Very Computer

I tried setting up the webserver when I installed the OS.  For some reason,
it didn't install.  I tried adding apache and mysql, but when it gets to
mysql, it gives the error 'Add of pkg mysql-server-3.23.42 aborted, error
code 1 - please check debug screen for more info.

Could anyone tell me what I'm doing wrong?  Where do I go to check the error
code?

I checked the /usr/local dir and there isn't a www dir so I guess that means
that apache didn't install either.

What do I need todo to install a web server with php, mysql, asp support.

Then where is the best place to find out how to secure my machine?  I've
checked out about 3 diff articles and I've done everything they've said.  Is
there a 'best' place to find out how to secure it?

And how do I copy files from a local cd?

Sorry for all the Qs.  I have looked for this stuff but haven't been able to
find it.

Jason
uin 1401272

Whooops, 2 more things...

I think that I read that there might be problems setting up a webserver when
you have your securelevel enabled in /etc/rc.conf.  I do and have it set to
2.  Does this change anything?

And what kind of groups would I setup so that I could allow users to logon,
but not let them go into other peoples dirs.  Right now, all users can
enter, download, move etc other users files.  This isn't good.  I found an
article on how to set them up, but I need a real world example.

Any help you guys can give would be GREATLY appreciated.

J

Quote:> I tried setting up the webserver when I installed the OS.  For some
reason,
> it didn't install.  I tried adding apache and mysql, but when it gets to
> mysql, it gives the error 'Add of pkg mysql-server-3.23.42 aborted, error
> code 1 - please check debug screen for more info.

> Could anyone tell me what I'm doing wrong?  Where do I go to check the
error
> code?

> I checked the /usr/local dir and there isn't a www dir so I guess that
means
> that apache didn't install either.

> What do I need todo to install a web server with php, mysql, asp support.

> Then where is the best place to find out how to secure my machine?  I've
> checked out about 3 diff articles and I've done everything they've said.
Is
> there a 'best' place to find out how to secure it?

> And how do I copy files from a local cd?

> Sorry for all the Qs.  I have looked for this stuff but haven't been able
to
> find it.

> Jason
> uin 1401272

You might try adding one at a time to see which package is causing the
error.  I assume you're using /stand/sysinstall so are you having it
grab stuff from a cd or what?  If so, make sure that the file(s) on it
are good.  You might also try just using pkg_add to install things.  man
pkg_add for more details.

Quote:> I checked the /usr/local dir and there isn't a www dir so I guess that means
> that apache didn't install either.

> What do I need todo to install a web server with php, mysql, asp support.

Yea, that seems to indicate no apache.  You can use pkg_info to see what
ports/packages have been installed.

Quote:> Then where is the best place to find out how to secure my machine?  I've
> checked out about 3 diff articles and I've done everything they've said.  Is
> there a 'best' place to find out how to secure it?

I don't know of any particularly good site.  The general scheme is to
close/shutdown anything you aren't using, disable all unencrypted
logins, and keep things patched.  This of course means that you should
upgrade to 4.5 as there are some things in 4.4 that should be brought up
to date (like the openssh local exploit).  You might consider reading
chapter 18 of the handbook as using cvsup and then recompiling tends to
be a pretty painless way of upgrading.

Quote:> And how do I copy files from a local cd?

First you need to mount the cd, and then you can copy stuff.  To mount a
  cd (assuming you have an IDE cdrom and /cdrom exists and is what you
want to use as the mount point):
mount -t cd9660 /dev/acd0c /cdrom
You need to be root for that of course.  You can then switch back to a
regular user and copy things over with cp.

Quote:> Sorry for all the Qs.  I have looked for this stuff but haven't been able to
> find it.

I recommend reading the handbook as a fair amount of your questions are
covered there.

--

Biology/Neuroscience, Pre-med | http://home.uchicago.edu/~dpryan

I don't think you'll have a problem with a securelevel of 2.  Basically,
  you just can't alter system flags (which is good for security) unmount
and then mount drives or change the time by more than 1 second.

Quote:

> And what kind of groups would I setup so that I could allow users to logon,
> but not let them go into other peoples dirs.  Right now, all users can
> enter, download, move etc other users files.  This isn't good.  I found an
> article on how to set them up, but I need a real world example.

Just "chmod 700" their home directories.  That will allow them to do
whatever they want (assuming they own their home directory...which they
should) and won't let anyone else see what's inside.

--

Biology/Neuroscience, Pre-med | http://home.uchicago.edu/~dpryan

On Tue, 12 Mar 2002 02:43:01 -0600, "Chest Rockwell"

I found out how to prevent a specific user from doing that (assuming
you mean through ftp not telnet) and that was by adding their userid
to /etc/ftpchroot, but I don't know how to do it for a group...

HIH

Marc

I did read the book but I keep running into problems.  For instance, I tried
mounting the cdrom by trying 'mount -t cd9660 -o -ro /dev/acd0c /cdrom' and
then I just tried what you said to try.  Both said that the device was busy.
I tried editing the fstab...  took out the ',noauto' but it wont boot up.
Says that the device is busy then halts.

Same problem I had when I got to the post installation portion of the book.
It said to

mkdir /usr/var
cd /var
tar cf - . | (cd /usr/var; tar xf - )
cd /
rm -rf /var
ln -s /usr/var /var

when I get to the rm -rf /var command, it says that it can't remove that dir
because it's in use.  Can anyone tell me why this is not working for me  =(

Quote:> Just "chmod 700" their home directories.  That will allow them to do
> whatever they want (assuming they own their home directory...which they
> should) and won't let anyone else see what's inside.

Is there a way to make the new usr dirs automatically be chmod'd to 700 ?

Sure, if you're using adduser to create them, you just need
to edit /usr/sbin/adduser (which is a perl script) and change
the mode applied to the directory...

    system("chmod -R u+wrX,go-w $homedir");

Might become...

    system("chmod -R u+wrX,go-w $homedir");
    system("chmod 0700 $homedir");

Or alternatively...

    system("chmod -R u+wrX,go-rwx $homedir");

There does not appear to be an adduser.conf option to control this.

--Paul

Great, thx for the help.