoExec - ltLimit GET POST OPTIONS PROPFINDgt
- Order allow,deny
- Allow from all
- lt/Limitgt
- ltLimitExcept GET POST OPTIONS PROPFINDgt
- Order deny,allow
- Deny from all
- lt/LimitExceptgt
- lt/Directorygt
13httpd.conf
- Documentation
- www.apache.org
- Go to (click on) HTTP Server (httpd.apache.org)
- Go to Documentation Apache 2.0 (httpd.apache.org/d
ocs-2.0) - Then look at the User's Guide (Configuration
Sections)
14http.conf
- Directory index
- Default file if a directory is requested
- DirectoryIndex index.html index.phtml
- Access file name
- AccessFileName to override the default settings
for each directory - AccessFileName .htaccess
- Script aliases
- Directories for serverscripts
- ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/
" - ScriptAlias /cgi-bin-geirs/ "/home/geirs/cgi-bin/"
15User administration
- Introduction
- You shall write a Perl script to create a couple
of hundred users - The script shall read an input file (with users)
and create two output files. - This shall be done in one go (only one Enter
touch) - The two output files will be additions to
/etc/passwd and /etc/shadow - Keep a backup of the old /etc/passwd and
/etc/shadow - compaq cp /etc/passwd /etc/passwd.old
- Merge the additions manually like
- compaq cat /etc/passwd.add gtgt /etc/passwd
(and for the shadow file) - A good advice is to run perl with the -w switch
- !/usr/bin/perl -w
- Create all necessary user directories and files
(see /etc/skel) - Create a default web page
- Make necessary changes in httpd.conf so that each
user has its own script directory - The last point might be the third output file
from the script - Perl
- Resources www.perl.com or man perl
16User administration
- Strategy
- Start with reading the existing /etc/passwd
- Use a hash array to keep track of existing uid's
and users - The first new uid may as an example be the
highest one 1 - --------------------------------------------------
- - Start reading the file with new users
- Extract the students name
- Get rid of all spaces
- Change all norwegian letters (æøå) into eoa
- Change all capital letters to small letters
- Then create a user name from e.g. the first five
letters of the first name and the first letter of
the last name - Check that the user name does not exist
- If it does, add a digit to the user name until it
is unique - Give the new user name an uid
- Add the user name and uid to the hash array
17User administration
- Strategy
- Generate a password and encrypt it
- Generate a home directory and the necessary
subdirectories - Generate ScriptAlias to httpd.conf
- Create a standard home page
- Change the ownership to the whole home directory
- Read the next user and start over again
- -------------------------------------------------
- Generating passwords
- One strategy is to start with a string seq
llLLddss where l stands for lower case letter,
L stands for upper case letter, d stands for
digit and s stands for special character - Permute the characters in the string randomly to
as an example perm LsddlLls - Then read one character at a time from perm to
generate a password
18User administration
- Reading the password file for users
PASSWD"/etc/passwd" open(PASSWD,
"PASSWD") Les igjennom passordfilen
(registrerte brukere) maxuid 0 while (line
ltPASSWDgt) chop(line) (login,x,uid,x)
split("",line) userslogin uid
Ta vare på login uidsuid login
og uid if (uid gt maxuid and uid lt 60000)
maxuid uid Første "ledige" uid
close(PASSWD)
19User administration
- Generating a random lower case string
geirs_at_compaq/bingt cat string.pl !/usr/bin/perl
-w sub generate_string _at_letters
("a".."z") nl _at_letters string ""
for (i0ilt8i) string .
letters(time rand(32767))nl return
string for (j0jlt10j) passwd
generate_string() print "passwd\n" geirs_at_co
mpaq/bingt string.pl dsarzgzr xylpvnej geghwhhc k
ikujokh nivlvhij iqaehhar sbmhmrqq airawpxq fsjrax
ci hnszpgah geirs_at_compaq/bingt
20perl
- Scalars
- var 2.3
- var 10
- var a string
- Arrays
- _at_arr (a, b, c) Defining an array
- arr0 a An alternative
- arr1 b
- arr2 c
- (first, second, third) _at_arr Making scalars
of an array - (x, y) (y, x) Switching between two
scalar values
21perl
!/usr/bin/perl -w Array print "-"x80 .
"\nArray\n" . "-"x80 . "\n" _at_arr
("a","b","c") print 'Number of elements in _at_arr
("a","b","c") is ' . _at_arr . "\n" print "The
elements are _at_arr\n" (first, second, third)
_at_arr print 'Elements in (first, second,
third) _at_arr is ' . "first second
third\n" Switching variables print "-"x80
. "\n" . 'Switching variables x and y' . "\n" .
"-"x80 . "\n" x 2 y 3 print "x -
y\n" (x, y) (y, x) print "x - y\n"
22perl
- Hash arrays (associative array)
- users (hansb, 1001, olah, 1002, benteh,
1005) Creation - users (hansb gt 1001, olah gt 1002,
benteh gt 1005) Alternative - usershansb 1001 Alternative
- usersbenteh 1005
- usersolah 1002
- Filehandles
- open(FILE, data) Reading an existing file
- open(FILE, ltdata) The same
- open(FILE, gtdata) Create and write to file
- open(FILE, gtgtdata) Add to existing file
- open(FILE, grep s) Output filter (must
start with s) - open(FILE, grep s data ) Input filter (only
lines beginning with s in file data) - line chop(input ltSTDINgt) Read from
console and remove newline - input ltSTDINgt The same
- line chop(input)
23perl
!/usr/bin/perl -w Hash array print "-"x80
. "\nHash array\n" . "-"x80 . "\n" users
("hansb", 1001, "olah", 1002, "benteh",
1005) print users . "\n" users ("hansb" gt
1001, "olah" gt 1002, "benteh" gt 1005) print
users . "\n" users"hansb"
1001 users"benteh" 1005 users"olah"
1002 print "users\n" print 'users' . "\n"
24perl
- Operators
- , -, , /, , (Standard operators)
- . (String addition or concatenation)
- a 123
- b 456
- c 3
- a b gives 579
- a . b gives 123456
- a c gives 369
- a x c gives 123123123
25perl
!/usr/bin/perl -w Operators print "-"x80 .
"\nOperators\n" . "-"x80 . "\n" a 123 b
456 c 3 print 'a 123' . "\n" print 'b
456' . "\n" print 'c 3' . "\n" print 'a
b is ' . (a b) . "\n" print 'a . b is
' . a . b . "\n" print 'a b is ' . (a
c) . "\n" print 'a x b is ' . (a x c) .
"\n"
26perl
- Logical operators
- , , !, and, or, not
- Comparison operators
- , !, lt, gt, lt, gt, ltgt, eq, ne, lt, gt, le,
ge, cmp - a ltgt b (gives -1, 0 or 1)
- File test operators
- -e file (exists)
- -r file (readable)
- -w file (writable)
- -d file (directory)
- -f file (regular file)
- -T file (text file)
27perl
- True values
- Any string except and 0
- Any number except 0
- Any reference
- 0.00
- \a (even if a 0)
- False values
- 0
- 10 10
- 0.00
-
- 0
- undef()
28perl
DIR"/root" Root catalog LOG_DIR"DIR/log/"
Log directory USERS"DIR/data/users" New
users file Open log file unless (-d
LOG_DIR) print "No log directory
exists!\n" exit 1 open(RUN_LOG,
"gtRUN_LOG") Read the users file unless
(-T USERS) print "No users file exists!\n"
exit 1 open(USERS, USERS)