Red Hat DIRECTORY SERVER 2.0 - GATEWAY Bedienungsanleitung

Web Server Management: Running Apache 2 on RedHat LinuxBob DowlingUniversity of Cambridge Computing [email protected]

Chapter 1. Installing the softwarecgi−binerrorhtmlicons*.html.varincludebottom.htmlspacer.htmltop.htmlusagemsfree.pngwebalizer.png*.png/var/wwwFigure

Chapter 1. Installing the software• /usr/bin/ab: This a stress-tester for the web server. Please do not stress-testpeople’s servers without their expl

Chapter 1. Installing the software# cd# /etc/init.d/httpd startStarting httpd: [ OK ]Figure 1-12. Manually starting the web serverIf you take this eas

Chapter 1. Installing the softwareWarningusermod’s -G option sets the user’s groups. It does not add tothem. You must quote all the user’s groups. Any

Chapter 1. Installing the software10

Chapter 2. The site’s designThis chapter will describe the design of a web site that we will set as our goal for thiscourse and discuss a small amount

Chapter 2. The site’s designMultiple addresses:A single system need not have a single IP address. It can have many and each canhave a different web si

Chapter 2. The site’s designHost: noether.csi.cam.ac.ukThe second line indicates which server the query was addressed to. It is thiselement of the que

Chapter 2. The site’s designKeep-Alive: 300This instructs the server to keep the connection alive for 300 seconds in casethere are any more requests.

Chapter 3. Getting startedClean slate:We will start by removing the existing configuration script. This may seem dramaticbut this course seeks to expla

Web Server Management: Running Apache 2 on Red Hat Linuxby Bob DowlingInstallation:This course will first illustrate how to load the Apache 2 package o

Chapter 3. Getting startedWe will start by detailing an absolutely minimal configuration file that gets the serverlaunched but nothing else.Listen 80Fig

Chapter 3. Getting startedListen 80User apacheGroup apacheServerRoot /etc/httpdOptions NoneFigure 3-8. httpd.conf: Minimal versionSyntax summary: Gett

Chapter 3. Getting startedreason the parent decides whether or not to replace it. (If they have all been idle forthe past 48 hours it may decide that

Chapter 3. Getting startedentitled to update the sites.# cd /var/www# mkdir CHALK CHEESE# groupadd -r chalk# groupadd -r cheese# chgrp chalk CHALK# ch

Chapter 3. Getting startedServerNameThis sets the name of the server for the virtual host. If a query’s Host: headerdoes not match this then the virtu

Chapter 3. Getting startedstopStops the web server.restartStops and starts the web server.condrestartStops and starts the web server if the PID file ex

Chapter 3. Getting started22

Chapter 4. Supporting MIME typesMIME types:We will start with a very brief discussion about what MIME types are and in partic-ular what MIME content t

Chapter 4. Supporting MIME typesContent analysisThe first is to look in the file’s content and deduce the MIME content type from thecontent.You can see

Chapter 4. Supporting MIME typesLoading and using the MIME moduleModules:All the various elements of web server functionality are split out into modul

Table of Contents1. Installing the software...1The w

Chapter 4. Supporting MIME typesFigure 4-7. chalk.dept.cam.ac.uk index page as HTMLSyntax summary: Loading modulesLoadModule library.so nameLoad the m

Chapter 5. Symbolic linksSymbolic linksIt is demonstrated that the web server does not follow symbolic links unless explicitlydirected to do so.Option

Chapter 5. Symbolic linksFigure 5-2. We are forbidden to access main.htmlTo instruct the web server to follow symbolic links we need to set an option.

Chapter 5. Symbolic linksFigure 5-4. We are permitted to access main.htmlBecause symbolic links might be used to circumvent access controls in the web

Chapter 5. Symbolic links30

Chapter 6. Handling directoriesDirectory URLsSome URLs (typically those that end in /) correspond to directories rather than plainfiles. We need to det

Chapter 6. Handling directoriesThere are two solutions to this issue. The first, and simplest, is to nominate a filename(such as index.html) and instruc

Chapter 6. Handling directoriesSyntax summary: dir_moduleDirectoryIndexSpecify the documents to be searched for given a directory query.Document names

Chapter 6. Handling directoriesSeveral options we will meet rely on a specific module and their use must follow theLoadModule lin in the configuration fi

Chapter 6. Handling directoriesFigure 6-9. The fancy index of /Columns in default fancy index• Name• Size• Last modified• DescriptionThe layout of this

iv

Chapter 6. Handling directoriesFigure 6-10. A populated cheese.dept.cam.ac.uk websiteManipulating columnsWe will start by making some use of the Descr

Chapter 6. Handling directoriesFigure 6-12. The cheese.dept.cam.ac.uk website with descriptionsNext, we will remove unwanted columns. For the sake or

Chapter 6. Handling directoriesFigure 6-14. The displayed listing with columns suppressedFinally, we will look at modifying the widths of the various

Chapter 6. Handling directoriesscription of the file if it would push the row beyond this point and indicates the trun-cation with a “>”. There are

Chapter 6. Handling directoriesFigure 6-18. Unwanted files in the listingIndexIgnore "#*#" "*~"Figure 6-19. httpd.conf: Ignoring ce

Chapter 6. Handling directoriesFigure 6-20. Unwanted files removed from the listingWarningJust because a file name is not in the listing does not mean t

Chapter 6. Handling directoriesFigure 6-22. Putting subdirectories first in the listingNote: By now you may be starting to get confused about when a fa

Chapter 6. Handling directoriesthem in directory listings. The auto-indexing module provides a slew of commandsfor this purpose. The trick to producin

Chapter 6. Handling directoriesAddIcon /icons/dir.gif "^^DIRECTORY^^"AddIcon /icons/back.gif ".."AddAlt "Directory" &quo

Chapter 6. Handling directoriesTo add HTML above the listing the configuration must identify a header file. This filemust have a name that identifies it a

Chapter 1. Installing the softwarePackages:We will describe the packages that Red Hat install if you request the Web Server groupat installation. We w

Chapter 6. Handling directories</head><body bgcolor="#ffffff" text="#000000"link="#003399" alink="#cc0000&

Chapter 6. Handling directoriesIndexOptions ... HTMLTable ...Figure 6-34. httpd.conf: Using HTML tables for the indexFigure 6-35. The listing in HTML

Chapter 6. Handling directoriesAddIconByType icon mime_type (f)Specifies the icon that should be used for a particlar MIME content type. TheMIME conten

Chapter 6. Handling directoriesFoldersFirstList the subdirectories before the plain files.SuppressHTMLPreambleInstructs the web server not to create th

Chapter 6. Handling directoriesLoadModule dir_module modules/mod_dir.soDirectoryIndex index.htmlLoadModule autoindex_module modules/mod_autoindex.soIn

Chapter 7. LoggingError logWe will examine the error log to see what is logged and to change the amount oflogging done.log_config_moduleWe will load an

Chapter 7. Logging[Mon Mar 24 09:50:58 2003] [notice] caught SIGTERM, shutting downFigure 7-2. error_log: Shutting downAnalogous to SIGHUP is SIGTERM

Chapter 7. LoggingSyntax error on line 10 of /etc/httpd/conf/httpd.conf:Invalid directory indexing optionFigure 7-4. error_log: Unformatted error mess

Chapter 7. LoggingThis provides us with one particularly useful command: CustomLog. This allows usto specify what information to record and where to r

Chapter 7. Logging• There is no record of whether chalk.dept.cam.ac.uk or cheese.dept.cam.ac.uk wasqueried.• The hostnames are addresses, not namesThe

Chapter 1. Installing the softwarephp-ldapThis package provides the hooks for PHP to perform lookups in LDAP directo-ries.php-pgsqlThis package provid

Chapter 7. LoggingThe escape sequences used in the Common Log Format%hThe client’s hostname%lIf the web server was doing IDENT (RFCnnnn) lookups then

Chapter 7. LoggingFinding bad linksMost browsers also include a query header Referer: which contains the URL of thepage that contain the link the user

Chapter 7. LoggingThe three commands that specify how often rotation should take place are daily,weekly and monthly.rotate 4Keep four sets of log files

Chapter 7. Logging/bin/kill -HUP ‘cat /var/run/httpd.pid 2>/dev/null‘ 2> /dev/null || trueThis messy command sends a SIGHUP signal to the master

Chapter 7. Logging# mkdir /var/www/CHALK/usage# mkdir /var/www/CHEESE/usage# chmod g+ws /var/www/CHALK/usage# chmod g+ws /var/www/CHEESE/usageFigure 7

Chapter 7. LoggingWe need to run it multiple times for our various web sites using its command lineoption to select non-standard configuration files.#!/

Chapter 7. Logging62

Chapter 8. Users’ own web pagesuserdir_moduleWe will introduce the relevant module and the single command it provides.Simple useWe will start with the

Chapter 8. Users’ own web pageslooking for. Only the last entry in the list is allowed to be a redirection to anotherserver (i.e. a URL) because when

Chapter 9. Delegated control<Directory>Applying a specialised set of commands just to a subdirectory of a web site from thehttpd.conf file.Includ

Chapter 1. Installing the software$ \/bin/su -Password: password#Figure 1-1. Changing to be rootUnix Support keeps the Red Hat distributions on an NFS

Chapter 9. Delegated controlFigure 9-2. The games directoryWe can turn indexing off with the Options command as follows.<VirtualHost *>ServerNam

Chapter 9. Delegated controlFigure 9-4. Not the games directoryThe Options command sets various parameters that basically control whether a mod-ule’s

Chapter 9. Delegated controltells of its origins; it was used to set the access rights for a directory tree. It is, however,a fully generic delegated

Chapter 9. Delegated controlAllowOverride IndexesThe delegated configuration file is allowed to run the IndexOptions commandand all the commands that mo

Chapter 9. Delegated control70

Chapter 10. Access controlTwo waysThere are two ways to do access control: by the location of the client and by theidentity of the user operating the

Chapter 10. Access controlAccess control by client IP addressAs ever, this functionality is provided by a module: access_module from librarymod_access

Chapter 10. Access controlquery redirected through a web proxy or cache will have the address of the webproxy or cache.Allow from 131.111Access is all

Chapter 10. Access controlWhat we need to know is how to set up the server so that userids and passwords areknown to the server and certain pages are

Chapter 10. Access controlNow that we have a way to identify users we need to specify policies. As with ac-cess_module the restrictions on access can

Chapter 1. Installing the software# cd RedHat/RPMS# ls4Suite-0.11.1-10.i386.rpma2ps-4.13b-24.i386.rpmabiword-1.0.2-6.i386.rpm...zlib-1.1.4-4.i386.rpmz

Chapter 10. Access controlFigure 10-8. The userid and password challengeNote that the prompt contains the phrase “Restricted area”. That text comes di

Chapter 10. Access control<Directory /var/www/CHEESE/games>AuthType BasicAuthName "Cheese lovers only"AuthUserFile /etc/httpd/access/p

Chapter 10. Access control$ touch /etc/httpd/access/digest_pw$ htdigest /etc/httpd/access/digest_pw "Cheese lovers only" rjd4Adding user rjd

Chapter 10. Access controlSatisfy any</Directory>Figure 10-15. Mixed restrictionsThe two worlds of access control are joined by the Satisfy comm

Chapter 10. Access control80

Chapter 11. ConclusionWhat’s next?University Computing Service courses that have this course as a prerequisite.Tidying upSome re-ordering of the final

Chapter 11. Conclusion# Put a header file above the listingHeaderName HEADER.html# Set up aliasingAlias /icons/ /var/www/icons/# Set up iconsAddIconBy

Chapter 11. ConclusionNameVirtualHost *<VirtualHost *>ServerName chalk.dept.cam.ac.ukDocumentRoot /var/www/CHALKCustomLog logs/chalk.log clf<

Chapter 11. ConclusionCGI Scripting for Programmers: IntroductionThe Common Gateway Interface (CGI) underlies much of the modern web. It pro-vides the

Appendix A. Apache modulesThis lists the modules shipped with Red Hat Linux’s packages.Table A-1. Modules shipped as part of the base httpd package.Li

Chapter 1. Installing the softwareChanges made to the systemWe should quickly examine what changes have been made to the system by the in-stallation o

Appendix A. Apache modulesLibrary Module name Descriptionmod_info.so info_module Lets the server report on itsconfiguration via a web request.mod_log_c

Appendix A. Apache modulesTable A-2. Modules shipped as part of other packages.Package Library Module namemod_auth_mysql mod_auth_mysql.so mysql_auth_

Appendix A. Apache modules88

Appendix B. Reference information for loggingTable B-1. Escape sequences for custom logs%% How to get “%” in the log line. Why would you want to?%a Cl

Appendix B. Reference information for loggingTable B-2. HTTP status codes100 Continue101 Switching protocols200 OK201 Created202 Accepted203 Nonauthor

Appendix B. Reference information for loggingNotes1. http://www.w3.org/Protocols/rfc2616/rfc2616.html91

Appendix B. Reference information for logging92