Procedures: Difference between revisions

From Edgar BV Wiki
Jump to navigation Jump to search
New page: /usr/sbin/meta-verify Checks the /etc/passwd and /etc/group files, and the /etc/httpd/conf/httpd.conf /usr/local/majordomo for the users and mailinglists and sitelists, and then puts them...
 
No edit summary
Line 1: Line 1:
/usr/sbin/meta-verify
<pre>/usr/sbin/meta-verify


Checks the /etc/passwd and /etc/group files, and the /etc/httpd/conf/httpd.conf /usr/local/majordomo for the users and mailinglists and sitelists, and then puts them in the site management list.
Checks the /etc/passwd and /etc/group files, and the /etc/httpd/conf/httpd.conf /usr/local/majordomo for the users and mailinglists and sitelists, and then puts them in the site management list.
Line 171: Line 171:
}
}


--------------------- paste --------------------
--------------------- paste --------------------</pre>


This script will replace all the zone files in the specified dirs with the specified IP's. Change them all and copy the old zonefiles somewhere safe. Then copy the new zonefiles somewhere safe, and with any luck people will be visiting the Tripsafe via the web.
This script will replace all the zone files in the specified dirs with the specified IP's. Change them all and copy the old zonefiles somewhere safe. Then copy the new zonefiles somewhere safe, and with any luck people will be visiting the Tripsafe via the web.

Revision as of 14:22, 2 March 2007

/usr/sbin/meta-verify

Checks the /etc/passwd and /etc/group files, and the /etc/httpd/conf/httpd.conf /usr/local/majordomo for the users and mailinglists and sitelists, and then puts them in the site management list.

/home/quota*
sets the quota's for all the users and groups

When copying /etc/passwd and /etc/group, the file permissions on copy have to be checked (ownership) and don't copy all the info, only the added users (not the old users). Don't forget passwd- and group- and shadow and shadow-.

Set the 'date' to the right time
date -s 20030428
date -s 17:43

Set the processor clock to the right time
clock --set --date 20030428
clock --set --date 17:43

in VI /var/log/httpd/access
:%s/03\/Jun\/2006/24\/Oct\/2003/g

the file permissions in
/usr/local/majordomo
/home/spool/mail
/home/sites

are important!

Install all the security updates from sun, then the extra packages from pkgmaster.com

There is a migration utility at 

http://www.sun.com/hardware/serverappliances/documentation/other.html

But I haven't tried it yet...

To restore the error pages, insert this into /etc/httpd/conf/srm.conf

ErrorDocument 401 /cobalt_error/401.html
ErrorDocument 403 /cobalt_error/403.html
ErrorDocument 404 /cobalt_error/404.html
ErrorDocument 405 /cobalt_error/405.html
ErrorDocument 500 /cobalt_error/500.html
ErrorDocument 503 /cobalt_error/503.html

In the /etc/httpd/conf/access.conf
Change the
Options Indexes FollowSymLinks Includes MultiViews
to
Options -Indexes FollowSymLinks Includes MultiViews
to stop directory traversal

and copy the error files into

/usr/admserv/.cobalt/html/error

To get the /home/sites/ user and group permissions right:

------------------------------ cut -----------------------------------

#!/usr/bin/perl -w

# So it's ugly - sue me.
# requires a copy of /etc/passwd and /etc/group
# redirect to a new file and remove the "^--" and "admins are.." lines. You now # have a list of shell commands to fix perms in /home/sites/ ..

@admins = ();

# get admins

open (FD, "group") || die "can't open group!";

foreach (<FD>) {
        next if ($_ !~ /^site/);
        @list = split (":", $_);
        @usrs = split (",", $list[3]);
        chomp ($usrs[1]);
        push (@admins, $usrs[1]);
}

close (FD);

print "--\tAdmins are... \n";

foreach $admin (@admins) {
        print "$admin ";
}

print "\n--\t".$#admins." in total..\n";

open (FD, "passwd") || die "can't open passwd!";

foreach (<FD>) {
        next if ($_ !~ /site/);
        @a = split (":", $_);
        next if ($a[5] =~ /admin/);


        # chdir ($a[5]);
        @b = split ("/", $a[5]);
        print "--\t".$a[0]." has group ".$b[3]." ..\n";
        # `chown -R $a[0]:$a[4] .`;

        print "cd $a[5]\n";
        print "chown -R $a[0]:$b[3] $a[5]\n";

        # fugly..
        foreach $e (@admins) {
                if ($e eq $a[0]) {$admin = 1};
        }

        if (defined($admin)) {
                print "--\t and user is an admin ..\n";

        print "chgrp -R $b[3] /home/sites/$b[3]\n";
        print "chown -R $a[0] /home/sites/$b[3]/web/*\n";
        print "chown nobody:$b[3] /home/sites/$b[3]/*\n";
        print "chown -R nobody:$b[3] /home/sites/$b[3]/certs/*\n";
        print "chown -R root:$b[3] /home/sites/$b[3]/logs/*\n";

        }
        print "\n\n";
        undef($admin);
}

close (FD);

------------------------------------- paste -----------------------------------

put own.pl into a directory, and copy /etc/passwd and /etc/group in there as well before running.


Chown following dirs:

chown httpd /home/sites/www.dimfactory.com/web/secure/cmdbs/data -R
chown httpd /home/sites/www.soonshartong.nl/web/bog/aanbod/foto -R
chown httpd /home/sites/www.soonshartong.nl/web/bog/aanbod/thumbnail -R
chown httpd /home/sites/www.pantarheyn.nl/web/pantascope/pantapit/PIT-M/cache -R
chown httpd /home/sites/www.pantarheyn.nl/web/pantascope/pantapit/PIT-L/cache -R

chmod 777 /home/sites/www.allememaggies.nl/web/Techniek.txt

SHOULD THE RAQ GO DOWN!

--------------- cut ---------------------

#!/usr/bin/perl -w

$soa_dir     = "/root/src/soa/";
$new_soa_dir = "/root/src/new_soa";
$old_ip      = "212.61.33.42";
$new_ip      = "213.84.24.229";


chdir ($soa_dir);

@zones = `ls`;

foreach $zone (@zones) {
        print "Running $zone...\n";
        $zone_out = "$zone";
        open (FDI, $zone) || die "1:can't open $zone!\n";
        chdir ($new_soa_dir);
        open (FDO, ">$zone_out") || die "2:can't open $zone_out!\n";
        foreach (<FDI>) {
                s/$old_ip/$new_ip/g;
                print FDO $_;
        }
        close (FDO);
        close (FDI);
        chdir($soa_dir);
}

--------------------- paste --------------------

This script will replace all the zone files in the specified dirs with the specified IP's. Change them all and copy the old zonefiles somewhere safe. Then copy the new zonefiles somewhere safe, and with any luck people will be visiting the Tripsafe via the web.