Server/SRS28: Unterschied zwischen den Versionen

Aus Wiki StuRa HTW Dresden
Zur Navigation springen Zur Suche springen
KKeine Bearbeitungszusammenfassung
 
(4 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
== Ports ==
Auf die Schnelle:
* Jail, die auf [[srs2342]] (mit veraltetem [[FreeBSD]])
* ist nicht in Betrieb
* diente für das hosting von Websites zu Projekten, auch mit anderen [[StuRä]]


=== installierte Ports ===
== [[Server/Jails/SRS28/Ports |Ports]] ==
* [[#apache22 | apache22]]
* [[#apr | apr]]
* autoconf
* autoconf-wrapper
* automake
* automake-wrapper
* db41
* db42
* expat
* [[#gdbm | gdbm]]
* gettext
* gmake
* [[Server/Jails#help2man | help2man]]
* libsigsegv
* [[Server/Jails#libiconv | libiconv]]
* libtool
* libxml2
* [[Server/Jails#m4| m4]]
* p5-Locale-gettext
* [[Server/Jails#pcre | pcre]]
* [[Server/Jails#perl | perl-threaded]]
* [[#php5 | php5]]
* pkgconf
* [[Server/Jails#portupgrade | portupgrade]]
* [[#python27 | python27]]
* [[Server/Jails#ruby | ruby]]
* ruby18-bdb
* [[#sudo | sudo]]
* [[Server/Jails#zsh | zsh]]


{{:Server/Jails/SRS28/Ports}}


=== konfigurierte Ports ===
== zusätzliche Konfigurationsdateien ==


==== apache22 ====
=== Jail ===


<code>
==== /etc/rc.conf ====
OPTIONS_FILE_SET+=AUTH_BASIC
OPTIONS_FILE_SET+=AUTH_DIGEST
OPTIONS_FILE_SET+=AUTHN_ALIAS
OPTIONS_FILE_SET+=AUTHN_ANON
OPTIONS_FILE_UNSET+=AUTHN_DBD
OPTIONS_FILE_SET+=AUTHN_DBM
OPTIONS_FILE_SET+=AUTHN_DEFAULT
OPTIONS_FILE_SET+=AUTHN_FILE
OPTIONS_FILE_SET+=AUTHZ_DBM
OPTIONS_FILE_SET+=AUTHZ_DEFAULT
OPTIONS_FILE_SET+=AUTHZ_GROUPFILE
OPTIONS_FILE_SET+=AUTHZ_HOST
OPTIONS_FILE_SET+=AUTHZ_OWNER
OPTIONS_FILE_SET+=AUTHZ_USER
OPTIONS_FILE_UNSET+=AUTHNZ_LDAP
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_UNSET+=DBD
OPTIONS_FILE_SET+=CACHE
OPTIONS_FILE_SET+=DISK_CACHE
OPTIONS_FILE_SET+=FILE_CACHE
OPTIONS_FILE_SET+=MEM_CACHE
OPTIONS_FILE_SET+=DAV
OPTIONS_FILE_SET+=DAV_FS
OPTIONS_FILE_UNSET+=DAV_LOCK
OPTIONS_FILE_SET+=ACTIONS
OPTIONS_FILE_SET+=ALIAS
OPTIONS_FILE_SET+=ASIS
OPTIONS_FILE_SET+=AUTOINDEX
OPTIONS_FILE_SET+=CERN_META
OPTIONS_FILE_UNSET+=CGI
OPTIONS_FILE_UNSET+=CGID
OPTIONS_FILE_SET+=CHARSET_LITE
OPTIONS_FILE_SET+=DEFLATE
OPTIONS_FILE_SET+=DIR
OPTIONS_FILE_SET+=DUMPIO
OPTIONS_FILE_SET+=ENV
OPTIONS_FILE_SET+=EXPIRES
OPTIONS_FILE_SET+=HEADERS
OPTIONS_FILE_SET+=IMAGEMAP
OPTIONS_FILE_SET+=INCLUDE
OPTIONS_FILE_SET+=INFO
OPTIONS_FILE_SET+=LOG_CONFIG
OPTIONS_FILE_SET+=LOGIO
OPTIONS_FILE_SET+=MIME
OPTIONS_FILE_SET+=MIME_MAGIC
OPTIONS_FILE_SET+=NEGOTIATION
OPTIONS_FILE_SET+=REWRITE
OPTIONS_FILE_SET+=SETENVIF
OPTIONS_FILE_SET+=SPELING
OPTIONS_FILE_SET+=STATUS
OPTIONS_FILE_UNSET+=UNIQUE_ID
OPTIONS_FILE_UNSET+=USERDIR
OPTIONS_FILE_UNSET+=USERTRACK
OPTIONS_FILE_SET+=VHOST_ALIAS
OPTIONS_FILE_SET+=FILTER
OPTIONS_FILE_UNSET+=SUBSTITUTE
OPTIONS_FILE_SET+=VERSION
OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_UNSET+=SUEXEC
OPTIONS_FILE_UNSET+=SUEXEC_RSRCLIMIT
OPTIONS_FILE_UNSET+=SUEXEC_USERDIR
OPTIONS_FILE_SET+=REQTIMEOUT
OPTIONS_FILE_SET+=PROXY
OPTIONS_FILE_UNSET+=IPV4_MAPPED
OPTIONS_FILE_UNSET+=BUCKETEER
OPTIONS_FILE_UNSET+=CASE_FILTER
OPTIONS_FILE_UNSET+=CASE_FILTER_IN
OPTIONS_FILE_UNSET+=EXT_FILTER
OPTIONS_FILE_UNSET+=LOG_FORENSIC
OPTIONS_FILE_UNSET+=OPTIONAL_HOOK_EXPORT
OPTIONS_FILE_UNSET+=OPTIONAL_HOOK_IMPORT
OPTIONS_FILE_UNSET+=OPTIONAL_FN_IMPORT
OPTIONS_FILE_UNSET+=OPTIONAL_FN_EXPORT
OPTIONS_FILE_UNSET+=PROXY_AJP
OPTIONS_FILE_UNSET+=PROXY_BALANCER
OPTIONS_FILE_SET+=PROXY_CONNECT
OPTIONS_FILE_UNSET+=PROXY_FTP
OPTIONS_FILE_SET+=PROXY_HTTP
OPTIONS_FILE_UNSET+=PROXY_SCGI
</code>
 
==== apr ====
 
<code>
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=DEVRANDOM
OPTIONS_FILE_SET+=BDB
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_UNSET+=MYSQL
OPTIONS_FILE_UNSET+=NDBM
OPTIONS_FILE_UNSET+=PGSQL
OPTIONS_FILE_UNSET+=SQLITE
</code>
 
==== gdbm ====
 
<code>
WITHOUT_COMPAT=true
</code>
 
==== [[Server/Jails#help2man | help2man]] ====
 
==== [[Server/Jails#libiconv | libiconv]] ====
 
==== [[Server/Jails#m4| m4]] ====
 
==== [[Server/Jails#pcre | pcre]] ====
 
==== [[Server/Jails#perl | perl-threaded]] ====
 
==== php5 ====
 
<code>
OPTIONS_FILE_SET+=CLI
OPTIONS_FILE_SET+=CGI
OPTIONS_FILE_UNSET+=FPM
OPTIONS_FILE_UNSET+=APACHE
OPTIONS_FILE_UNSET+=AP2FILTER
OPTIONS_FILE_SET+=EMBED
OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_UNSET+=DTRACE
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=MAILHEAD
OPTIONS_FILE_SET+=LINKTHR
</code>
 
==== [[Server/Jails#portupgrade | portupgrade]] ====
 
==== python27 ====
 
<code>
OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4
</code>
 
==== [[Server/Jails#ruby | ruby]] ====
 
==== sudo ====
 
<code>
OPTIONS_FILE_SET+=AUDIT
OPTIONS_FILE_UNSET+=DISABLE_AUTH
OPTIONS_FILE_SET+=DISABLE_ROOT_SUDO
OPTIONS_FILE_UNSET+=INSULTS
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=NOARGS_SHELL
OPTIONS_FILE_UNSET+=OPIE
</code>
 
==== [[Server/Jails#zsh | zsh]] ====
 
=== zusätzliche Konfigurationsdateien ===
 
==== Jail ====
 
===== /etc/rc.conf =====


  <code>
  <code>
Zeile 211: Zeile 19:
  </code>
  </code>


==== apache ====
== Konfiguration der Programme ==
 
=== apache ===


===== httpd.conf =====
==== httpd.conf ====


  <code>
  <code>
Zeile 263: Zeile 73:
  </code>
  </code>


==== sshd ====
=== sshd ===


===== sshd_config =====
==== sshd_config ====


  <code>
  <code>

Aktuelle Version vom 25. Februar 2018, 16:36 Uhr

Auf die Schnelle:

  • Jail, die auf srs2342 (mit veraltetem FreeBSD)
  • ist nicht in Betrieb
  • diente für das hosting von Websites zu Projekten, auch mit anderen StuRä

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

ca_root_nss[Bearbeiten]

OPTIONS_FILE_UNSET+=ETCSYMLINK

freetype2[Bearbeiten]

OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE
OPTIONS_FILE_UNSET+=LCD_FILTERING

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST

libxslt[Bearbeiten]

OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_UNSET+=MEM_DEBUG

png[Bearbeiten]

OPTIONS_FILE_SET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

zusätzliche Konfigurationsdateien[Bearbeiten]

Jail[Bearbeiten]

/etc/rc.conf[Bearbeiten]


apache22_enable="YES"
sshd_enable="YES"

Konfiguration der Programme[Bearbeiten]

apache[Bearbeiten]

httpd.conf[Bearbeiten]


…
LoadModule php5_module        libexec/apache22/libphp5.so

<IfModule php5_module>
   DirectoryIndex index.php index.php5 index.html
   AddType application/x-httpd-php .php
   AddType application/x-httpd-php-source .phps
</IfModule>
…
ServerAdmin <admin[at]domain.tld>
…
ServerName <Jail-IP>
…
DocumentRoot "/usr/local/www/data"
…
<Directory "/usr/local/www/data/website">
   #
   # Possible values for the Options directive are "None", "All",
   # or any combination of:
   #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
   #
   # Note that "MultiViews" must be named *explicitly* --- "Options All"
   # doesn't give it to you.
   #
   # The Options directive is both complicated and important.  Please see
   # http://httpd.apache.org/docs/2.2/mod/core.html#options
   # for more information.
   #
   Options Indexes FollowSymLinks
   DirectoryIndex index.php index.php5 index.html
   #
   # AllowOverride controls what directives may be placed in .htaccess files.
   # It can be "All", "None", or any combination of the keywords:
   #   Options FileInfo AuthConfig Limit
   #
   AllowOverride All

   #
   # Controls who can get stuff from this server.
   #
   Order allow,deny
   Allow from all

</Directory>
…

sshd[Bearbeiten]

sshd_config[Bearbeiten]


…
Port <PORTNUMMER>
…
ListenAddress 0.0.0.0
…
LoginGraceTime 1m
PermitRootLogin no
StrictModes yes
MaxAuthTries 3
MaxSessions 4
AllowUsers <die mit der richtigen permisse> #nur durch leerzeichen trennen
…
Match User <Username>
       ChrootDirectory /usr/local/www/data
       ForceCommand internal-sftp
       AllowTcpForwarding no
       X11Forwarding no
…

Siehe auch[Bearbeiten]