httpd'conf - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

httpd'conf

Description:

This is compiled in the daemon but cat be overridden at startup of the daemon ... Permute the characters in the string randomly to as an example $perm = 'LsddlLls' ... – PowerPoint PPT presentation

Number of Views:110
Avg rating:3.0/5.0
Slides: 29
Provided by: iuH
Category:
Tags: conf | httpd | permute

less

Transcript and Presenter's Notes

Title: httpd'conf


1
httpd.conf
  • Divided into 3 sections
  • Global environment (normally not touched), Main
    server configuration (read it carefully!),
    Virtual hosts (normally not touched)
  • Main server configuration (Section 2)
  • Who are we
  • User wwwrun
  • Group www
  • Name on server and admin
  • ServerAdmin geirs_at_iu.hio.no
  • ServerName compaq.iu.hio.no
  • Points at document root
  • DocumentRoot "/usr/local/apache2/htdocs"

2
httpd.conf
  • The configuration file is most likely in the
    directory /usr/local/apache2/conf/
  • This is compiled in the daemon but cat be
    overridden at startup of the daemon
  • The configuration is divided into sections which
    can be included in httpd.conf at your own wish.
    In my /usr/local/apache2/conf/extra/ I have the
    following files
  • total 56
  • -rw-r--r-- 1 root root 2845 2007-01-15 1334
    httpd-autoindex.conf
  • -rw-r--r-- 1 root root 1690 2007-02-21 1426
    httpd-dav.conf
  • -rw-r--r-- 1 root root 2344 2007-01-15 1334
    httpd-default.conf
  • -rw-r--r-- 1 root root 1103 2007-01-15 1334
    httpd-info.conf
  • -rw-r--r-- 1 root root 5040 2007-01-15 1334
    httpd-languages.conf
  • -rw-r--r-- 1 root root 800 2007-01-15 1334
    httpd-manual.conf
  • -rw-r--r-- 1 root root 3523 2007-01-15 1334
    httpd-mpm.conf
  • -rw-r--r-- 1 root root 2186 2007-01-15 1334
    httpd-multilang-errordoc.conf
  • -rw-r--r-- 1 root root 10253 2007-01-15 1334
    httpd-ssl.conf
  • -rw-r--r-- 1 root root 815 2007-01-15 1334
    httpd-userdir.conf
  • -rw-r--r-- 1 root root 1453 2007-01-15 1334
    httpd-vhosts.conf

3
httpd.conf
  • The most important directives in this file are
  • ServerRoot
  • Listen
  • LoadModule
  • User
  • Group
  • ServerAdmin
  • DocumentRoot
  • Options
  • AllowOverride
  • Order, Deny, Allow
  • DirectoryIndex
  • AddType
  • Include
  • UserDir
  • ScriptAlias

4
httpd.conf
  • ServerRoot
  • The ServerRoot directive sets the directory in
    which the server lives. Typically it will contain
    the subdirectories conf/ and logs/. Relative
    paths in other configuration directives (such as
    Include or LoadModule, for example) are taken as
    relative to this directory.
  • Listen
  • The Listen directive instructs Apache to listen
    to only specific IP addresses or ports by
    default it responds to requests on all IP
    interfaces. Listen is now a required directive.
    If it is not in the config file, the server will
    fail to start. This is a change from previous
    versions of Apache.
  • LoadModule
  • The LoadModule directive links in the object file
    or library filename and adds the module structure
    named module to the list of active modules.
    Module is the name of the external variable of
    type module in the file, and is listed as the
    Module Identifier in the module documentation.

5
httpd.conf
  • User
  • The User directive sets the user ID as which the
    server will answer requests. In order to use this
    directive, the server must be run initially as
    root. If you start the server as a non-root user,
    it will fail to change to the lesser privileged
    user, and will instead continue to run as that
    original user. If you do start the server as
    root, then it is normal for the parent process to
    remain running as root.
  • Group
  • The Group directive sets the group under which
    the server will answer requests. In order to use
    this directive, the server must be run initially
    as root. If you start the server as a non-root
    user, it will fail to change to the specified
    group, and will instead continue to run as the
    group of the original user.
  • ServerAdmin
  • The ServerAdmin sets the contact address that the
    server includes in any error messages it returns
    to the client. If the httpd doesn't recognize the
    supplied argument as an URL, it assumes, that
    it's an email-address and prepends it with
    mailto in hyperlink targets. However, it's
    recommended to actually use an email address,
    since there are a lot of CGI scripts that make
    that assumption. If you want to use an URL, it
    should point to another server under your
    control. Otherwise users may not be able to
    contact you in case of errors.

6
httpd.conf
  • DocumentRoot
  • This directive sets the directory from which
    httpd will serve files. Unless matched by a
    directive like Alias, the server appends the path
    from the requested URL to the document root to
    make the path to the document.
  • Options
  • The Options directive controls which server
    features are available in a particular directory.
  • AllowOverride
  • When the server finds an .htaccess file (as
    specified by AccessFileName) it needs to know
    which directives declared in that file can
    override earlier configuration directives.
  • Order, Deny, Allow
  • The Order directive controls the default access
    state and the order in which Allow and Deny
    directives are evaluated.

7
httpd.conf
  • DirectoryIndex
  • The DirectoryIndex directive sets the list of
    resources to look for, when the client requests
    an index of the directory by specifying a / at
    the end of the directory name. Local-url is the
    (-encoded) URL of a document on the server
    relative to the requested directory it is
    usually the name of a file in the directory.
    Several URLs may be given, in which case the
    server will return the first one that it finds.
    If none of the resources exist and the Indexes
    option is set, the server will generate its own
    listing of the directory.
  • AddType
  • The AddType directive maps the given filename
    extensions onto the specified content type.
    MIME-type is the MIME type to use for filenames
    containing extension. This mapping is added to
    any already in force, overriding any mappings
    that already exist for the same extension. This
    directive can be used to add mappings not listed
    in the MIME types file (see the TypesConfig
    directive).
  • Include
  • This directive allows inclusion of other
    configuration files from within the server
    configuration files.

8
httpd.conf
  • UserDir
  • The UserDir directive sets the real directory in
    a user's home directory to use when a request for
    a document for a user is received.
  • ScriptAlias
  • The ScriptAlias directive has the same behavior
    as the Alias directive, except that in addition
    it marks the target directory as containing CGI
    scripts that will be processed by mod_cgi's
    cgi-script handler. URLs with a case-sensitive
    (-decoded) path beginning with URL-path will be
    mapped to scripts beginning with the second
    argument, which is a full pathname in the local
    filesystem.

9
httpd.conf
  • The directives can be invoked under certain
    conditions and some conditions are
  • IfModule
  • Directory
  • FilesMatch

10
httpd.conf
  • IfModule
  • The ltIfModule testgt...lt/IfModulegt section is used
    to mark directives that are conditional on the
    presence of a specific module. The directives
    within an ltIfModulegt section are only processed
    if the test is true. If test is false, everything
    between the start and end markers is ignored.
  • Directory
  • ltDirectorygt and lt/Directorygt are used to enclose
    a group of directives that will apply only to the
    named directory and sub-directories of that
    directory. Any directive that is allowed in a
    directory context may be used. Directory-path is
    either the full path to a directory, or a
    wild-card string using Unix shell-style matching.
    In a wild-card string, ? matches any single
    character, and matches any sequences of
    characters. You may also use character ranges.
    None of the wildcards match a /' character, so
    ltDirectory //public_htmlgt will not match
    /home/user/public_html, but ltDirectory
    /home//public_htmlgt will match.
  • FilesMatch
  • The ltFilesMatchgt directive limits the scope of
    the enclosed directives by filename, just as the
    ltFilesgt directive does. However, it accepts a
    regular expression.

11
httpd.conf
  • Main settings for /
  • Restrictive settings
  • ltDirectory /gt
  • Options FollowSymLinks
  • AllowOverride None
  • lt/Directorygt
  • Main settings for DocumentRoot
  • Access control for any directory under
    "/usr/local/apache2/htdocs" (DocumentRoot)
  • ltDirectory "/usr/local/apache2/htdocs"gt
  • Give a directory listing if no .html file exists
    and follow links
  • Options Indexes FollowSymLinks
  • Does not look for any .htaccess files
  • AllowOverride None
  • Who can get information from this server
  • Order allow, deny
  • Allow from all
  • lt/Directorygt

12
httpd.conf
  • User directory
  • Web directory appended to each use user (/user)
  • UserDir public_html
  • User directories
  • ltDirectory /home//public_htmlgt
  • AllowOverride FileInfo AuthConfig Limit
    Indexes
  • Options MultiViews Indexes SymLinksIfOwnerMatc
    h IncludesNoExec
  • ltLimit GET POST OPTIONS PROPFINDgt
  • Order allow,deny
  • Allow from all
  • lt/Limitgt
  • ltLimitExcept GET POST OPTIONS PROPFINDgt
  • Order deny,allow
  • Deny from all
  • lt/LimitExceptgt
  • lt/Directorygt

13
httpd.conf
  • Documentation
  • www.apache.org
  • Go to (click on) HTTP Server (httpd.apache.org)
  • Go to Documentation Apache 2.0 (httpd.apache.org/d
    ocs-2.0)
  • Then look at the User's Guide (Configuration
    Sections)

14
http.conf
  • Directory index
  • Default file if a directory is requested
  • DirectoryIndex index.html index.phtml
  • Access file name
  • AccessFileName to override the default settings
    for each directory
  • AccessFileName .htaccess
  • Script aliases
  • Directories for serverscripts
  • ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/
    "
  • ScriptAlias /cgi-bin-geirs/ "/home/geirs/cgi-bin/"

15
User administration
  • Introduction
  • You shall write a Perl script to create a couple
    of hundred users
  • The script shall read an input file (with users)
    and create two output files.
  • This shall be done in one go (only one Enter
    touch)
  • The two output files will be additions to
    /etc/passwd and /etc/shadow
  • Keep a backup of the old /etc/passwd and
    /etc/shadow
  • compaq cp /etc/passwd /etc/passwd.old
  • Merge the additions manually like
  • compaq cat /etc/passwd.add gtgt /etc/passwd
    (and for the shadow file)
  • A good advice is to run perl with the -w switch
  • !/usr/bin/perl -w
  • Create all necessary user directories and files
    (see /etc/skel)
  • Create a default web page
  • Make necessary changes in httpd.conf so that each
    user has its own script directory
  • The last point might be the third output file
    from the script
  • Perl
  • Resources www.perl.com or man perl

16
User administration
  • Strategy
  • Start with reading the existing /etc/passwd
  • Use a hash array to keep track of existing uid's
    and users
  • The first new uid may as an example be the
    highest one 1
  • --------------------------------------------------
    -
  • Start reading the file with new users
  • Extract the students name
  • Get rid of all spaces
  • Change all norwegian letters (æøå) into eoa
  • Change all capital letters to small letters
  • Then create a user name from e.g. the first five
    letters of the first name and the first letter of
    the last name
  • Check that the user name does not exist
  • If it does, add a digit to the user name until it
    is unique
  • Give the new user name an uid
  • Add the user name and uid to the hash array

17
User administration
  • Strategy
  • Generate a password and encrypt it
  • Generate a home directory and the necessary
    subdirectories
  • Generate ScriptAlias to httpd.conf
  • Create a standard home page
  • Change the ownership to the whole home directory
  • Read the next user and start over again
  • -------------------------------------------------
  • Generating passwords
  • One strategy is to start with a string seq
    llLLddss where l stands for lower case letter,
    L stands for upper case letter, d stands for
    digit and s stands for special character
  • Permute the characters in the string randomly to
    as an example perm LsddlLls
  • Then read one character at a time from perm to
    generate a password

18
User administration
  • Reading the password file for users

PASSWD"/etc/passwd" open(PASSWD,
"PASSWD") Les igjennom passordfilen
(registrerte brukere) maxuid 0 while (line
ltPASSWDgt) chop(line) (login,x,uid,x)
split("",line) userslogin uid
Ta vare på login uidsuid login
og uid if (uid gt maxuid and uid lt 60000)
maxuid uid Første "ledige" uid
close(PASSWD)
19
User administration
  • Generating a random lower case string

geirs_at_compaq/bingt cat string.pl !/usr/bin/perl
-w sub generate_string _at_letters
("a".."z") nl _at_letters string ""
for (i0ilt8i) string .
letters(time rand(32767))nl return
string for (j0jlt10j) passwd
generate_string() print "passwd\n" geirs_at_co
mpaq/bingt string.pl dsarzgzr xylpvnej geghwhhc k
ikujokh nivlvhij iqaehhar sbmhmrqq airawpxq fsjrax
ci hnszpgah geirs_at_compaq/bingt
20
perl
  • Scalars
  • var 2.3
  • var 10
  • var a string
  • Arrays
  • _at_arr (a, b, c) Defining an array
  • arr0 a An alternative
  • arr1 b
  • arr2 c
  • (first, second, third) _at_arr Making scalars
    of an array
  • (x, y) (y, x) Switching between two
    scalar values

21
perl
  • Example

!/usr/bin/perl -w Array print "-"x80 .
"\nArray\n" . "-"x80 . "\n" _at_arr
("a","b","c") print 'Number of elements in _at_arr
("a","b","c") is ' . _at_arr . "\n" print "The
elements are _at_arr\n" (first, second, third)
_at_arr print 'Elements in (first, second,
third) _at_arr is ' . "first second
third\n" Switching variables print "-"x80
. "\n" . 'Switching variables x and y' . "\n" .
"-"x80 . "\n" x 2 y 3 print "x -
y\n" (x, y) (y, x) print "x - y\n"
22
perl
  • Hash arrays (associative array)
  • users (hansb, 1001, olah, 1002, benteh,
    1005) Creation
  • users (hansb gt 1001, olah gt 1002,
    benteh gt 1005) Alternative
  • usershansb 1001 Alternative
  • usersbenteh 1005
  • usersolah 1002
  • Filehandles
  • open(FILE, data) Reading an existing file
  • open(FILE, ltdata) The same
  • open(FILE, gtdata) Create and write to file
  • open(FILE, gtgtdata) Add to existing file
  • open(FILE, grep s) Output filter (must
    start with s)
  • open(FILE, grep s data ) Input filter (only
    lines beginning with s in file data)
  • line chop(input ltSTDINgt) Read from
    console and remove newline
  • input ltSTDINgt The same
  • line chop(input)

23
perl
  • Example

!/usr/bin/perl -w Hash array print "-"x80
. "\nHash array\n" . "-"x80 . "\n" users
("hansb", 1001, "olah", 1002, "benteh",
1005) print users . "\n" users ("hansb" gt
1001, "olah" gt 1002, "benteh" gt 1005) print
users . "\n" users"hansb"
1001 users"benteh" 1005 users"olah"
1002 print "users\n" print 'users' . "\n"
24
perl
  • Operators
  • , -, , /, , (Standard operators)
  • . (String addition or concatenation)
  • a 123
  • b 456
  • c 3
  • a b gives 579
  • a . b gives 123456
  • a c gives 369
  • a x c gives 123123123

25
perl
  • Example

!/usr/bin/perl -w Operators print "-"x80 .
"\nOperators\n" . "-"x80 . "\n" a 123 b
456 c 3 print 'a 123' . "\n" print 'b
456' . "\n" print 'c 3' . "\n" print 'a
b is ' . (a b) . "\n" print 'a . b is
' . a . b . "\n" print 'a b is ' . (a
c) . "\n" print 'a x b is ' . (a x c) .
"\n"
26
perl
  • Logical operators
  • , , !, and, or, not
  • Comparison operators
  • , !, lt, gt, lt, gt, ltgt, eq, ne, lt, gt, le,
    ge, cmp
  • a ltgt b (gives -1, 0 or 1)
  • File test operators
  • -e file (exists)
  • -r file (readable)
  • -w file (writable)
  • -d file (directory)
  • -f file (regular file)
  • -T file (text file)

27
perl
  • True values
  • Any string except and 0
  • Any number except 0
  • Any reference
  • 0.00
  • \a (even if a 0)
  • False values
  • 0
  • 10 10
  • 0.00
  • 0
  • undef()

28
perl
  • Example

DIR"/root" Root catalog LOG_DIR"DIR/log/"
Log directory USERS"DIR/data/users" New
users file Open log file unless (-d
LOG_DIR) print "No log directory
exists!\n" exit 1 open(RUN_LOG,
"gtRUN_LOG") Read the users file unless
(-T USERS) print "No users file exists!\n"
exit 1 open(USERS, USERS)
Write a Comment
User Comments (0)
About PowerShow.com