Procedures
Jump to navigation
Jump to search
/usr/sbin/meta-verify
Checks the /etc/passwd and /etc/group files, and the /etc/httpd/conf/httpd.conf /usr/local/majordomo for the users and mailinglists and sitelists, and then puts them in the site management list.
/home/quota*
sets the quota's for all the users and groups
When copying /etc/passwd and /etc/group, the file permissions on copy have to be checked (ownership) and don't copy all the info, only the added users (not the old users). Don't forget passwd- and group- and shadow and shadow-.
Set the 'date' to the right time
date -s 20030428
date -s 17:43
Set the processor clock to the right time
clock --set --date 20030428
clock --set --date 17:43
in VI /var/log/httpd/access
:%s/03\/Jun\/2006/24\/Oct\/2003/g
the file permissions in
/usr/local/majordomo
/home/spool/mail
/home/sites
are important!
Install all the security updates from sun, then the extra packages from pkgmaster.com
There is a migration utility at
http://www.sun.com/hardware/serverappliances/documentation/other.html
But I haven't tried it yet...
To restore the error pages, insert this into /etc/httpd/conf/srm.conf
ErrorDocument 401 /cobalt_error/401.html
ErrorDocument 403 /cobalt_error/403.html
ErrorDocument 404 /cobalt_error/404.html
ErrorDocument 405 /cobalt_error/405.html
ErrorDocument 500 /cobalt_error/500.html
ErrorDocument 503 /cobalt_error/503.html
In the /etc/httpd/conf/access.conf
Change the
Options Indexes FollowSymLinks Includes MultiViews
to
Options -Indexes FollowSymLinks Includes MultiViews
to stop directory traversal
and copy the error files into
/usr/admserv/.cobalt/html/error
To get the /home/sites/ user and group permissions right:
------------------------------ cut -----------------------------------
#!/usr/bin/perl -w
# So it's ugly - sue me.
# requires a copy of /etc/passwd and /etc/group
# redirect to a new file and remove the "^--" and "admins are.." lines. You now # have a list of shell commands to fix perms in /home/sites/ ..
@admins = ();
# get admins
open (FD, "group") || die "can't open group!";
foreach (<FD>) {
next if ($_ !~ /^site/);
@list = split (":", $_);
@usrs = split (",", $list[3]);
chomp ($usrs[1]);
push (@admins, $usrs[1]);
}
close (FD);
print "--\tAdmins are... \n";
foreach $admin (@admins) {
print "$admin ";
}
print "\n--\t".$#admins." in total..\n";
open (FD, "passwd") || die "can't open passwd!";
foreach (<FD>) {
next if ($_ !~ /site/);
@a = split (":", $_);
next if ($a[5] =~ /admin/);
# chdir ($a[5]);
@b = split ("/", $a[5]);
print "--\t".$a[0]." has group ".$b[3]." ..\n";
# `chown -R $a[0]:$a[4] .`;
print "cd $a[5]\n";
print "chown -R $a[0]:$b[3] $a[5]\n";
# fugly..
foreach $e (@admins) {
if ($e eq $a[0]) {$admin = 1};
}
if (defined($admin)) {
print "--\t and user is an admin ..\n";
print "chgrp -R $b[3] /home/sites/$b[3]\n";
print "chown -R $a[0] /home/sites/$b[3]/web/*\n";
print "chown nobody:$b[3] /home/sites/$b[3]/*\n";
print "chown -R nobody:$b[3] /home/sites/$b[3]/certs/*\n";
print "chown -R root:$b[3] /home/sites/$b[3]/logs/*\n";
}
print "\n\n";
undef($admin);
}
close (FD);
------------------------------------- paste -----------------------------------
put own.pl into a directory, and copy /etc/passwd and /etc/group in there as well before running.
Chown following dirs:
chown httpd /home/sites/www.dimfactory.com/web/secure/cmdbs/data -R
chown httpd /home/sites/www.soonshartong.nl/web/bog/aanbod/foto -R
chown httpd /home/sites/www.soonshartong.nl/web/bog/aanbod/thumbnail -R
chown httpd /home/sites/www.pantarheyn.nl/web/pantascope/pantapit/PIT-M/cache -R
chown httpd /home/sites/www.pantarheyn.nl/web/pantascope/pantapit/PIT-L/cache -R
chmod 777 /home/sites/www.allememaggies.nl/web/Techniek.txt
SHOULD THE RAQ GO DOWN!
--------------- cut ---------------------
#!/usr/bin/perl -w
$soa_dir = "/root/src/soa/";
$new_soa_dir = "/root/src/new_soa";
$old_ip = "212.61.33.42";
$new_ip = "213.84.24.229";
chdir ($soa_dir);
@zones = `ls`;
foreach $zone (@zones) {
print "Running $zone...\n";
$zone_out = "$zone";
open (FDI, $zone) || die "1:can't open $zone!\n";
chdir ($new_soa_dir);
open (FDO, ">$zone_out") || die "2:can't open $zone_out!\n";
foreach (<FDI>) {
s/$old_ip/$new_ip/g;
print FDO $_;
}
close (FDO);
close (FDI);
chdir($soa_dir);
}
--------------------- paste --------------------
This script will replace all the zone files in the specified dirs with the specified IP's. Change them all and copy the old zonefiles somewhere safe. Then copy the new zonefiles somewhere safe, and with any luck people will be visiting the server via the web.