StuRa:Server/Jails

Aus Wiki StuRa HTW Dresden
(Weitergeleitet von Server/Jails)
Zur Navigation springen Zur Suche springen
  1. freebsd-handbuch:jails-terms
  2. wikipedia:de:FreeBSD#Virtualisierung
  3. bsdforen:howto:jails
Der Artikel Server/SRS2342/Jails dient der dokumentarischen Sammlung aller Jails, welche auf der fetten Elke angelgt sind

Standart Ports und Konfiguration der Jail[Bearbeiten]

  • Standartports sind mit Hilfe des startup.sh-Scriptes installiert worden.

help2man[Bearbeiten]

OPTIONS_FILE_SET+=NLS

libiconv[Bearbeiten]

OPTIONS_FILE_SET+=ENCODINGS
OPTIONS_FILE_UNSET+=PATCHES

m4[Bearbeiten]

 WITH_LIBSIGSEGV=true

pcre[Bearbeiten]

OPTIONS_FILE_SET+=STACK_RECURSION

perl[Bearbeiten]

OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_UNSET+=GDBM
OPTIONS_FILE_SET+=MULTIPLICITY
OPTIONS_FILE_SET+=PERL_64BITINT
OPTIONS_FILE_UNSET+=PERL_MALLOC
OPTIONS_FILE_SET+=PTHREAD
OPTIONS_FILE_UNSET+=SITECUSTOMIZE
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=USE_PERL

portupgrade[Bearbeiten]

OPTIONS_FILE_SET+=DOCS

ruby[Bearbeiten]

OPTIONS_FILE_UNSET+=ONIGURUMA
OPTIONS_FILE_SET+=RDOC
OPTIONS_FILE_UNSET+=DEBUG

zsh[Bearbeiten]

OPTIONS_FILE_UNSET+=DEBUG
OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=GDBM
OPTIONS_FILE_SET+=MAILDIR
OPTIONS_FILE_SET+=MEM
OPTIONS_FILE_SET+=MULTIBYTE
OPTIONS_FILE_SET+=PCRE
OPTIONS_FILE_SET+=SECURE_FREE
OPTIONS_FILE_UNSET+=STATIC

SRS1[Bearbeiten]

Verwendungszweck

Lauft!

Plone[Bearbeiten]

Plone 4.0.5 via UnifiedInstaller installieren.


install.sh --password=<password>  standalone

Plone 4.0.5 to 4.1 fehlgeschlagen

  • im verzeichnis von …/GenericSetup die rolemap.xml angelegt

link : [1]

<?xml version="1.0" encoding="UTF-8"?>
<rolemap>
 <permissions>
   <permission name="ATContentTypes Topic: Add ATBooleanCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATCurrentAuthorCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATDateCriteria" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATDateRangeCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATListCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATPathCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATPortalTypeCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATReferenceCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATRelativePathCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSelectionCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSimpleIntCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSimpleStringCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSortCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="Add portal topics" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="Change portal topics" acquire="True">
      <role name="Editor"/>
    </permission>
 </permissions>
</rolemap>

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

cairo[Bearbeiten]

OPTIONS_FILE_SET+=GLIB
OPTIONS_FILE_UNSET+=OPENGL
OPTIONS_FILE_SET+=X11
OPTIONS_FILE_SET+=XCB

freetype2[Bearbeiten]

OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE
OPTIONS_FILE_UNSET+=LCD_FILTERING

gamin[Bearbeiten]

OPTIONS_FILE_UNSET+=GAM_POLLER
OPTIONS_FILE_UNSET+=LIBINOTIFY
OPTIONS_FILE_SET+=RUN_AS_EUID

gdk-pixbuf2[Bearbeiten]

OPTIONS_FILE_SET+=JASPER
OPTIONS_FILE_SET+=JPEG
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_SET+=PNG
OPTIONS_FILE_SET+=TIFF

jasper[Bearbeiten]

OPTIONS_FILE_UNSET+=OPENGL
OPTIONS_FILE_UNSET+=UUID

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

libevent2[Bearbeiten]

OPTIONS_FILE_SET+=OPENSSL
OPTIONS_FILE_SET+=THREADS

libffi[Bearbeiten]

OPTIONS_FILE_UNSET+=TESTS

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST

libxslt[Bearbeiten]

OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_UNSET+=MEM_DEBUG

lynx[Bearbeiten]

OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_SET+=DEFAULT_COLORS
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS

pango[Bearbeiten]

OPTIONS_FILE_SET+=X11

pixman[Bearbeiten]

OPTIONS_FILE_SET+=SIMD

png[Bearbeiten]

OPTIONS_FILE_SET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

tmux[Bearbeiten]

OPTIONS_FILE_SET+=BACKSPACE
OPTIONS_FILE_SET+=LIBEVENT2
OPTIONS_FILE_UNSET+=LIBEVENT_STATIC

Konfiguration der Programme[Bearbeiten]

Konfiguration Plone[Bearbeiten]

für Backup aktivierung
  • in die buildout.cfg schreiben unter der überschrift [buildout]
########################################## ##
# Parts Specification
#--------------------
# Specifies the components that should be included in the buildout.
# All the basics are in the base.cfg extension; you may add your
# own if you need them at the end of this file.
parts =
   instance
   zopepy
   zopeskel
   unifiedinstaller
   chown
   backup
   repozo
  • [backup] am Schluss hin schreiben und weitere Parameter eintragen (buildout.cfg)
[backup]
recipe = collective.recipe.backup
keep = 4
full = true
debug = false
snapshotlocation = /root/plonebackup/snapshot
backup_blobs = true
blobsnapshotlocation = /root/plonebackup/blobsnapshots
gzip = true
enable_snapshotrestore = false
wenn die Datei repozo.py fehlte (buildout.cfg)
[repozo]
recipe = zc.recipe.egg
eggs = ZODB3
scripts = repozo
/etc/crontab
# Plone inkrementelles Backup
*       23      *       *       6       root    <path/to/plone>/zinstance/bin/backup
# Plone Fullbackup (snapshot)
*       20      5       *       *       root    <path/to/plone>/zinstance/bin/snapshotbackup

Konfiguration Apache22[Bearbeiten]

  • httpd.conf

ServerTokens ProductOnly
ServerSignature Off

  • extra/httpd-vhost.conf

<VirtualHost *:80>

# A sample VirtualHost section for using Apache as a webserver
# instead of Zope.
# ServerName is the url of your website.

ServerName <domain>
# ServerName 127.0.0.1
# Add serverAlias lines for other domain names that should
# point to this website. They will be rewritten by Apache to
# the ServerName, so that anyone going to www.site.com
# will be invisibly redirected to site.com in their browser.

ServerAlias domain

# ServerAdmin is your email address, which shows up on error
# pages when Apache cannot connect to Zope.

ServerAdmin adminmail

# The ProxyPass and ProxyPassReverse lines are the magic
# ingredients. They rewite requests to http://site.com and
# pass the entire request through to Zope on
# http://site.com:8080. The VirtualHostBase ensures that
# when the page goes back to the browser, it goes out through
# Apache, and appears to have come from http://site.com.

# The line is made up from:

# ProxyPass or ProxyPassReverse

# / is the url at http://site.com that you wish to use to
# point to the Zope site. You could keep http://site.com as a
# flat HTML site in Apache, and replace / with /zope to make
# http://site/com/zope point to your zope site.
# http://site.com:8080 is the address that your zope is
# running on.

# /VirtualHostBase/http/site.com:80 makes sure that zope
# *thinks* it is running at http://site.com instead of at
# http://site.com:8080. You don't have to do anything else
# in Zope to make this work.

# /yourplonesite is the location of your Plone Site within Zope.
# If you added a Plone Site into the root of your Zope with an id
# of 'mysite', then you just change this bit to /mysite

# /VirtualHostRoot/ makes your Plone site think it is the root of the site.

ProxyPass / http://127.0.0.1:8080/VirtualHostBase/http/<domain>:80/Plone/VirtualHostRoot/
ProxyPassReverse / http://127.0.0.1:8080/VirtualHostBase/http/<domain>:80/Plone/VirtualHostRoot/

# CacheRoot is the location on the filesystem to store files that
# Apache caches. This directory must be created, and the user that
# Apache runs as must have full write permissions to it.
# It's a bad idea to create this in the /tmp directory, as the
# directory itself will then be deleted when you reboot.

CacheRoot "/var/cache/www.stura.htw-dresden.de"
CacheEnable disk /

# CacheSize determines how big this cache can get in KB. It's a
# good idea that this number is about 30% less than the available
# space in the CacheRoot directory. Here we choose to cache 100MB
# of data, which is enough for a personal website, but not for
# anything larger.
MCacheSize 524288
MCacheMaxObjectCount 100000
MCacheMinObjectSize 1
MCacheMaxObjectSize 200000
# CacheGcInterval specifies how often (in hours) to examine the
# cache and delete obsolete files.
#CacheGcInterval 2

# CacheLastModifiedFactor allows the estimation of an expiry date
# for a page if it doesn't have an expiry-date specified in the
# HTTP headers returned from Zope. This is based on (time since
# last modification * CacheLastModifiedFactor), so that content
# that is ten hours old would be given an expiry date of 1 hour in
# the future.
CacheLastModifiedFactor 0.1

# CacheDefaultExpire sets a default expiry time of 0,5 hour into the
# future for cached pages.
CacheDefaultExpire 0.5

# CacheDirLength sets the number of characters used in directory
# names for subdirectories of CacheRoot
CacheDirLength 3

# The following definitions set expiry times for various content
# types. In this list, each content type defined is cached for a
# maximum period of 1 hour (3600 seconds) before it must be checked
# again. Non-listed content types are not cached.

ExpiresActive On
expiresByType image/ief A3600
ExpiresByType image/tiff A3600
ExpiresByType image/bmp A3600
ExpiresByType image/gif A3600
ExpiresByType image/png A3600
ExpiresByType image/jpeg A3600
ExpiresByType image/x-cmu-raster A3600
ExpiresByType image/x-portable-anymap A3600
ExpiresByType image/x-portable-bitmap A3600
ExpiresByType image/x-portable-graymap A3600
ExpiresByType image/x-portable-pixmap A3600
ExpiresByType image/x-rgb  A3600
ExpiresByType image/x-xbitmap A3600
ExpiresByType image/x-xpixmap A3600
ExpiresByType image/x-xwindowdump A3600
ExpiresByType text/css A3600
ExpiresByType text/javascript A3600
ExpiresByType application/x-javascript A3600
ExpiresByType text/html A3600
ExpiresByType text/xml A3600

# CustomLog "/var/log/www.stura.htw-dresden.de-access_log" common

</VirtualHost>

Konfiguration von Skripten[Bearbeiten]

rc.d scripting Plone[Bearbeiten]

Seit Anbeginn (nun mehrere Jahre) hat der Betrieb von Plone auf srs1 ein großes Manko: Plone startet nicht von allein. Daher musste sich auf srs1 manuell angemeldet werden und Plone musste "von Hand" gestartet werden. Das soll nun anders sein.

$EDITOR /usr/local/etc/rc.d/plone
#!/bin/sh
# PROVIDE: plone
# REQUIRE: LOGIN
# KEYWORD: shutdown

. /etc/rc.subr

name="plone"
rcvar=plone_enable

start_cmd="${name}_start"
stop_cmd="${name}_stop"
restart_cmd="${name}_restart"
status_cmd="${name}_status"

extra_commands="status"

load_rc_config ${name}
#: ${plone_enable:="NO"}

plone_stop()
{
        /usr/local/Plone/zinstance/bin/plonectl stop
}

plone_status()
{
        /usr/local/Plone/zinstance/bin/plonectl status
}

plone_start()
{
        /usr/local/Plone/zinstance/bin/plonectl start
}

plone_restart()
{
        /usr/local/Plone/zinstance/bin/plonectl restart
}

run_rc_command "$1"

Anpassen der Berechtigung für eine Datei für rc.d

chmod 540 /usr/local/etc/rc.d/plone
Kontrollieren der Berechtigung für eine Datei für rc.d
ls -l /usr/local/etc/rc.d/plone
-r-xr-----  1 root  wheel  603 Oct 23 18:34 /usr/local/etc/rc.d/plone

Selbstverständlich bedarf es auch noch dem Eintrag in der rc.conf, um Anzuzeigen, dass plone gestartet werden soll kann.

echo 'plone_enable="YES"' >> /etc/rc.conf

Eigentlich ist die Datei für rc.d relativ simpel. (Der Bezug sind die komplexen Varianten, die rc.d und entsprechende Dateien mit sich brinken können.)

  • /usr/local/Plone/zinstance/bin/plonectl ist die Stelle und Datei zur Verwaltung des Betriebes von Plone. (Woher die Auswahl dieses Stelle stammt ist nicht näher bekannt.)
  • Bei der Entfernung der Auskommentierung bei #: ${plone_enable:="NO"} würde Plone nicht zu Starten der Jail selbst starten. Jedoch wären aber noch alle anderen gewünschten Funktionalitäten von rc.d verfügbar.
  • Folgende Befehle sind nun mittels rc.d verfügbar:
    • service plone stop
      Stoppen von Plone
    • service plone stauts
      Status von Plone ausgeben lassen
    • service plone start
      Starten von Plone
    • service plone restart
      Neustarten von Plone
    .

Läuft!

Weblinks[Bearbeiten]

SRS2[Bearbeiten]

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

dejavu[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=LINKS

gdbm[Bearbeiten]

OPTIONS_FILE_UNSET+=COMPAT

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES

libxslt[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=CRYPTO

png[Bearbeiten]

OPTIONS_FILE_SET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

wget[Bearbeiten]

OPTIONS_FILE_SET+=GNUTLS
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_SET+=OPENSSL
OPTIONS_FILE_SET+=IDN

Konfiguration der Programme[Bearbeiten]

SRS13[Bearbeiten]

Verwendungszweck: MediaWiki für wiki.htw.stura-dresden.de

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

ca_root_nss[Bearbeiten]

OPTIONS_FILE_SET+=ETCSYMLINK

freetype2[Bearbeiten]

OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE
OPTIONS_FILE_UNSET+=LCD_FILTERING

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST

libxslt[Bearbeiten]

OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_UNSET+=MEM_DEBUG

png[Bearbeiten]

OPTIONS_FILE_SET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

zusätzliche Konfigurationsdateien[Bearbeiten]

Jail[Bearbeiten]

/etc/rc.conf[Bearbeiten]


apache22_enable="YES"
mysql_enable="YES"

Konfiguration der Programme[Bearbeiten]

apache[Bearbeiten]

httpd.conf[Bearbeiten]


…
LoadModule php5_module        libexec/apache22/libphp5.so

<IfModule php5_module>
   DirectoryIndex index.php index.php5 index.html
   AddType application/x-httpd-php .php
   AddType application/x-httpd-php-source .phps
</IfModule>
…
ServerAdmin <admin[at]domain.tld>
…
ServerName wiki.htw.stura-dresden.de:80
…
DocumentRoot "</path/to/mediawiki>"
…
#<Directory "/usr/local/www/apache22/data">
   #
   # Possible values for the Options directive are "None", "All",
   # or any combination of:
   #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
   #
   # Note that "MultiViews" must be named *explicitly* --- "Options All"
   # doesn't give it to you.
   #
   # The Options directive is both complicated and important.  Please see
   # http://httpd.apache.org/docs/2.2/mod/core.html#options
   # for more information.
   #
#    Options Indexes FollowSymLinks

   #
   # AllowOverride controls what directives may be placed in .htaccess files.
   # It can be "All", "None", or any combination of the keywords:
   #   Options FileInfo AuthConfig Limit
   #
#    AllowOverride None

   #
   # Controls who can get stuff from this server.
   #
#    Order allow,deny
#    Allow from all

#</Directory>
…
# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf
…
# CustomLog "/var/log/httpd-access.log" combined # comment out Der StuRa speichert nicht!
extra/httpd-vhosts.conf[Bearbeiten]

…
NameVirtualHost 141.56.50.13:80
…
<VirtualHost wiki.htw.stura-dresden.de:80>
   Redirect permanent / http://wiki.stura.htw-dresden.de/
</VirtualHost>

<VirtualHost wiki.stura.htw-dresden.de:80>
   ServerAdmin webmaster@stura.htw-dresden.de
   DocumentRoot "/usr/local/www/sturawiki_1_19_2"
   ServerName wiki.stura.htw-dresden.de
   ServerAlias www.wiki.stura.htw-dresden.de
   <Directory "/usr/local/www/sturawiki_1_19_2">
       Options Indexes FollowSymLinks
       DirectoryIndex index.php index.php5 index.html
       AllowOverride none
       Order allow,deny
       Allow from all
   </Directory>
   ErrorLog "/var/log/wiki-error_log"
#    CustomLog "/var/log/wiki-access_log" common
</VirtualHost>

<VirtualHost wiki.hs-abc.htw.stura-dresden.de:80>
   ServerAdmin webmaster@stura.htw-dresden.de
   DocumentRoot "/usr/local/www/hs-abcwiki_1_19_4"
   ServerName wiki.hs-abc.htw.stura-dresden.de
   ServerAlias www.wiki.hs-abc.htw.stura-dresden.de
   <Directory "/usr/local/www/hs-abcwiki_1_19_4">
       Options Indexes FollowSymLinks
       DirectoryIndex index.php index.php5 index.html
       AllowOverride none
       Order allow,deny
       Allow from all
   </Directory>
   ErrorLog "/var/log/wiki-error_log"
#   CustomLog "/var/log/wiki-access_log" common
</VirtualHost>

<VirtualHost wiki.fzs.stura-dresden.de:80>
   ServerAdmin webmaster@stura.htw-dresden.de
   DocumentRoot "/usr/local/www/fzswiki_1_19_4"
   ServerName wiki.fzs.stura-dresden.de
   ServerAlias www.wiki.fzs.htw.stura-dresden.de
   <Directory "/usr/local/www/fzswiki_1_19_4">
       Options Indexes FollowSymLinks
       DirectoryIndex index.php index.php5 index.html
       AllowOverride none
       Order allow,deny
       Allow from all
   </Directory>
   ErrorLog "/var/log/fzswiki-error_log"
#    CustomLog "/var/log/fzswiki-access_log" common
</VirtualHost>

<VirtualHost fzs-wiki.de:80>
   DocumentRoot "/usr/local/www/fzswiki_1_19_4"
   ServerName wiki.fzs.stura-dresden.de
   ServerAlias www.wiki.fzs.htw.stura-dresden.de
   <Directory "/usr/local/www/fzswiki_1_19_4">
       Options Indexes FollowSymLinks
       DirectoryIndex index.html index.php
       AllowOverride none
       Order allow,deny
       Allow from all
   </Directory>
</VirtualHost>

mediawiki[Bearbeiten]

Wiki[Bearbeiten]

</path/to/mediawiki-stura>/LocalSettings.php[Bearbeiten]

…
$wgLogo             = "$wgStylePath/common/images/stura.jpg";
$wgFavicon          = "$wgStylePath/common/images/stura_ohne_typo.favicon32.jpg";

…
$wgDefaultSkin = 'vector'; 
…

##############################                                                                                                      
## Ausnahmen Details zeigen ##                                                                                                      
##############################                                                                                                      

$wgShowExceptionDetails = false;

###################
## Mail Settings ##
###################

$wgSMTP = array (
   'IDHost' => 'wiki.stura.htw-dresden.de', //this is used to build the Message-ID mail header
   'host'   => 'mail.stura.htw-dresden.de', //this is the outgoing mail server name (SMTP server)
   'port'   => 25, //this is the port used by the SMTP server
   'auth'   => false,  //in my case, authentication is not required by the mail server for outgoing mail
);

################
## Namespaces ##
################

define("NS_STURA", 100);
define("NS_STURA_TALK", 101);
define("NS_INTERN", 102);
define("NS_INTERN_TALK", 103);
define("NS_ADMIN", 104);
define("NS_ADMIN_TALK", 105);
define("NS_PERSON", 106);
define("NS_PERSON_TALK", 107);

$wgExtraNamespaces[NS_STURA] = "StuRa";
$wgExtraNamespaces[NS_STURA_TALK] = "StuRa_Diskussion";
$wgExtraNamespaces[NS_INTERN] = "Intern";
$wgExtraNamespaces[NS_INTERN_TALK] = "Intern_Diskussion";
$wgExtraNamespaces[NS_ADMIN] = "Admin";
$wgExtraNamespaces[NS_ADMIN_TALK] = "Admin_Diskussion";
$wgExtraNamespaces[NS_PERSON] = "Person";
$wgExtraNamespaces[NS_PERSON_TALK] = "Person_Diskussion";

################
## Extensions ##
################

$wgAllowExternalImages = true #Externe Bilder einbinden

require_once "$IP/extensions/ConfirmEdit/QuestyCaptcha.php";
$wgCaptchaClass = 'QuestyCaptcha';
$arr = array (
       'Frage' => 'An answer!',       
);
foreach ( $arr as $key => $value ) {
       $wgCaptchaQuestions[] = array( 'question' => $key, 'answer' => $value );
};
$wgCaptchaTriggers['edit'] = true;
$wgCaptchaTriggers['create'] = true;

require_once( "$IP/extensions/Renameuser/Renameuser.php" );
require_once( "$IP/extensions/WikiEditor/WikiEditor.php" );
require_once( "$IP/extensions/Lockdown/Lockdown.php" );
require_once( "$IP/extensions/Interwiki/Interwiki.php" );
require_once( "$IP/extensions/ContributionScores/ContributionScores.php" );

#################################
## ContributionScores settings ##
#################################

$wgContribScoreIgnoreBots = true;          // Exclude Bots from the reporting - Can be omitted.
$wgContribScoreIgnoreBlockedUsers = true;  // Exclude Blocked Users from the reporting - Can be omitted.
$wgContribScoresUseRealName = true;        // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later.
$wgContribScoreDisableCache = false;       // Set to true to disable cache for parser function and inclusion of table.

//Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted.
$wgContribScoreReports = array(
   array(7,50),
   array(30,50),
   array(0,50)
) ;

####################
## costume groups ##
####################

// Implicit group for intern (copy of group user)
$wgGroupPermissions['intern']['move']             = true;
$wgGroupPermissions['intern']['move-subpages']    = true;
$wgGroupPermissions['intern']['move-rootuserpages'] = true; // can move root userpages
//$wgGroupPermissions['intern']['movefile']         = true;       // Disabled for now due to possible bugs and security concerns
$wgGroupPermissions['intern']['read']             = true;
$wgGroupPermissions['intern']['edit']             = true;
$wgGroupPermissions['intern']['createpage']       = true;
$wgGroupPermissions['intern']['createtalk']       = true;
$wgGroupPermissions['intern']['writeapi']         = true;
$wgGroupPermissions['intern']['upload']           = true;
$wgGroupPermissions['intern']['reupload']         = true;
$wgGroupPermissions['intern']['reupload-shared']  = true;
$wgGroupPermissions['intern']['minoredit']        = true;
$wgGroupPermissions['intern']['purge']            = true; // can use ?action=purge without clicking "ok"
$wgGroupPermissions['intern']['sendemail']        = true;
// To grant sysops permissions to edit interwiki data
$wgGroupPermissions['sysop']['interwiki'] = true;

###########################
## Restricted namespaces ##
###########################

$wgNamespacePermissionLockdown[NS_INTERN]['*'] = array('intern');
$wgNamespacePermissionLockdown[NS_INTERN_TALK]['*'] = array('intern');

$wgNamespacePermissionLockdown[NS_PERSON]['*'] = array('intern');
$wgNamespacePermissionLockdown[NS_PERSON_TALK]['*'] = array('intern');

Wiki Extensions[Bearbeiten]
Wiki Extension Asirra[Bearbeiten]

Die Extension:Asirra wird nicht mehr verwendet!

Die Extension:Asirra
  • wurde seit 2014-10 nicht mehr unterstützt;
  • funktionierte Ende 2014 nicht mehr;
  • musst Ende 2014 ersetzt werden;
  • wurde Anfang 2015 durch Tom durch #Wiki Extension QuestyCaptcha ersetzt;
  • diente als CAPTCHA.
Asirra/ConfirmEdit.php
Wiki Extension Lockdown[Bearbeiten]
Installation

wget https://codeload.github.com/wikimedia/mediawiki-extensions-Lockdown/legacy.tar.gz/REL1_19
tar -xzf wikimedia-mediawiki-extensions-Lockdown-84fca94.tar.gz -C /var/www/mediawiki/extensions

Wiki Extension QuestyCaptcha[Bearbeiten]

Die Extension:QuestyCaptcha

HS-ABC Wiki[Bearbeiten]

</path/to/mediawiki-hsabc>/LocalSettings.php[Bearbeiten]
require_once( "$IP/extensions/Asirra/Asirra.php" );
require_once( "$IP/extensions/Renameuser/Renameuser.php" );
require_once( "$IP/extensions/WikiEditor/WikiEditor.php" );

###################
## Mail Settings ##
###################

$wgSMTP = array (
   'IDHost' => 'wiki.hs-abc.htw.stura-dresden.de', //this is used to build the Message-ID mail header
   'host'   => 'mail.stura.htw-dresden.de', //this is the outgoing mail server name (SMTP server)
   'port'   => 25, //this is the port used by the SMTP server
   'auth'   => false,  //in my case, authentication is not required by the mail server for outgoing mail
);
</path/to/mediawiki-hsabc>/extensions/Asirra/ConfirmEdit.php[Bearbeiten]

…
$wgGroupPermissions['user'         ]['skipcaptcha'] = true;
$wgGroupPermissions['autoconfirmed']['skipcaptcha'] = false;
…
$wgCaptchaTriggers['edit']          = true; // Would check on every edit
$wgCaptchaTriggers['create']        = false; // Check on page creation.
$wgCaptchaTriggers['sendemail']     = true; // Special:Emailuser
…

Siehe auch[Bearbeiten]


SRS14[Bearbeiten]

  1. WEITERLEITUNG StuRa:Server/SRS14/2018


SRS15[Bearbeiten]

Verwendungszweck
ansatzweise Anwendung von verschiedener Software für ein potentielles AUS
Accounts

Django[Bearbeiten]

Django Installation[Bearbeiten]

cd /usr/ports/www/py-django/ && sudo make install clean
                                     ┌──────────────────────────── py27-django-1.5.1 ───────────────────────────────┐
                                     │ ┌──────────────────────────────────────────────────────────────────────────┐ │  
                                     │ │+[ ] FASTCGI   FastCGI support                                            │ │  
                                     │ │+[ ] HTMLDOCS  Install the HTML documentation (requires Sphinx)           │ │  
                                     │ │───────────────────────────────── DATABASE ───────────────────────────────│ │  
                                     │ │+[ ] PGSQL     PostgreSQL database support                                │ │  
                                     │ │+[ ] MYSQL     MySQL database support                                     │ │  
                                     │ │+[x] SQLITE    SQLite database support                                    │ │  
                                     │ └──────────────────────────────────────────────────────────────────────────┘ │  
                                     ├──────────────────────────────────────────────────────────────────────────────┤  
                                     │                       <  OK  >            <Cancel>                           │  
                                     └──────────────────────────────────────────────────────────────────────────────┘  
===>  Cleaning for py27-django-1.5.1
Done!

OTRS[Bearbeiten]

OTRS Installation[Bearbeiten]

cd /usr/ports/devel/otrs/ && sudo make install clean

trac[Bearbeiten]

trac Installation[Bearbeiten]

cd /usr/ports/www/trac/ && sudo make install clean
                                     ┌──────────────────────────────── trac-1.0.1 ──────────────────────────────────┐
                                     │ ┌──────────────────────────────────────────────────────────────────────────┐ │  
                                     │ │+[x] DOCUTILS    Allow additional text markup                             │ │  
                                     │ │+[ ] PGSQL       PostgreSQL database support                              │ │  
                                     │ │+[x] PYGMENTS    Use generic syntax highlighter                           │ │  
                                     │ │+[x] SILVERCITY  Silvercity for syntax highlighting                       │ │  
                                     │ │+[x] SVN         Subversion support                                       │ │  
                                     │ │+[x] TZ          Process Time Zones                                       │ │  
                                     │ └──────────────────────────────────────────────────────────────────────────┘ │  
                                     ├──────────────────────────────────────────────────────────────────────────────┤  
                                     │                       <  OK  >            <Cancel>                           │  
                                     └──────────────────────────────────────────────────────────────────────────────┘  
                                     ┌───────────────────────────── py27-Genshi-0.7 ────────────────────────────────┐
                                     │ ┌──────────────────────────────────────────────────────────────────────────┐ │  
                                     │ │+[x] BABEL  I18n support through the Babel plugin                         │ │  
                                     │ └──────────────────────────────────────────────────────────────────────────┘ │  
                                     ├──────────────────────────────────────────────────────────────────────────────┤  
                                     │                       <  OK  >            <Cancel>                           │  
                                     └──────────────────────────────────────────────────────────────────────────────┘  
                                     ┌──────────────────────────── subversion-1.8.0_3 ──────────────────────────────┐
                                     │ ┌──────────────────────────────────────────────────────────────────────────┐ │  
                                     │ │+[ ] BDB               Berkeley DB support                                │ │  
                                     │ │+[ ] BOOK              Install the Subversion Book                        │ │  
                                     │ │+[x] DOCS              Build and/or install documentation                 │ │  
                                     │ │+[x] FREEBSD_TEMPLATE  FreeBSD Project log template                       │ │  
                                     │ │+[ ] GNOME_KEYRING     Build with GNOME Keyring auth support              │ │  
                                     │ │+[ ] KDE_KWALLET       Build with KDE KWallet auth support                │ │  
                                     │ │+[ ] MAINTAINER_DEBUG  Build debug version                                │ │  
                                     │ │+[ ] MOD_DAV_SVN       mod_dav_svn module for Apache 2.X                  │ │  
                                     │ │+[x] NLS               Native Language Support                            │ │  
                                     │ │+[x] P4_STYLE_MARKERS  Perforce-style conflict markers                    │ │  
                                     │ │+[ ] SASL              SASL support                                       │ │  
                                     │ │+[x] SERF              WebDAV/Delta-V (HTTP/HTTPS) repo access module     │ │  
                                     │ │+[ ] STATIC            Build static version (no shared libs)              │ │  
                                     │ │+[ ] SVNSERVE_WRAPPER  Enable svnserve wrapper (umask setter)             │ │  
                                     │ │+[ ] TEST              Run subversion test suite                          │ │  
                                     │ │+[ ] TOOLS             Install several tools (svnauthz-validate and mod_d)│ │  
                                     │ └──────────────────────────────────────────────────────────────────────────┘ │  
                                     ├──────────────────────────────────────────────────────────────────────────────┤  
                                     │                       <  OK  >            <Cancel>                           │  
                                     └──────────────────────────────────────────────────────────────────────────────┘  
                                     ┌─────────────────────────────── serf-1.2.1_1 ─────────────────────────────────┐
                                     │ ┌──────────────────────────────────────────────────────────────────────────┐ │  
                                     │ │+[x] DOCS  Build and/or install documentation                             │ │  
                                     │ └──────────────────────────────────────────────────────────────────────────┘ │  
                                     ├──────────────────────────────────────────────────────────────────────────────┤  
                                     │                       <  OK  >            <Cancel>                           │  
                                     └──────────────────────────────────────────────────────────────────────────────┘  

===>  Cleaning for trac-1.0.1

Sonstiges[Bearbeiten]

Lynx[Bearbeiten]

Lynx Zweck[Bearbeiten]

Lynx Installation[Bearbeiten]

cd /usr/ports/www/py-django/ && sudo make install clean
                                     ┌────────────────────────────── lynx-2.8.7.2,1 ────────────────────────────────┐
                                     │ ┌──────────────────────────────────────────────────────────────────────────┐ │  
                                     │ │+[x] DEFAULT_COLORS  Colors support                                       │ │  
                                     │ │+[x] IPV6            IPv6 protocol support                                │ │  
                                     │ │+[x] NLS             Native Language Support                              │ │  
                                     │ │+[x] SSL             SSL protocol support                                 │ │  
                                     │ └──────────────────────────────────────────────────────────────────────────┘ │  
                                     ├──────────────────────────────────────────────────────────────────────────────┤  
                                     │                       <  OK  >            <Cancel>                           │  
                                     └──────────────────────────────────────────────────────────────────────────────┘  
===>  Cleaning for lynx-2.8.7.2,1
Done!


SRS16[Bearbeiten]

  1. WEITERLEITUNG Server/SRS16/2015

SRS17[Bearbeiten]

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • apr
  • asciidoc
  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bash
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • boehm-gc+fulldebug
  • bsdadminscripts
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • db42
  • dejavu
  • dialog4ports
  • docbook
  • docbook-sk
  • docbook-xml
  • docbook-xsl
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • getopt
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • gtk
  • gtk-update-icon-cache
  • help2man
  • hicolor-icon-theme
  • icu
  • inputproto
  • intltool
  • iso8879
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXft
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libpaper
  • libpthread-stubs
  • libsigsegv
  • libssh2
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • neon29
  • p5-Error
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • p5-Term-ReadKey
  • p5-URI
  • p5-XML-Parser
  • p5-subversion
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • shared-mime-info
  • sqlite3
  • subversion
  • tiff
  • tmux
  • unzip
  • vim-lite
  • w3m
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xmlcatmgr
  • xmlcharent
  • xmlto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

icu[Bearbeiten]

OPTIONS_FILE_SET+=THREADS

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST


zusätzliche Konfigurationsdateien[Bearbeiten]

Jail[Bearbeiten]

/etc/rc.conf[Bearbeiten]


sshd_enable="YES"
ejabberd_enable="YES"

/etc/ssh/sshd_config[Bearbeiten]


…
ListenAddress 141.56.50.17
…
PasswordAuthentication no
…
UsePAM no
…

Konfiguration der Programme[Bearbeiten]

/usr/local/etc/ejabberd/ejabberd.cfg[Bearbeiten]


...
{loglevel, 3}.
...
{watchdog_admins, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]}.
...
{hosts, ["srs17.stura.htw-dresden.de"]}.
...
             starttls, {certfile, "/root/ejabberd.pem"},
             starttls_required, 
...
                        %%captcha,
                        %%http_bind,
                        %%http_poll,
...
{s2s_use_starttls, required}.
...
{s2s_certfile, "/root/ejabberd.pem"}.
...
{acl, admin, {user, "foo", "srs17.stura.htw-dresden.de"}}.
{acl, admin, {user, "bar", "srs17.stura.htw-dresden.de"}}.
...
{acl, blocked, {user, "test"}}.
{acl, blocked, {user, "root"}}.
{acl, blocked, {user, "r00t"}}.
{acl, blocked, {user, "r0ot"}}.
{acl, blocked, {user, "ro0t"}}.
{acl, blocked, {user, "adm1n"}}.
{acl, blocked, {user, "admin"}}.
{acl, blocked, {user, "kss"}}.
{acl, blocked, {user, "administrator"}}.
{acl, blocked, {user, "administrat0r"}}.
{acl, blocked, {user, "adm1n1strat0r"}}.
{acl, blocked, {user, "adm1nistrat0r"}}.
{acl, blocked, {user, "admin1strat0r"}}.
{acl, blocked, {user, "adm1nistrator"}}.
{acl, blocked, {user, "admin1strator"}}.
...
{access, max_user_sessions, [{2, all}]}.
...
{language, "de"}.
...
   %%{mod_irc,      []},
...
   %%{mod_pubsub,   [
                 %%{access_createnode, pubsub_createnode},
                 %%{ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
...
                 %%{last_item_cache, false},
                 %%{plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
                %%]},
...
                 {registration_watchers, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]},
...
                 {ip_access, [
                     {allow, "0.0.0.0/8"}
                     %%{allow, "127.0.0.0/8"},
                               %%{deny, "0.0.0.0/0"}
                     ]},
...

Siehe auch[Bearbeiten]

SRS18[Bearbeiten]

Auf die Schnelle:

  • Jail, die auf srs2342 (mit veraltetem FreeBSD)
    • Dataset (für ZFS) liegt vielleicht schon woanders
  • ist nicht in Betrieb
  • altes Plone (aka Plone 3)

Plone[Bearbeiten]

Plone 3.3 via UnifiedInstaller installieren.


install.sh --password=<password>  standalone

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

Konfiguration von Skripten[Bearbeiten]

rc.d scripting Plone[Bearbeiten]

Achtung!
Eigentlich handelte es sich nur um ein direktes Nachahmen von Server/Jails/SRS1#rc.d scripting Plone.
Die Funktionalität wurde erfolgreich getestet.
$EDITOR /usr/local/etc/rc.d/plone
#!/bin/sh
# PROVIDE: plone
# REQUIRE: LOGIN
# KEYWORD: shutdown

. /etc/rc.subr

name="plone"
rcvar=plone_enable

start_cmd="${name}_start"
stop_cmd="${name}_stop"
restart_cmd="${name}_restart"
status_cmd="${name}_status"

extra_commands="status"

load_rc_config ${name}
#: ${plone_enable:="NO"}

plone_stop()
{
        /usr/local/Plone/zinstance/bin/plonectl stop
}

plone_status()
{
        /usr/local/Plone/zinstance/bin/plonectl status
}

plone_start()
{
        /usr/local/Plone/zinstance/bin/plonectl start
}

plone_restart()
{
        /usr/local/Plone/zinstance/bin/plonectl restart
}

run_rc_command "$1"

Anpassen der Berechtigung für eine Datei für rc.d

chmod 540 /usr/local/etc/rc.d/plone
Kontrollieren der Berechtigung für eine Datei für rc.d
ls -l /usr/local/etc/rc.d/plone
-r-xr-----  1 root  wheel  603 Oct 23 18:34 /usr/local/etc/rc.d/plone

Selbstverständlich bedarf es auch noch dem Eintrag in der rc.conf, um Anzuzeigen, dass plone gestartet werden soll kann.

echo 'plone_enable="YES"' >> /etc/rc.conf

Eigentlich ist die Datei für rc.d relativ simpel. (Der Bezug sind die komplexen Varianten, die rc.d und entsprechende Dateien mit sich brinken können.)

  • /usr/local/Plone/zinstance/bin/plonectl ist die Stelle und Datei zur Verwaltung des Betriebes von Plone. (Woher die Auswahl dieses Stelle stammt ist nicht näher bekannt.)
  • Bei der Entfernung der Auskommentierung bei #: ${plone_enable:="NO"} würde Plone nicht zu Starten der Jail selbst starten. Jedoch wären aber noch alle anderen gewünschten Funktionalitäten von rc.d verfügbar.
  • Folgende Befehle sind nun mittels rc.d verfügbar:
    • service plone stop
      Stoppen von Plone
    • service plone stauts
      Status von Plone ausgeben lassen
    • service plone start
      Starten von Plone
    • service plone restart
      Neustarten von Plone
    .

Läuft!

Siehe auch[Bearbeiten]

SRS19[Bearbeiten]

  • FSRs

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

ca_root_nss[Bearbeiten]

OPTIONS_FILE_UNSET+=ETCSYMLINK

freetype2[Bearbeiten]

OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE
OPTIONS_FILE_UNSET+=LCD_FILTERING

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST

libxslt[Bearbeiten]

OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_UNSET+=MEM_DEBUG

png[Bearbeiten]

OPTIONS_FILE_SET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

zusätzliche Konfigurationsdateien[Bearbeiten]

Konfiguration der Programme[Bearbeiten]

nginx[Bearbeiten]

nginx.conf[Bearbeiten]


lies: http://elasticdog.com/2008/02/howto-install-wordpress-on-nginx/

sudo[Bearbeiten]

/usr/local/etc/sudoers[Bearbeiten]


…
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL
%<username> ALL=(ALL) ALL
%<username> ALL=(ALL) ALL
…

Siehe auch[Bearbeiten]

SRS20[Bearbeiten]

  1. WEITERLEITUNG StuRa:Server/SRS20/2016


SRS28[Bearbeiten]

Auf die Schnelle:

  • Jail, die auf srs2342 (mit veraltetem FreeBSD)
  • ist nicht in Betrieb
  • diente für das hosting von Websites zu Projekten, auch mit anderen StuRä

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

ca_root_nss[Bearbeiten]

OPTIONS_FILE_UNSET+=ETCSYMLINK

freetype2[Bearbeiten]

OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE
OPTIONS_FILE_UNSET+=LCD_FILTERING

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST

libxslt[Bearbeiten]

OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_UNSET+=MEM_DEBUG

png[Bearbeiten]

OPTIONS_FILE_SET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

zusätzliche Konfigurationsdateien[Bearbeiten]

Jail[Bearbeiten]

/etc/rc.conf[Bearbeiten]


apache22_enable="YES"
sshd_enable="YES"

Konfiguration der Programme[Bearbeiten]

apache[Bearbeiten]

httpd.conf[Bearbeiten]


…
LoadModule php5_module        libexec/apache22/libphp5.so

<IfModule php5_module>
   DirectoryIndex index.php index.php5 index.html
   AddType application/x-httpd-php .php
   AddType application/x-httpd-php-source .phps
</IfModule>
…
ServerAdmin <admin[at]domain.tld>
…
ServerName <Jail-IP>
…
DocumentRoot "/usr/local/www/data"
…
<Directory "/usr/local/www/data/website">
   #
   # Possible values for the Options directive are "None", "All",
   # or any combination of:
   #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
   #
   # Note that "MultiViews" must be named *explicitly* --- "Options All"
   # doesn't give it to you.
   #
   # The Options directive is both complicated and important.  Please see
   # http://httpd.apache.org/docs/2.2/mod/core.html#options
   # for more information.
   #
   Options Indexes FollowSymLinks
   DirectoryIndex index.php index.php5 index.html
   #
   # AllowOverride controls what directives may be placed in .htaccess files.
   # It can be "All", "None", or any combination of the keywords:
   #   Options FileInfo AuthConfig Limit
   #
   AllowOverride All

   #
   # Controls who can get stuff from this server.
   #
   Order allow,deny
   Allow from all

</Directory>
…

sshd[Bearbeiten]

sshd_config[Bearbeiten]


…
Port <PORTNUMMER>
…
ListenAddress 0.0.0.0
…
LoginGraceTime 1m
PermitRootLogin no
StrictModes yes
MaxAuthTries 3
MaxSessions 4
AllowUsers <die mit der richtigen permisse> #nur durch leerzeichen trennen
…
Match User <Username>
       ChrootDirectory /usr/local/www/data
       ForceCommand internal-sftp
       AllowTcpForwarding no
       X11Forwarding no
…

Siehe auch[Bearbeiten]

Der Artikel Server/SRS1337/Jails dient der dokumentarischen Sammlung aller Jails, welche auf der dicken Berta angelegt sind.

Standart Ports und Konfiguration der Jail[Bearbeiten]

  • Standartports sind mit Hilfe des startup.sh-Scriptes installiert worden.

help2man[Bearbeiten]


OPTIONS_FILE_SET+=NLS


libiconv[Bearbeiten]


OPTIONS_FILE_SET+=ENCODINGS
OPTIONS_FILE_UNSET+=PATCHES


m4[Bearbeiten]


OPTIONS_FILE_SET+=LIBSIGSEGV


pcre[Bearbeiten]


OPTIONS_FILE_SET+=STACK_RECURSION


perl[Bearbeiten]


OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_SET+=MULTIPLICITY
OPTIONS_FILE_SET+=PERL_64BITINT
OPTIONS_FILE_SET+=PERL_MALLOC
OPTIONS_FILE_SET+=PTHREAD
OPTIONS_FILE_UNSET+=SITECUSTOMIZE
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=USE_PERL


portupgrade[Bearbeiten]


OPTIONS_FILE_SET+=DOCS


ruby[Bearbeiten]


OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_UNSET+=ONIGURUMA
OPTIONS_FILE_SET+=RDOC

zsh[Bearbeiten]


OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_SET+=MAILDIR
OPTIONS_FILE_SET+=MEM
OPTIONS_FILE_SET+=MULTIBYTE
OPTIONS_FILE_SET+=PCRE
OPTIONS_FILE_SET+=SECURE_FREE
OPTIONS_FILE_UNSET+=STATIC

SRS16[Bearbeiten]

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • apr
  • asciidoc
  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • boehm-gc+fulldebug
  • bsdadminscripts
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • db42
  • dejavu
  • dialog4ports
  • docbook
  • docbook-sk
  • docbook-xml
  • docbook-xsl
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • getopt
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • gtk
  • gtk-update-icon-cache
  • help2man
  • hicolor-icon-theme
  • icu
  • inputproto
  • intltool
  • iso8879
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXft
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libpaper
  • libpthread-stubs
  • libsigsegv
  • libssh2
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • neon29
  • p5-Error
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • p5-Term-ReadKey
  • p5-URI
  • p5-XML-Parser
  • p5-subversion
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • shared-mime-info
  • sqlite3
  • subversion
  • tiff
  • tmux
  • unzip
  • vim-lite
  • w3m
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xmlcatmgr
  • xmlcharent
  • xmlto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

apr[Bearbeiten]

OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=DEVRANDOM
OPTIONS_FILE_SET+=BDB
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_UNSET+=MYSQL
OPTIONS_FILE_UNSET+=NDBM
OPTIONS_FILE_UNSET+=PGSQL
OPTIONS_FILE_UNSET+=SQLITE
OPTIONS_FILE_UNSET+=FREETDS

python27[Bearbeiten]

OPTIONS_FILE_UNSET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

SRS17[Bearbeiten]

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • apr
  • asciidoc
  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bash
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • boehm-gc+fulldebug
  • bsdadminscripts
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • db42
  • dejavu
  • dialog4ports
  • docbook
  • docbook-sk
  • docbook-xml
  • docbook-xsl
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • getopt
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • gtk
  • gtk-update-icon-cache
  • help2man
  • hicolor-icon-theme
  • icu
  • inputproto
  • intltool
  • iso8879
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXft
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libpaper
  • libpthread-stubs
  • libsigsegv
  • libssh2
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • neon29
  • p5-Error
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • p5-Term-ReadKey
  • p5-URI
  • p5-XML-Parser
  • p5-subversion
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • shared-mime-info
  • sqlite3
  • subversion
  • tiff
  • tmux
  • unzip
  • vim-lite
  • w3m
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xmlcatmgr
  • xmlcharent
  • xmlto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

icu[Bearbeiten]

OPTIONS_FILE_SET+=THREADS

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST


zusätzliche Konfigurationsdateien[Bearbeiten]

Jail[Bearbeiten]

/etc/rc.conf[Bearbeiten]


sshd_enable="YES"
ejabberd_enable="YES"

/etc/ssh/sshd_config[Bearbeiten]


…
ListenAddress 141.56.50.17
…
PasswordAuthentication no
…
UsePAM no
…

Konfiguration der Programme[Bearbeiten]

/usr/local/etc/ejabberd/ejabberd.cfg[Bearbeiten]


...
{loglevel, 3}.
...
{watchdog_admins, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]}.
...
{hosts, ["srs17.stura.htw-dresden.de"]}.
...
             starttls, {certfile, "/root/ejabberd.pem"},
             starttls_required, 
...
                        %%captcha,
                        %%http_bind,
                        %%http_poll,
...
{s2s_use_starttls, required}.
...
{s2s_certfile, "/root/ejabberd.pem"}.
...
{acl, admin, {user, "foo", "srs17.stura.htw-dresden.de"}}.
{acl, admin, {user, "bar", "srs17.stura.htw-dresden.de"}}.
...
{acl, blocked, {user, "test"}}.
{acl, blocked, {user, "root"}}.
{acl, blocked, {user, "r00t"}}.
{acl, blocked, {user, "r0ot"}}.
{acl, blocked, {user, "ro0t"}}.
{acl, blocked, {user, "adm1n"}}.
{acl, blocked, {user, "admin"}}.
{acl, blocked, {user, "kss"}}.
{acl, blocked, {user, "administrator"}}.
{acl, blocked, {user, "administrat0r"}}.
{acl, blocked, {user, "adm1n1strat0r"}}.
{acl, blocked, {user, "adm1nistrat0r"}}.
{acl, blocked, {user, "admin1strat0r"}}.
{acl, blocked, {user, "adm1nistrator"}}.
{acl, blocked, {user, "admin1strator"}}.
...
{access, max_user_sessions, [{2, all}]}.
...
{language, "de"}.
...
   %%{mod_irc,      []},
...
   %%{mod_pubsub,   [
                 %%{access_createnode, pubsub_createnode},
                 %%{ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
...
                 %%{last_item_cache, false},
                 %%{plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
                %%]},
...
                 {registration_watchers, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]},
...
                 {ip_access, [
                     {allow, "0.0.0.0/8"}
                     %%{allow, "127.0.0.0/8"},
                               %%{deny, "0.0.0.0/0"}
                     ]},
...

Siehe auch[Bearbeiten]

Wiki[Bearbeiten]