Tuesday, November 30, 2010

Show IP address before login

Put following in your /etc/rc.local file:

echo "CentOS release 5 (Final)" > /etc/issue
echo "Kernel \r on an \m" >> /etc/issue
echo "">> /etc/issue
echo "$(ifconfig eth0 | grep inet | cut -d : -f 2 | cut -d \ -f 1)" >> /etc/issue
echo "" >> /etc/issue


http://crazytoon.com/2008/04/22/linux-how-to-change-login-prompt-in-linux/
http://linuxhelp.blogspot.com/2005/10/change-system-login-banner-in-linux.html

Change hostname

vi /etc/sysconfig/network

HOSTNAME=Cent.localdomain

#change to Cent

http://wiki.centos.org/FAQ/CentOS5

Sunday, November 7, 2010

Bug in Apache? Allow all script in /var/www/cgi-bin

etc/httpd/conf/httpd.conf


<Directory "/var/www/cgi-bin">
    Options ExecCGI
    AddHandler cgi-script .py
# still allow all script, not just .py :(
</Directory>

I think this should only allow .py script, but it allow any executable file.

<Directory "/home/*/public_html/cgi-bin">
    Options ExecCGI
    AddHandler cgi-script .py
</Directory>

As the above only allow .py script in /home/*/public_html/cgi-bin.
or I missed something :(

Enable python CGI script in user directory (public_html/cgi-bin)

edit /etc/httpd/conf/httpd.conf
add these section


<Directory "/home/*/public_html/cgi-bin">
    Options ExecCGI
    AddHandler cgi-script .py
</Directory>

Then restart the server
/usr/sbin/apachectl restart


If there is any error, check httpd error log
tail /var/log/httpd/error_log

[Mon Nov 08 10:21:05 2010] [error] [client 192.168.106.31] suexec policy violation: see suexec log for more details
[Mon Nov 08 10:21:05 2010] [error] [client 192.168.106.31] Premature end of script headers: ...py

error from suexec, check suexec log
tail /var/log/httpd/suexec.log

[2010-11-08 10:22:51]: uid: (500/s) gid: (500/500) cmd: ..py
[2010-11-08 10:22:51]: directory is writable by others: ..


The directory should not be writable by others (security reason)
chmod 711 /home/user-abc/public_html/cgi-bin

If there is another error, check both logs again.

Enable user directory (public_html)

edit /etc/httpd/conf/httpd.conf

remove this line
UserDir disable

and uncomment this line
UserDir public_html

(or can just change the first line)

Then restart the server
/usr/sbin/apachectl restart

If SELinux is enabled (I did), you must also need to run these

/usr/sbin/setsebool -P httpd_enable_homedirs true
chcon -R -t httpd_sys_content_t /home/user-abc/public_html

(do not forget to change the path on the second line)


from Apache Userdir with SELinux on Fedora 13/14, CentOS 5.5, Red Hat (RHEL) 5.5/6

Saturday, November 6, 2010

Testing httpd using telnet

Using telnet command
(assuming the ip address of your machine is 192.168.106.120 or you can use localhost)

telnet  192.168.106.120  80

Then type "abc" and Enter


<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>501 Method Not Implemented</title>
</head><body>
<h1>Method Not Implemented</h1>
<p>a to / not supported.<br />
</p>
<hr>
<address>Apache/2.2.3 (CentOS) Server at localhost.localdomain Port 80</address>
</body></html>
Connection closed by foreign host.


Try using telnet again but this time type "GET" then Enter

Different output?

Now open a browser and put 192.168.106.120 as the address

Should see a lot of info (including below)

"...
If you are the website administrator:
You may now add content to the directory /var/www/html/..."


Now go into /var/www/html and create index.html containing this line
Hello from CentOS

Then refresh the page on the browser
(also telnet and see)