961 lines
40 KiB
HTML
961 lines
40 KiB
HTML
<!--startcut ==============================================-->
|
||
<!-- *** BEGIN HTML header *** -->
|
||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
|
||
<HTML><HEAD>
|
||
<title>The Weekend Mechanic LG #70</title>
|
||
</HEAD>
|
||
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#0000AF"
|
||
ALINK="#FF0000">
|
||
<!-- *** END HTML header *** -->
|
||
|
||
<CENTER>
|
||
<A HREF="http://www.linuxgazette.com/">
|
||
<IMG ALT="LINUX GAZETTE" SRC="../gx/lglogo.png"
|
||
WIDTH="600" HEIGHT="124" border="0"></A>
|
||
<BR>
|
||
|
||
<!-- *** BEGIN navbar *** -->
|
||
<IMG ALT="" SRC="../gx/navbar/left.jpg" WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom"><A HREF="lg_tips70.html"><IMG ALT="[ Prev ]" SRC="../gx/navbar/prev.jpg" WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="index.html"><IMG ALT="[ Table of Contents ]" SRC="../gx/navbar/toc.jpg" WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../index.html"><IMG ALT="[ Front Page ]" SRC="../gx/navbar/frontpage.jpg" WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="http://www.linuxgazette.com/cgi-bin/talkback/all.py?site=LG&article=http://www.linuxgazette.com/issue70/adam.html"><IMG ALT="[ Talkback ]" SRC="../gx/navbar/talkback.jpg" WIDTH="121" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../faq/index.html"><IMG ALT="[ FAQ ]" SRC="./../gx/navbar/faq.jpg"WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="arndt.html"><IMG ALT="[ Next ]" SRC="../gx/navbar/next.jpg" WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><IMG ALT="" SRC="../gx/navbar/right.jpg" WIDTH="15" HEIGHT="45" ALIGN="bottom">
|
||
<!-- *** END navbar *** -->
|
||
<P>
|
||
</CENTER>
|
||
|
||
<!--endcut ============================================================-->
|
||
|
||
<H4 ALIGN="center">
|
||
"Linux Gazette...<I>making Linux just a little more <FONT COLOR="red">lovable!</FONT></I>"
|
||
<IMG ALT="" SRC="../gx/adam/heart.png" WIDTH="30" HEIGHT="25">
|
||
</H4>
|
||
|
||
<P> <HR> <P>
|
||
<!--===================================================================-->
|
||
|
||
<P ALIGN=CENTER><IMG ALT="[picture of mechanic]" SRC="../gx/adam/mechanic.png" ALT="Weekend Mechanic Logo" ALIGN=BOTTOM WIDTH=399 HEIGHT=135 BORDER=0></P>
|
||
|
||
<H1 ALIGN=CENTER><FONT COLOR="maroon">The Weekend Mechanic</FONT></H1>
|
||
|
||
<H4 ALIGN=CENTER>By <A HREF="mailto:thomas_adam16@yahoo.com">Thomas
|
||
Adam</A></H4>
|
||
|
||
<P> <HR> <P>
|
||
<!--===================================================================-->
|
||
|
||
<!-- END header -->
|
||
|
||
|
||
|
||
|
||
|
||
<!-- ---------------- -->
|
||
<!-- Begin Content Listing -->
|
||
<!-- ---------------- -->
|
||
|
||
<H2>Table of Contents</H2>
|
||
<UL>
|
||
<LI><A HREF="#preamble">Welcome
|
||
to the August edition</A>
|
||
<LI><A HREF="#apache">A brief
|
||
introduction: Apache</A>
|
||
<LI><A HREF="#progupx">Program
|
||
Review: upx</A>
|
||
<LI><A HREF="#progbb">Program
|
||
Review: bb</A>
|
||
<LI><A HREF="#closing">Closing Time</A>
|
||
</UL>
|
||
|
||
<!-- -------------- -->
|
||
<!-- End Content Listing -->
|
||
<!-- --------------- -->
|
||
|
||
<HR>
|
||
|
||
<!-- ----------- -->
|
||
<!-- Begin Preamble -->
|
||
<!-- ----------- -->
|
||
|
||
<H2><A NAME="preamble"></A>Welcome to the August edition</H2>
|
||
|
||
<P>Hello there, dear readers. How have you all been? Not too busy I
|
||
trust. I on the other hand have been busy over the last month or so.
|
||
I have just completed my A-level exams, which I found to be quite
|
||
tiring. That was why I was unable to write the Weekend Mechanic last
|
||
month. For those of you who are currently doing, or are thinking of
|
||
taking A-levels, I would advise you that although they are good fun
|
||
they require lots of hard work.</P>
|
||
|
||
<P>As a result of completing my A-levels (these are university entry
|
||
exams) I have also left school. Although for me this is rather sad,
|
||
it does mean that I shall have lots of time to develop my Linux
|
||
ideas. Thus, over the holidays I am hopefully going to be teaching
|
||
an evening class about using Linux. It is something that I am looking
|
||
forward to.</P>
|
||
|
||
<P>But I don't wish to delve too much into the future. Going back to
|
||
the world of computing one thing that happened recently which I
|
||
found quite amusing was that a young computer cracker (age 19
|
||
years, whose name I cannot remember) from Wales (UK), had gotten
|
||
a load of credit-card details and posted them onto another website.
|
||
Amongst the credit-card details obtained was that of Bill Gates. This
|
||
young cracker then used his credit-card, ordered a consignment of
|
||
viagra, and sent it to Bill Gates!!!</P>
|
||
|
||
<P>You'd have thought that the Welshman would have had something
|
||
better to do.........</P>
|
||
|
||
<!-- ---------- -->
|
||
<!-- End Preamble -->
|
||
<!-- ---------- -->
|
||
|
||
<HR>
|
||
|
||
<!-- ------------------->
|
||
<!-- Begin Apache -->
|
||
<!-- Begin Content Listing -->
|
||
<!-- ---------------- --->
|
||
|
||
<H2><A NAME="apache"></A>A Brief Introduction: Apache</H2>
|
||
<UL>
|
||
<LI><A HREF="#aboutinst">Installation</A>
|
||
<LI><A HREF="#runapache">Running
|
||
Apache</A>
|
||
<LI><A HREF="#configlochost">Using
|
||
Apache: http://localhost</A>
|
||
<LI><A HREF="#configpublic">Using
|
||
Apache: per-user webspaces</A>
|
||
<LI><A HREF="#configalias">Using
|
||
Apache: Aliases</A>
|
||
<LI><A HREF="#configsecure">Using Apache: Secure
|
||
Directories</A>
|
||
|
||
</UL>
|
||
|
||
<!-- -------------- -->
|
||
<!-- End Content Listing -->
|
||
<!-- -------------- --->
|
||
|
||
<HR>
|
||
|
||
<!-- ------------- -->
|
||
<!-- Begin Installation -->
|
||
<!-- ------------- -->
|
||
|
||
<H2><A NAME="aboutinst"></A>Installation</H2>
|
||
|
||
<P>The internet is growing at an alarming rate. Indeed, with nearly
|
||
every ISP there is the opportunity of being able to publish your own
|
||
web pages. The ability to do this is through the use of a computer
|
||
(the host), and a webserver program such as Apache. Although there
|
||
are other webservers, Apache is the most widely used on the internet
|
||
and is the most stable.</P>
|
||
|
||
<P>"But why would you want to use it on a local machine?",
|
||
I hear you cry. Well running the Apache httpd daemon on your Linux
|
||
box means that it is a great way of storing information, especially
|
||
if you have a lot of HTML pages. I happen to have Apache running
|
||
because I have a local copy of all the LDP Howto's, and of course a
|
||
copy of the <I>Linux Gazette</I> archives!!</P>
|
||
|
||
<P>So the first thing to do is to test whether or not you have
|
||
Apache installed. If you are using a distribution that uses the RPM
|
||
file format, type in the following:</P>
|
||
|
||
<PRE>rpm -qa | grep -i apache</PRE>
|
||
|
||
<P>If successful you should see a line similar to:</P>
|
||
|
||
<PRE>apache-1.3.12-95</PRE>
|
||
|
||
<P>This means that the Apache webserver has been installed. If you do
|
||
not have Apache on your system then you must install it. Many
|
||
distributions come with Apache so the chances are it is on
|
||
your distribuion CD. If it is not, or your distribution does not
|
||
support the rpm format, then you must download the source files in
|
||
tarred/gzipped format (*.tar.gz) available from <A HREF="http://www.apache.org/" TARGET="_blank">www.apache.org</A>.
|
||
Once you have downloaded the files you can usually install apache in
|
||
the following way:</P>
|
||
|
||
<P>1. Log in as Root</P>
|
||
<P>2. Gunzip/untar the file:</P>
|
||
|
||
<PRE>tar xzvf /path/to/tarfile/apache*.tar.gz</PRE>
|
||
|
||
<P>3. cd to the newly created Apache directory:</P>
|
||
|
||
<PRE>cd Apache*</PRE>
|
||
|
||
<P>4. Run the "configure" script:</P>
|
||
|
||
<PRE>./configure</PRE>
|
||
|
||
<P>5. That will take a minute. Hopefully, that should be successful, and
|
||
a makefile, called "Makefile" should exist in the
|
||
directory. If not, it is likely that you do not have any compiler
|
||
programs (such as C, C++, g++), or you header files, or kernel source
|
||
files installed. It might also be possible that your make utility is
|
||
not installed. If this is true then you must install them.</P>
|
||
|
||
<P>So once configure has finished the thing you have to do now is
|
||
to "make" the file, by typing in the following:</P>
|
||
|
||
<PRE>make</PRE>
|
||
|
||
<P>This step may take some time, especially if you have an old machine.</P>
|
||
|
||
<P>Assuming there were no errors from the make, the last thing you have to do
|
||
is to install the compiled files by typing:</P>
|
||
|
||
<PRE>make install</PRE>
|
||
|
||
<P>And hopefully that should have installed Apache. If you do encounter
|
||
errors while installing/compiling Apache read the documentation that
|
||
comes with it. One caveat that I will mention is that during the
|
||
"make" process it is normal for the information to be
|
||
echoed to the screen. If you find that you are getting repeated
|
||
errors while compiling Apache, one work around is to issue the
|
||
following command:</P>
|
||
|
||
<PRE>make -k all</PRE>
|
||
|
||
<P>The above command will force make to continue, even
|
||
if it encounters errors <I>en route</I>. Although I only recommend
|
||
using it as an absolute last resort. Invariably reading Apache's
|
||
documentation should solve most compiler issues.</P>
|
||
|
||
<!-- End Installation Section -->
|
||
|
||
<!-- --------------------- -->
|
||
|
||
<!-- Begin Running Apache -->
|
||
<H2><A NAME="runapache"></A>Running Apache</H2>
|
||
|
||
<P>Now that everything has been installed the next thing to do is to
|
||
start Apache. This is accomplished by starting the "httpd"
|
||
daemon. By default (or at least for me anyway) Apache is
|
||
automatically run during your run-level so if you have not already
|
||
rebooted your machine type what follows still as user "root":</P>
|
||
|
||
<PRE>httpd</PRE>
|
||
|
||
<P>Hopefully your prompt should have been returned with nothing echoed
|
||
to the screen. To check that the "httpd" daemon is running,
|
||
we can use our old friend "ps", thus:</P>
|
||
|
||
<PRE>ps aux | grep -i httpd</PRE>
|
||
|
||
<P>What the above command does, is to list all the processes (including
|
||
those that are not attached to a tty), and then filters the list
|
||
(pipes "|") it to the <I>grep</I> command, which will match
|
||
for the expression "apache". The switch <B>-i</B> ignores
|
||
case sensitivity.</P>
|
||
<P>You should see a number of lines, but one which looks similar to
|
||
the following:</P>
|
||
|
||
<PRE>wwwrun 1377 0.0 2.0 4132 1340 ? S 11:09 0:00 httpd</PRE>
|
||
|
||
<P>This means that Apache is up and running. If you find that the result
|
||
of that command simply returns "root blah blah <I>grep -i httpd</I>"
|
||
then you must run httpd again. If you keep getting the same message, switch to <I>init 6</I></P>
|
||
|
||
<!-- End Running Apache -->
|
||
|
||
<! -- ------------------ -->
|
||
|
||
<!-- Begin Using Apache: http://localhost/ -->
|
||
|
||
<H2><A NAME="configlochost">Using Apache: http://localhost/</A></H2>
|
||
|
||
<P>OK, now were are getting somewhere. Having ensured that the
|
||
"httpd" daemon is active, we can actually start playing
|
||
with it. Open up a copy of a Web browser (such as Netscape) and
|
||
enter the following URL:</P>
|
||
|
||
<PRE>http://localhost</PRE>
|
||
|
||
<P>Hopefully you should see a web page of sorts. This usually differs
|
||
between different Linux distributions. On my SuSE box I am presented
|
||
with the SuSE Support Database with the SuSE chameleon mascot in the
|
||
top middle of the page!</P>
|
||
|
||
<P>The page that you are looking at is the main page at the site
|
||
"localhost". This page is stored in the following
|
||
directory:</P>
|
||
|
||
<PRE>/usr/local/httpd/htdocs</PRE>
|
||
|
||
<P>This directory has a special name. It is called <B><I>DocumentRoot</I></B>.The
|
||
actual path may vary slightly on some systems, but invariably it is
|
||
similar to the above. In this directory you should notice some
|
||
files, in particular *.html files. The file that is loaded when you go
|
||
to "http://localhost/" is the file <I>index.html</I>. What
|
||
I have done, is created a sub-directory in "htdocs" called
|
||
"oldhtdocs", and copied all the files into it. That way, I
|
||
can start afresh, and know that I have the originals if I need them.</P>
|
||
|
||
<P>You may find, that reading and writing to the <B>DocumentRoot</B>
|
||
folder has been disallowed to non-root users. To get around this
|
||
issue the following command as root, replacing "/path/to/htdocs"
|
||
with the correct pathway:</P>
|
||
|
||
<PRE>chmod +rw /path/to/htdocs</PRE>
|
||
|
||
<P>Knowing now, where the files are located for "http://localhost/"
|
||
is all very well, but how do you configure apache? Hang on there
|
||
reader......the file you are looking for is called <I>httpd.conf</I>
|
||
and is located usually in "/etc/httpd" or it maybe in the
|
||
directory "/usr/local/apache". On SuSE and Mandrake
|
||
systems, the latter is the default place. In the sections that
|
||
follow I shall be using the "httpd.conf" file to carry out
|
||
various customisations.</P>
|
||
|
||
<!-- End Using Apache: http://localhost/ -->
|
||
|
||
<!-- --------------------------- -->
|
||
|
||
<!-- Begin Using Apache: Per-user web space -->
|
||
|
||
<H2><A NAME="configpublic"></A>Using Apache: Per-user webspace</H2>
|
||
|
||
<P>How many of you have gone to URL's that contain the tilde symbol
|
||
(~) followed by a name and then a (/)? I would imagine that nearly
|
||
everyone has, at sometime. But how many of you were aware of
|
||
what it meant?? The tilde symbol within a URL indicates a "subdomain"
|
||
that is owned by a user on the computer system, off the main domain name.
|
||
Thus, at school, I had my own webserver, with a valid URL:</P>
|
||
<PRE>http://linuxservertom.purbeck.dorset.local/~thomas_adam/</PRE>
|
||
|
||
<P>What this was doing, was actually retrieving files stored in a
|
||
special folder under the user account, of user "thomas_adam".
|
||
This ability, gives users on a network, a space on which to house
|
||
their own web pages. So how is all this achieved? Well, it is quite
|
||
simple really....</P>
|
||
|
||
<P>All users, who are allowed their own webspace, have to be put in
|
||
the group <I>nogroup</I> (or <I>www-data</I> under Debian, etc). This can be
|
||
done, by editing the file "/etc/group" (as root), and locating the
|
||
line for "nogroup". Then at the end of the line, add the users' name
|
||
separated by a comma. Then save the file.</P>
|
||
|
||
<P>In a user's home directory, a directory called <B><I>public_html</I></B>
|
||
has to be created, thus (as user root type):</P>
|
||
|
||
<PRE>cd /home/auser/ && mkdir public_html</PRE>
|
||
|
||
<P>Where "auser" is the name of a valid user on the system.
|
||
Then the permissions have to be set. This is done by typing in the
|
||
following:</P>
|
||
|
||
<PRE>chmod 755 /home/auser/public_html</PRE>
|
||
|
||
<P>Then the last thing to do, is to set the group of that newly created
|
||
folder to <I>nogroup</I>. This can be done, by typing:</P>
|
||
|
||
<PRE>chown auser.nogroup /home/auser/public_html</PRE>
|
||
|
||
<P>Where "auser" is the name of the valid user.....substitute
|
||
as appropriate. The same procedure can be applied to all users. It
|
||
might also be an idea to play about with "useradd" so
|
||
that when you add new users, the "public_html" directory
|
||
with the permissions are set automatically.</P>
|
||
|
||
<P><I> [Actually, you don't <EM>have</EM> to do all that user and group
|
||
stuff, if you instead make sure the <I>public_html</I> directory and
|
||
all its files are world readable:
|
||
|
||
<PRE>chmod -R a+r /home/auser/public_html</PRE>
|
||
|
||
The important thing is that Apache has read access to the files. -- Mike Orr]
|
||
</I></P>
|
||
|
||
<P>So the next thing to do, is to make sure that Apache is aware of
|
||
what we have done. Open up the "httpd.conf" file, and lets
|
||
take a look......</P>
|
||
|
||
<P>By default, I think that the configuration that tells the Apache
|
||
about the public_html directive is commented out, or at least it was
|
||
in mine. From the beginning of the document, search for the keyword
|
||
<B>UserDir</B>. You should find something that looks like the
|
||
following:</P>
|
||
|
||
<PRE><IfModule mod_userdir.c>
|
||
UserDir public_html
|
||
</IfModule>
|
||
</PRE>
|
||
|
||
<P>If any of the above lines have a hash (#) symbol preceeding them,
|
||
delete them. The above lines tell Apache that the directory
|
||
"public_html" is to be used for html files for each user.</P>
|
||
|
||
<P>Directly below this are more related lines that tell apache what sort of
|
||
restrictions to apply. In the case of the following lines they are read-only.
|
||
If any of these are commented out, uncomment them.</P>
|
||
|
||
<PRE><Directory /home/*/public_html>
|
||
AllowOverride FileInfo AuthConfig Limit
|
||
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
|
||
<Limit GET POST OPTIONS PROPFIND>
|
||
Order allow,deny
|
||
Allow from all
|
||
</Limit>
|
||
<LimitExcept GET POST OPTIONS PROPFIND>
|
||
Order deny,allow
|
||
Deny from all
|
||
</LimitExcept>
|
||
</Directory></PRE>
|
||
|
||
<P>So now all that remains is to start to write the web pages. The only
|
||
other thing which you will find extremely useful is that if you
|
||
noticed my example earlier:</P>
|
||
|
||
<PRE>http://linuxservertom.purbeck.dorset.local/thomas_adam/</PRE>
|
||
|
||
<P>I had not specified a ".html" file to load. This is because
|
||
I had already told Apache a default file to look for within it. Such
|
||
a file is known as a <B>DirectoryIndex</B>, and you can specify
|
||
default files to load. Locate the following in your "httpd.conf"
|
||
file:</P>
|
||
|
||
<PRE><IfModule mod_dir.c>
|
||
DirectoryIndex index.html index.shtml lwm.html home.html
|
||
</IfModule></PRE>
|
||
|
||
<P>What this is telling Apache is that when a URL is specified, such as
|
||
the example above, with no extension file after it (*.htm*), then it
|
||
will look for a default file(s) specified after the flag
|
||
"DirectoryIndex". Thus in your "public_html"
|
||
file, if there was a file called "index.html", then this
|
||
would be loaded on default. You are able to specify multiple files
|
||
as in my example above. If Apache cannot find anyone of the above
|
||
files then the directory listing is displayed instead (unless you specify
|
||
a file to load).</P>
|
||
|
||
<P>One thing that I would like to mention at this point, is if you
|
||
have specified a hostname in "/etc/hosts", you can
|
||
substitute that name in place of "http://localhost". It is
|
||
for convienience that I use it here. Furthermore in "httpd.conf",
|
||
I would recommend that you find the following flag and substitute
|
||
<I>localhost</I> for the first part of your host name:</P>
|
||
|
||
<PRE>ServerName grangedairy</PRE>
|
||
|
||
<P>Thus my host name is <I>grangedairy.laptop</I>, I have simply put
|
||
<I>grangedairy</I>. The reasons for doing this will become apparant
|
||
from reading the <A HREF="#configalias">Alias Section</A></P>
|
||
|
||
<P>The last thing you have to do is with any changes that you make
|
||
to "httpd.conf", you have to stop and restart it. This can
|
||
be achieved by typing in the following (as root):</P>
|
||
|
||
<PRE>
|
||
killall httpd
|
||
httpd
|
||
</PRE>
|
||
|
||
<!-- End per-user web space -->
|
||
|
||
<!-- ------------------- -->
|
||
|
||
<!-- Begin config-alias -->
|
||
|
||
<H2><A NAME="configalias"></A>Using Apache: Aliases</H2>
|
||
|
||
<P>In this section, I shall be covering the rather short topic of
|
||
<I>Aliases</I>. Using the "httpd.conf" file, we can see a
|
||
list of aliases if we search for the keyword "alias".
|
||
Hopefully you should see a list which looks similar to the
|
||
following:</P>
|
||
|
||
<PRE>Alias /howto /usr/share/doc/howto/en/html/
|
||
Alias /mini /usr/share/doc/howto/en/html/mini/
|
||
Alias /lg /usr/share/doc/lg/
|
||
Alias /hilfe /usr/share/doc/susehilf/
|
||
Alias /doc /usr/share/doc/
|
||
Alias /cgi-bin-sdb /usr/local/httpd/cgi-bin/
|
||
Alias /sdb /usr/share/doc/sdb/
|
||
Alias /manual /usr/share/doc/packages/apache/manual/
|
||
Alias /htdig /opt/www/htdocs/htdig/
|
||
Alias /opt/kde/share/doc/HTML /opt/kde/share/doc/HTML/
|
||
Alias /opt/gnome/share/gnome/help/ /opt/gnome/share/gnome/help/
|
||
Alias /errors/ /usr/local/httpd/errors/
|
||
Alias /icons/ /usr/local/httpd/icons/
|
||
Alias /admin /usr/local/httpd/admin/
|
||
Alias /lwm /usr/share/doc/lg/lwm/</PRE>
|
||
|
||
<P>As you can see, what the above is saying, is that if the URL ends in
|
||
a "/howto" for example, then Apache is to get its web pages
|
||
from the directory "/usr/share/doc/howto/en/html". Once
|
||
again the default web page that it will load up is taken from
|
||
<I>DirectoryIndex</I>, as we saw earlier.</P>
|
||
|
||
<PRE>http://grangedairy/howto</PRE>
|
||
|
||
<P>You may remember that earlier I had said that you should specify a
|
||
<I>ServerName</I> flag in "httpd.conf". This was done so
|
||
that when you typed in the URL with one of the above aliases, you do
|
||
not need to put an extra forward slash at the end of the URL. You
|
||
see, originally, the above aliases, were alised thus:</P>
|
||
|
||
<PRE>Alias /howto/ /usr/share/doc/howto/en/html/
|
||
Alias /mini/ /usr/share/doc/howto/en/html/mini/</PRE>
|
||
|
||
<P>with extra forward slashes after the alias name. I soon got tired of
|
||
having to add this in myself and so I was able to tell Apache how to
|
||
do this for me. By setting the <I>ServerName</I> flag apache now
|
||
knows the name of my machine so that when I go to:</P>
|
||
|
||
<PRE>http://grangedairy/howto</PRE>
|
||
|
||
<P>It automatically appends the forward slash at the end. Cool, eh?? So
|
||
if you have done the same as me you can delete the trailing forward
|
||
slashes from the alias name because hopefully, you should not need
|
||
them!</P>
|
||
|
||
<!-- End config-alias -->
|
||
|
||
<! -- ---------------- -->
|
||
|
||
<!-- Begin Secure-directories -->
|
||
|
||
<H2><A NAME="configsecure"></A>Using Apache: Secure Directories</H2>
|
||
|
||
<P>The final part to my Apache tutorial is how to set up and create
|
||
"secure directories", i.e. those that require user
|
||
authentication before they are loaded. You will have noticed earlier
|
||
that in my listing examples of <I>Aliases</I>, there was one for
|
||
"/admin". This is in fact a secure directory.</P>
|
||
|
||
<P>You can set up secure directories in the same way that you would an
|
||
ordinary alias except this time, you have to tell Apache a little
|
||
bit about the directory itself and how it is to be parsed. So say
|
||
that you wanted to set up a secure directory <B><I>mysecuredir</I></B>,
|
||
at location "/usr/local/httpd/mysecuredir/" You would do
|
||
the following:</P>
|
||
|
||
<P>1. Add "/mysecuredir" to alias list:</P>
|
||
<PRE>alias /mysecuredir /usr/local/httpd/mysecuredir</PRE>
|
||
|
||
<P>2. Change to the location of the folder that you have specified in the <I>
|
||
alias</I> list, thus:</P>
|
||
<PRE>cd /usr/local/httpd</PRE>
|
||
|
||
<P>3. Create the directory "mysecuredir" by typing in:</P>
|
||
<PRE>mkdir mysecuredir && cd mysecuredir</PRE>
|
||
|
||
<P>This has created the directory, and changed to it.</P>
|
||
|
||
<P>4. Now the work begins. There are two files that we shall be using .htaccess
|
||
and htpasswd. The first file (.htaccess) is the one that we shall set up first. It is
|
||
this file that will store the information about how the "mysecuredir" is
|
||
to be used.</P>
|
||
|
||
<P>So at the console, use an editor such as <I>nano (a pico clone), jed, emacs,</I>
|
||
etc, to create the .htaccess file, and enter the following information, exactly as shown
|
||
because apache is case-sensitive in parsing commands!:</P>
|
||
|
||
<PRE>
|
||
AuthType Basic
|
||
AuthName "Restricted Directory"
|
||
AuthUserFile /usr/local/httpd/admin/htpasswd
|
||
require valid-user
|
||
</PRE>
|
||
|
||
<P> (Since ,htaccess starts with a period, it won't show up in
|
||
ordinary directory listings. Use "ls -a" to see it.)
|
||
|
||
<P>The commands above are the most common ones used to create a secure directory.
|
||
The table below will give a short description of the commands and how you can customise
|
||
them.<P>
|
||
|
||
<TABLE BORDER=2 WIDTH=100%>
|
||
<TBODY>
|
||
<TH>Option Tag</TH>
|
||
<TH>Meaning</TH>
|
||
<TR>
|
||
<TD WIDTH=25% ALIGN="middle"><B>AuthType</B></TD>
|
||
<TD ALIGN="left">This sets the authentication type. Basic is usally always used.</TD>
|
||
</TR>
|
||
<TR>
|
||
<TD WIDTH=25% ALIGN="middle"><B>AuthName</B></TD>
|
||
<TD ALIGN="left">Sets the name on the "login" box of the directory that you are
|
||
trying to connect to (see the screenshot below).</TD>
|
||
</TR>
|
||
<TR>
|
||
<TD WIDTH=25% ALIGN="middle"><B>AuthUserFile</B></TD>
|
||
<TD ALIGN="left">This is the file that is used to check for authentication, i.e. it
|
||
stores your username and password (encrypted of course). You must ensure
|
||
that you use the full path to the htpasswd file.</TD>
|
||
</TR>
|
||
<TR>
|
||
<TD WIDTH=25% ALIGN="middle"><B>require valid-user</B></TD>
|
||
<TD ALIGN="left">This says that access is only allowed to those who have a valid entry
|
||
in the htpasswd file.</TD>
|
||
</TR>
|
||
</TBODY>
|
||
</TABLE>
|
||
|
||
<P> Note: for additional security, put the htpasswd file somewhere that is
|
||
<EM>not</EM> accessible via URL--somewhere outside your web directory and
|
||
outside your alias directories. A .htaccess file must be in the URL-accessible
|
||
directory it's protecting, but the htpasswd file may be anywhere.
|
||
You may also share the same htpasswd file among several .htaccess directories
|
||
if desired.
|
||
|
||
<P>Ok, now that we have told apache how to handle the directory we now need to create the password file:</P>
|
||
|
||
<P>5. To create the <I>htpasswd</I> file you have to type in the following command (in the same directory
|
||
as the ".htaccess" file:</P>
|
||
|
||
<PRE>htpasswd -c htpasswd username</PRE>
|
||
|
||
<P>Whereby you replace "username" with your username. To keep adding users to the file, issue the same command, but remove the "-c" flag.</P>
|
||
|
||
<P>6. Now edit our friend <I>/etc/httpd/httpd.conf</I> and at the bottom of the alias list, add the following:</P>
|
||
|
||
<PRE>
|
||
<Directory /usr/local/httpd/*>
|
||
AllowOverride AuthConfig
|
||
</Directory>
|
||
</PRE>
|
||
|
||
<P>You may have to modify it slightly, but that will ensure that if apache meets any ".ht*" files
|
||
it will use them to apply security on them. To turn off this, for the above, change <I>AllowOverride AuthConfig</I>
|
||
to <I>AllowOverride None</I>.</P>
|
||
|
||
<P>Now stop and restart the <I>httpd</I> daemon</P>
|
||
|
||
<P>Ok now you are all set to try it out. Having saved the files go to your web browser and type in the following:</P>
|
||
|
||
<PRE>http://servername/mysecuredir</PRE>
|
||
|
||
<P>Making sure that you replace "servername" with either your hostname, or "localhost".
|
||
If successful you should see a dialog box similar to
|
||
<A HREF="misc/adam/screenshot.jpg">this screenshot</A>.</P>
|
||
|
||
<P>Once you have entered the correct details you should then be off and away. You may find however that
|
||
you can connect to the "mysecure" directory without having to supply any credentials. If this happens,
|
||
you need to check the following in your "/etc/httpd/httpd.conf" file.....
|
||
|
||
<P>It may be that apache has not been configured to recognise the use of ".ht*" files.
|
||
You can tell Apache to undo this, by setting the <I>AccessFileName</I> tag, thus:</P>
|
||
|
||
<I>AccessFileName .htaccess</I>
|
||
|
||
<P>Well, that concludes this entire section. I did consider writing a few words about the use of perl and cgi, but I
|
||
decided that Mark Nielsen has done a better job over the last few months. Furthermore, Ben Opoknik has been
|
||
creating yet another excellent tutorial, this time on Perl, so if you are interested in cgi programming,
|
||
I would start by reading these two series of articles :-)</P>
|
||
|
||
<!-- ------------------------- -->
|
||
<!-- End Secure-directories -->
|
||
<!-- End A brief introduction: Apache -->
|
||
<!-- --------------------------- -->
|
||
|
||
<HR>
|
||
|
||
<!-- -------------------------- -->
|
||
<!-- Begin PR: upx -->
|
||
<! -- -------------------------- -->
|
||
|
||
<H2><A NAME="progupx"></A>Program Review: Upx</H2>
|
||
|
||
<P>I stumbled across this program quite by accident. I was originally doing some research at school for the
|
||
acting network administrator (hi Dave!) which involved the use of power management, as we were having
|
||
some problems with monitors "sleeping (room D25)" but I digress.....</P>
|
||
|
||
<P>UPX (Ultimate Packer for eXecutables) is a compression program. What this program actually does, is
|
||
compress binary executable files which are self contained, and which do not slow down execution or memory
|
||
performance. A typical use for this type of program is best suited to laptop users, where harddrive space is of
|
||
enormous concern. Since I use my laptop for most things and only have a 3.2GB harddrive, I have found that
|
||
compressing the files stored in <CODE>"/usr/bin"</CODE> has cut the size of that directory in half!</P>
|
||
|
||
<P>Since it will only compress binary files, it is no good trying to compress the files stored in "/etc" for
|
||
example. I have found that compressing the following directories is ok:</P>
|
||
|
||
<PRE>
|
||
/usr/bin
|
||
/usr/X11R6/bin
|
||
/usr/local/bin
|
||
</PRE>
|
||
|
||
<FONT COLOR="red">
|
||
<P>One caveat that I should mention, is that I would NEVER use "upx" to compress the files stored in
|
||
both <B>"/bin"</B> and <B>"/usr/sbin"</B> When I rebooted my computer, I found that Init would
|
||
not run. Out came "Tom's root/boot" and I later discovered that the compression of these files was causing
|
||
the main Init program problems for some reason........</P>
|
||
</FONT>
|
||
|
||
<P>So to use the program, download the package from <A HREF="http://wildsau.idv.uni-linz.ac.at/mfx/upx.html" TARGET="_blank">
|
||
http://wildsau.idv.uni-linz.ac.at/mfx/upx.html</A>. I think you have the choice of either downloading the source
|
||
packages, or a pre-compiled executable.</P>
|
||
|
||
<P>I simply downloaded the pre-compiled package, unpacked it, and copied the main upx program to "/usr/bin".
|
||
then you are ready to start compressing files.</P>
|
||
|
||
<P>To compress a file, you have to type in the following:</P>
|
||
|
||
<PRE>upx /path/to/program/progname</PRE>
|
||
|
||
<P>and that will compress the program specified. You can also compress all files in the directory, by typing:</P>
|
||
|
||
<PRE>upx /path/to/programs/*</PRE>
|
||
|
||
<P>and UPX will happily go through all files, and instantly disregard those which are not Linux/386 format.</P>
|
||
|
||
<P>Here's a <A HREF="misc/adam/shupx.png">screenshot</A>
|
||
of UPX in action.</P>
|
||
|
||
<P>To decompress files, you have to use the "-d" flag, thus:</P>
|
||
|
||
<PRE>upx -d /path/to/prog/*</PRE>
|
||
|
||
<P>A common list of command-line options, are:</P>
|
||
|
||
<PRE>
|
||
Usage: upx [-123456789dlthVL] [-qvfk] [-o file] file..
|
||
|
||
Commands:
|
||
-1 compress faster -9 compress better
|
||
--best compress best (can be very slow for big files)
|
||
-d decompress -l list compressed file
|
||
-t test compressed file -V display version number
|
||
-h give this help -L display software license
|
||
|
||
Options:
|
||
-q be quiet -v be verbose
|
||
-oFILE write output to `FILE'
|
||
-f force compression of suspicious files
|
||
--no-color, --mono, --color, --no-progress change look
|
||
|
||
Backup options:
|
||
-k, --backup keep backup files
|
||
--no-backup no backup files [default]
|
||
|
||
Overlay options:
|
||
--overlay=copy copy any extra data attached to the file [default]
|
||
--overlay=strip strip any extra data attached to the file [dangerous]
|
||
--overlay=skip don't compress a file with an overlay
|
||
</PRE>
|
||
|
||
<P>Overall, the performance of the compressed files have been ok, and I have not noticed any loss in functionality.
|
||
The only program that did take a long time to load up once it had been compressed was <B>netscape</B> but that
|
||
did not bother me too much (netscape uses so much memory, I am used to waiting for it to load).</P>
|
||
|
||
<!-- -------------------------- -->
|
||
<!-- End PR: upx -->
|
||
<! -- -------------------------- -->
|
||
|
||
<HR>
|
||
|
||
<!-- -------------------------- -->
|
||
<!-- Begin PR: bb -->
|
||
<! -- -------------------------- -->
|
||
|
||
<H2><A NAME="progbb"></A>Program Review: bb</H2>
|
||
|
||
<P>In issue 67 of the Linux Gazette, Mike Orr,
|
||
<A HREF="../issue67/orr.html">reviewed</A> <B>cowsay/cowthink</B>, a
|
||
configurable talking cow that
|
||
displays messages in speech bubbles. Everything is written in Perl (my
|
||
second-favourite scripting language, after
|
||
bash) and is displayed in ASCII. I was so impressed with the cows that I decided to look for more ASCII programs. Out came my SuSE distribution CD's and I found the program <B>bb</B>.......</P>
|
||
|
||
<P><B>bb</B> is a fully-working ASCII demo,
|
||
which uses ANSI C and is SVGA compatible. <B>bb</B> makes use of the
|
||
aa_lib package (ASCII art library) so you will have to install it along with
|
||
the main package. The demo produces a range of different simulated pictures,
|
||
from random tumbling characters (going through different shades of grey), to an
|
||
ASCII simulated mandlebrot fractual!! (which incidentially inspired the colour
|
||
version of <B>Xaos</B>). </P>
|
||
|
||
<P>You can get <B>bb</B> from
|
||
<A HREF="ftp://ftp.bonn.linux.de/pub/misc/bb-1.2.tar.gz">
|
||
ftp://ftp.bonn.linux.de/pub/misc/bb-1.2.tar.gz</A>.</P>
|
||
|
||
<P> <B>bb</B> used to have
|
||
a home page, but unfortunately it's gone. However, project <B>aa</B>
|
||
(the ASCII Art library) is what <B>bb</B> is based on, and it has a home
|
||
page at
|
||
<A HREF="http://aa-project.sourceforge.net/">http://aa-project.sourceforge.net/</A>.
|
||
The <B>aa</B> page also discusses <B>aview</B> (an ASCII art viewer),
|
||
<B>aatv</B> (to view TV programs on your text console), <B>ttyquake</B>
|
||
(a text version of Quake), <B>Dumb</B> (a Doom clone), <B>apron</B> (an
|
||
mpeg1 player), and other programs. <B>ttyquake</B> does require the
|
||
graphical Quake to be installed, so it uses the original Quake game
|
||
files. One commentator writes of <b>ttyquake</B>, "people are starving to
|
||
death in this world... and somebody had time for this....."
|
||
|
||
<P><B>bb</B> is best run from the console, but it can be run from within an
|
||
X-terminal window, as shown by <A HREF="misc/adam/bbscreenshot.png">this
|
||
screenshot</A>.</P>
|
||
|
||
<P>The valid command-line options for <B>bb</B> are:</P>
|
||
|
||
<PRE>
|
||
Usage: bb [aaoptions] [number]
|
||
|
||
Options:
|
||
-loop play demo in infinite loop
|
||
|
||
AAlib options:
|
||
-driver select driver
|
||
available drivers:linux curses X11 stdout stderr
|
||
-kbddriver select keyboard driver
|
||
available drivers:curses X11 stdin
|
||
-mousedriver select mouse driver
|
||
available drivers:X11 gpm cursesdos
|
||
|
||
Size options:
|
||
-width set width
|
||
-height set height
|
||
-minwidth set minimal width
|
||
-minheight set minimal height
|
||
-maxwidth set maximal width
|
||
-maxheight set maximal height
|
||
-recwidth set recomended width
|
||
-recheight set recomended height
|
||
|
||
Attributes:
|
||
-dim enable usage of dim (half bright) attribute
|
||
-bold enable usage of bold (double bright) attribute
|
||
-reverse enable usage of reverse attribute
|
||
-normal enable usage of normal attribute
|
||
-boldfont enable usage of boldfont attrubute
|
||
-no<attr> disable (i.e -nobold)
|
||
|
||
Font rendering options:
|
||
-extended use all 256 characters
|
||
-eight use eight bit ascii
|
||
-font <font> select font(This option have effect just on hardwares
|
||
where aalib is unable to determine current font
|
||
available fonts:vga8 vga9 mda14 vga14 X8x13 X8x16
|
||
X8x13bold vgagl8 line
|
||
|
||
Rendering options:
|
||
-inverse enable inverse rendering
|
||
-noinverse disable inverse rendering
|
||
-bright <val> set bright (0-255)
|
||
-contrast <val> set contrast (0-255)
|
||
-gamma %lt;val> set gamma correction value(0-1)
|
||
|
||
Ditherng options:
|
||
-nodither disable dithering
|
||
-floyd_steinberg floyd steinberg dithering
|
||
-error_distribution error distribution dithering
|
||
-random <val> set random dithering value(0-inf)
|
||
Monitor parameters:
|
||
-dimmul <val> multiply factor for dim color (5.3)
|
||
-boldmul <val> multiply factor for dim color (2.7)
|
||
The default parameters are set to fit my monitor (15" goldstar)
|
||
With contrast set to maximum and bright set to make black black
|
||
This values depends at quality of your monitor (and setting of controls
|
||
Defaultd settings should be OK for most PC monitors. But ideal monitor
|
||
Needs dimmul=1.71 boldmul=1.43. For example monitor used by SGI is very
|
||
close to this values. Also old 14" vga monitors needs higher values.
|
||
</PRE>
|
||
|
||
<P>I really do think that if you're into ASCII art, you should give this demo a
|
||
go. It lasts for approximately 5 minutes.</P>
|
||
|
||
<!-- -------------------------- -->
|
||
<!-- End PR: bb -->
|
||
<! -- -------------------------- -->
|
||
|
||
<HR>
|
||
|
||
<!-- -------------------------- -->
|
||
<!-- Begin Closing Time -->
|
||
<! -- -------------------------- -->
|
||
|
||
<H2><A NAME="closing">Closing Time</A></H2>
|
||
|
||
<P>Well, you've made it to the end of this months article. Looking ahead to next month, I am going to be writing an
|
||
article about how to write efficient manual pages (anyone remember groff processing??) and whatever else I can think of.
|
||
However it would be nice to hear from anyone who has article suggestions, as I am running out of ideas.....slowly. If there
|
||
is anything you feel would be good to include in the LWM, drop me a note :-)</P>
|
||
|
||
<P>Also, in case anyone is interested, all the screenshots that have appeared in this document, have been using made using
|
||
the "GNU Image Manipulation Program" and are of the <B>FVWM2</B> window manager, running the M4 preprocessor <B>AnotherLevel</B>.
|
||
|
||
<P>As a final notice, I would like to say that as I am no longer at school anymore, my "n6tadam@users.purbeck.
|
||
dorset.sch.uk" account is invalid, and I now have a new account (see below).</P>
|
||
|
||
<P>So until next time....<B>happy linuxing!</B></P>
|
||
|
||
<!-- -------------------------- -->
|
||
<!-- End Closing Time -->
|
||
<! -- -------------------------- -->
|
||
|
||
<HR>
|
||
|
||
<!-- ** Begin table comments, etc. Oh wakey wakey you idiot Thomas ** -->
|
||
<TABLE BORDER=0 ALIGN="center" WIDTH=60%>
|
||
<TH></TH>
|
||
<TH></TH>
|
||
<TH></TH>
|
||
<TR>
|
||
<TD WIDTH=10%><IMG ALT="" SRC="../gx/adam/mail.png" ALIGN="left" WIDTH="64" HEIGHT="64"></TD>
|
||
<TD WIDTH=80% ALIGN="center"><FONT COLOR="red" SIZE="5">Send Your Comments</FONT></TD>
|
||
<TD WIDTH=10%><IMG ALT="" SRC="../gx/adam/mail.png" ALIGN="left" WIDTH="64" HEIGHT="64"></TD>
|
||
</TR>
|
||
</TABLE>
|
||
|
||
<P ALIGN="center"><FONT SIZE="3">Any comments, suggestions, ideas, etc can be
|
||
mailed to me by clicking the e-mail address link below:</FONT></P>
|
||
|
||
<P ALIGN="center"><FONT SIZE="3"><A
|
||
HREF="mailto:thomas_adam16@yahoo.com"><thomas_adam16@yahoo.com></A></FONT></P>
|
||
|
||
<CENTER>
|
||
|
||
</CENTER>
|
||
<!-- *** BEGIN copyright *** -->
|
||
<P>
|
||
<HR>
|
||
<!-- P -->
|
||
|
||
<H5 align=center>Copyright <20> 2001, Thomas Adam.<BR>Copying license <A
|
||
href="http://www.linuxgazette.com/copying.html">copying.html</A>
|
||
|
||
<BR>
|
||
Published in Issue 70 of <I>Linux Gazette</I>, September 2001
|
||
|
||
</H5>
|
||
<!-- *** END copyright *** -->
|
||
</BODY>
|
||
</HTML>
|
||
|
||
|
||
|
||
|
||
<!-- *** BEGIN bio *** -->
|
||
<SPACER TYPE="vertical" SIZE="30">
|
||
<P>
|
||
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Thomas Adam</H4>
|
||
<EM>My name is Thomas Adam. I am 18, and am currently studying for A-Levels
|
||
(=university entrance exam). I live
|
||
on a small farm, in the county of Dorset in England. I am a massive Linux
|
||
enthusiast, and help with linux proxy issues while I am at school. I have been
|
||
using Linux now for about six years. When not using Linux, I play the piano,
|
||
and enjoy walking and cycling.</EM>
|
||
|
||
|
||
<!-- *** END bio *** -->
|
||
|
||
<!-- *** BEGIN copyright *** -->
|
||
<P> <hr> <!-- P -->
|
||
<H5 ALIGN=center>
|
||
|
||
Copyright © 2001, Thomas Adam.<BR>
|
||
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
|
||
Published in Issue 70 of <i>Linux Gazette</i>, September 2001</H5>
|
||
<!-- *** END copyright *** -->
|
||
|
||
<!--startcut ==========================================================-->
|
||
<HR><P>
|
||
<CENTER>
|
||
<!-- *** BEGIN navbar *** -->
|
||
<IMG ALT="" SRC="../gx/navbar/left.jpg" WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom"><A HREF="lg_tips70.html"><IMG ALT="[ Prev ]" SRC="../gx/navbar/prev.jpg" WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="index.html"><IMG ALT="[ Table of Contents ]" SRC="../gx/navbar/toc.jpg" WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../index.html"><IMG ALT="[ Front Page ]" SRC="../gx/navbar/frontpage.jpg" WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="http://www.linuxgazette.com/cgi-bin/talkback/all.py?site=LG&article=http://www.linuxgazette.com/issue70/adam.html"><IMG ALT="[ Talkback ]" SRC="../gx/navbar/talkback.jpg" WIDTH="121" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../faq/index.html"><IMG ALT="[ FAQ ]" SRC="./../gx/navbar/faq.jpg"WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="arndt.html"><IMG ALT="[ Next ]" SRC="../gx/navbar/next.jpg" WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><IMG ALT="" SRC="../gx/navbar/right.jpg" WIDTH="15" HEIGHT="45" ALIGN="bottom">
|
||
<!-- *** END navbar *** -->
|
||
</CENTER>
|
||
</BODY></HTML>
|
||
<!--endcut ============================================================-->
|