Procedures
/usr/sbin/meta-verify Checks the /etc/passwd and /etc/group files, and the /etc/httpd/conf/httpd.conf /usr/local/majordomo for the users and mailinglists and sitelists, and then puts them in the site management list. /home/quota* sets the quota's for all the users and groups When copying /etc/passwd and /etc/group, the file permissions on copy have to be checked (ownership) and don't copy all the info, only the added users (not the old users). Don't forget passwd- and group- and shadow and shadow-. Set the 'date' to the right time date -s 20030428 date -s 17:43 Set the processor clock to the right time clock --set --date 20030428 clock --set --date 17:43 in VI /var/log/httpd/access :%s/03\/Jun\/2006/24\/Oct\/2003/g the file permissions in /usr/local/majordomo /home/spool/mail /home/sites are important! Install all the security updates from sun, then the extra packages from pkgmaster.com There is a migration utility at http://www.sun.com/hardware/serverappliances/documentation/other.html But I haven't tried it yet... To restore the error pages, insert this into /etc/httpd/conf/srm.conf ErrorDocument 401 /cobalt_error/401.html ErrorDocument 403 /cobalt_error/403.html ErrorDocument 404 /cobalt_error/404.html ErrorDocument 405 /cobalt_error/405.html ErrorDocument 500 /cobalt_error/500.html ErrorDocument 503 /cobalt_error/503.html In the /etc/httpd/conf/access.conf Change the Options Indexes FollowSymLinks Includes MultiViews to Options -Indexes FollowSymLinks Includes MultiViews to stop directory traversal and copy the error files into /usr/admserv/.cobalt/html/error To get the /home/sites/ user and group permissions right: ------------------------------ cut ----------------------------------- #!/usr/bin/perl -w # So it's ugly - sue me. # requires a copy of /etc/passwd and /etc/group # redirect to a new file and remove the "^--" and "admins are.." lines. You now # have a list of shell commands to fix perms in /home/sites/ .. @admins = (); # get admins open (FD, "group") || die "can't open group!"; foreach (<FD>) { next if ($_ !~ /^site/); @list = split (":", $_); @usrs = split (",", $list[3]); chomp ($usrs[1]); push (@admins, $usrs[1]); } close (FD); print "--\tAdmins are... \n"; foreach $admin (@admins) { print "$admin "; } print "\n--\t".$#admins." in total..\n"; open (FD, "passwd") || die "can't open passwd!"; foreach (<FD>) { next if ($_ !~ /site/); @a = split (":", $_); next if ($a[5] =~ /admin/); # chdir ($a[5]); @b = split ("/", $a[5]); print "--\t".$a[0]." has group ".$b[3]." ..\n"; # `chown -R $a[0]:$a[4] .`; print "cd $a[5]\n"; print "chown -R $a[0]:$b[3] $a[5]\n"; # fugly.. foreach $e (@admins) { if ($e eq $a[0]) {$admin = 1}; } if (defined($admin)) { print "--\t and user is an admin ..\n"; print "chgrp -R $b[3] /home/sites/$b[3]\n"; print "chown -R $a[0] /home/sites/$b[3]/web/*\n"; print "chown nobody:$b[3] /home/sites/$b[3]/*\n"; print "chown -R nobody:$b[3] /home/sites/$b[3]/certs/*\n"; print "chown -R root:$b[3] /home/sites/$b[3]/logs/*\n"; } print "\n\n"; undef($admin); } close (FD); ------------------------------------- paste ----------------------------------- put own.pl into a directory, and copy /etc/passwd and /etc/group in there as well before running. Chown following dirs: chown httpd /home/sites/www.dimfactory.com/web/secure/cmdbs/data -R chown httpd /home/sites/www.soonshartong.nl/web/bog/aanbod/foto -R chown httpd /home/sites/www.soonshartong.nl/web/bog/aanbod/thumbnail -R chown httpd /home/sites/www.pantarheyn.nl/web/pantascope/pantapit/PIT-M/cache -R chown httpd /home/sites/www.pantarheyn.nl/web/pantascope/pantapit/PIT-L/cache -R chmod 777 /home/sites/www.allememaggies.nl/web/Techniek.txt SHOULD THE RAQ GO DOWN! --------------- cut --------------------- #!/usr/bin/perl -w $soa_dir = "/root/src/soa/"; $new_soa_dir = "/root/src/new_soa"; $old_ip = "212.61.33.42"; $new_ip = "213.84.24.229"; chdir ($soa_dir); @zones = `ls`; foreach $zone (@zones) { print "Running $zone...\n"; $zone_out = "$zone"; open (FDI, $zone) || die "1:can't open $zone!\n"; chdir ($new_soa_dir); open (FDO, ">$zone_out") || die "2:can't open $zone_out!\n"; foreach (<FDI>) { s/$old_ip/$new_ip/g; print FDO $_; } close (FDO); close (FDI); chdir($soa_dir); } --------------------- paste --------------------
This script will replace all the zone files in the specified dirs with the specified IP's. Change them all and copy the old zonefiles somewhere safe. Then copy the new zonefiles somewhere safe, and with any luck people will be visiting the server via the web.