New FreeBSD 4.4 user needs help. Bunch of Qs

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Chest Rockwel » Wed, 13 Mar 2002 17:19:47



I tried setting up the webserver when I installed the OS.  For some reason,
it didn't install.  I tried adding apache and mysql, but when it gets to
mysql, it gives the error 'Add of pkg mysql-server-3.23.42 aborted, error
code 1 - please check debug screen for more info.

Could anyone tell me what I'm doing wrong?  Where do I go to check the error
code?

I checked the /usr/local dir and there isn't a www dir so I guess that means
that apache didn't install either.

What do I need todo to install a web server with php, mysql, asp support.

Then where is the best place to find out how to secure my machine?  I've
checked out about 3 diff articles and I've done everything they've said.  Is
there a 'best' place to find out how to secure it?

And how do I copy files from a local cd?

Sorry for all the Qs.  I have looked for this stuff but haven't been able to
find it.

Jason
uin 1401272

 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Chest Rockwel » Wed, 13 Mar 2002 17:43:01


Whooops, 2 more things...

I think that I read that there might be problems setting up a webserver when
you have your securelevel enabled in /etc/rc.conf.  I do and have it set to
2.  Does this change anything?

And what kind of groups would I setup so that I could allow users to logon,
but not let them go into other peoples dirs.  Right now, all users can
enter, download, move etc other users files.  This isn't good.  I found an
article on how to set them up, but I need a real world example.

Any help you guys can give would be GREATLY appreciated.

J


Quote:> I tried setting up the webserver when I installed the OS.  For some
reason,
> it didn't install.  I tried adding apache and mysql, but when it gets to
> mysql, it gives the error 'Add of pkg mysql-server-3.23.42 aborted, error
> code 1 - please check debug screen for more info.

> Could anyone tell me what I'm doing wrong?  Where do I go to check the
error
> code?

> I checked the /usr/local dir and there isn't a www dir so I guess that
means
> that apache didn't install either.

> What do I need todo to install a web server with php, mysql, asp support.

> Then where is the best place to find out how to secure my machine?  I've
> checked out about 3 diff articles and I've done everything they've said.
Is
> there a 'best' place to find out how to secure it?

> And how do I copy files from a local cd?

> Sorry for all the Qs.  I have looked for this stuff but haven't been able
to
> find it.

> Jason
> uin 1401272


 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Devon Rya » Wed, 13 Mar 2002 19:31:44



> I tried setting up the webserver when I installed the OS.  For some reason,
> it didn't install.  I tried adding apache and mysql, but when it gets to
> mysql, it gives the error 'Add of pkg mysql-server-3.23.42 aborted, error
> code 1 - please check debug screen for more info.

> Could anyone tell me what I'm doing wrong?  Where do I go to check the error
> code?

You might try adding one at a time to see which package is causing the
error.  I assume you're using /stand/sysinstall so are you having it
grab stuff from a cd or what?  If so, make sure that the file(s) on it
are good.  You might also try just using pkg_add to install things.  man
pkg_add for more details.

Quote:> I checked the /usr/local dir and there isn't a www dir so I guess that means
> that apache didn't install either.

> What do I need todo to install a web server with php, mysql, asp support.

Yea, that seems to indicate no apache.  You can use pkg_info to see what
ports/packages have been installed.

Quote:> Then where is the best place to find out how to secure my machine?  I've
> checked out about 3 diff articles and I've done everything they've said.  Is
> there a 'best' place to find out how to secure it?

I don't know of any particularly good site.  The general scheme is to
close/shutdown anything you aren't using, disable all unencrypted
logins, and keep things patched.  This of course means that you should
upgrade to 4.5 as there are some things in 4.4 that should be brought up
to date (like the openssh local exploit).  You might consider reading
chapter 18 of the handbook as using cvsup and then recompiling tends to
be a pretty painless way of upgrading.

Quote:> And how do I copy files from a local cd?

First you need to mount the cd, and then you can copy stuff.  To mount a
  cd (assuming you have an IDE cdrom and /cdrom exists and is what you
want to use as the mount point):
mount -t cd9660 /dev/acd0c /cdrom
You need to be root for that of course.  You can then switch back to a
regular user and copy things over with cp.

Quote:> Sorry for all the Qs.  I have looked for this stuff but haven't been able to
> find it.

I recommend reading the handbook as a fair amount of your questions are
covered there.

--

Biology/Neuroscience, Pre-med | http://home.uchicago.edu/~dpryan


 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Devon Rya » Wed, 13 Mar 2002 19:43:31



> Whooops, 2 more things...

> I think that I read that there might be problems setting up a webserver when
> you have your securelevel enabled in /etc/rc.conf.  I do and have it set to
> 2.  Does this change anything?

I don't think you'll have a problem with a securelevel of 2.  Basically,
  you just can't alter system flags (which is good for security) unmount
and then mount drives or change the time by more than 1 second.

Quote:

> And what kind of groups would I setup so that I could allow users to logon,
> but not let them go into other peoples dirs.  Right now, all users can
> enter, download, move etc other users files.  This isn't good.  I found an
> article on how to set them up, but I need a real world example.

Just "chmod 700" their home directories.  That will allow them to do
whatever they want (assuming they own their home directory...which they
should) and won't let anyone else see what's inside.

--

Biology/Neuroscience, Pre-med | http://home.uchicago.edu/~dpryan


 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Mar » Thu, 14 Mar 2002 02:02:18


On Tue, 12 Mar 2002 02:43:01 -0600, "Chest Rockwell"


>And what kind of groups would I setup so that I could allow users to logon,
>but not let them go into other peoples dirs.  Right now, all users can
>enter, download, move etc other users files.  This isn't good.  I found an
>article on how to set them up, but I need a real world example.

I found out how to prevent a specific user from doing that (assuming
you mean through ftp not telnet) and that was by adding their userid
to /etc/ftpchroot, but I don't know how to do it for a group...

HIH

Marc

 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Jaso » Thu, 14 Mar 2002 02:18:55


I did read the book but I keep running into problems.  For instance, I tried
mounting the cdrom by trying 'mount -t cd9660 -o -ro /dev/acd0c /cdrom' and
then I just tried what you said to try.  Both said that the device was busy.
I tried editing the fstab...  took out the ',noauto' but it wont boot up.
Says that the device is busy then halts.

Same problem I had when I got to the post installation portion of the book.
It said to

mkdir /usr/var
cd /var
tar cf - . | (cd /usr/var; tar xf - )
cd /
rm -rf /var
ln -s /usr/var /var

when I get to the rm -rf /var command, it says that it can't remove that dir
because it's in use.  Can anyone tell me why this is not working for me  =(

 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Jaso » Thu, 14 Mar 2002 05:26:51


Quote:> Just "chmod 700" their home directories.  That will allow them to do
> whatever they want (assuming they own their home directory...which they
> should) and won't let anyone else see what's inside.

Is there a way to make the new usr dirs automatically be chmod'd to 700 ?
 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Paul Southwor » Thu, 14 Mar 2002 05:35:01



>> Just "chmod 700" their home directories.  That will allow them to do
>> whatever they want (assuming they own their home directory...which they
>> should) and won't let anyone else see what's inside.

>Is there a way to make the new usr dirs automatically be chmod'd to 700 ?

Sure, if you're using adduser to create them, you just need
to edit /usr/sbin/adduser (which is a perl script) and change
the mode applied to the directory...

    system("chmod -R u+wrX,go-w $homedir");

Might become...

    system("chmod -R u+wrX,go-w $homedir");
    system("chmod 0700 $homedir");

Or alternatively...

    system("chmod -R u+wrX,go-rwx $homedir");

There does not appear to be an adduser.conf option to control this.

--Paul

 
 
 

New FreeBSD 4.4 user needs help. Bunch of Qs

Post by Jaso » Thu, 14 Mar 2002 13:12:34


Great, thx for the help.




> >> Just "chmod 700" their home directories.  That will allow them to do
> >> whatever they want (assuming they own their home directory...which they
> >> should) and won't let anyone else see what's inside.

> >Is there a way to make the new usr dirs automatically be chmod'd to 700 ?

> Sure, if you're using adduser to create them, you just need
> to edit /usr/sbin/adduser (which is a perl script) and change
> the mode applied to the directory...

>     system("chmod -R u+wrX,go-w $homedir");

> Might become...

>     system("chmod -R u+wrX,go-w $homedir");
>     system("chmod 0700 $homedir");

> Or alternatively...

>     system("chmod -R u+wrX,go-rwx $homedir");

> There does not appear to be an adduser.conf option to control this.

> --Paul

 
 
 

1. installing a new HDD[NEWBIE]{FreeBSD 4.4}

I recently got a new hard drive it is on an IDE expansion card in the
primary master position.  This is ad2a, correct?  when i try to "fdisk
/dev/ad2a" i get an error "fdisk: fdisk cannot open disk /dev/ad2a".
Do i need to configure my IDE card? if so how?  The card was in the
com last time i rebuilt the kernal and /dev/ad2* devices did already
exist.

2. Hard Disk Crash ... help?

3. New FreeBSD-stable 4.4 release?

4. SVR4 /bin/sh BUG

5. OSS for FreeBSD 4.4 license file needed

6. Can't play sound: "Device not configured"

7. New FreeBSD User Needs A Little Help

8. News Reporters needed for new WebSite

9. New FreeBSD user needs help booting

10. HELP, newbie can't delete previous install of FreeBSD 4.4!

11. problems with FreeBSD 4.4-stable- HELP

12. FreeBSD 4.4 Rel + KDE 2.2 Help

13. Please HELP - KDE XFree86 4.1 FreeBSD 4.4