Re: Trying to move my httpd chroot
On Mar 16 20:58:59, alan01...@gmail.com wrote: > I don't have enough room in / to have my htdocs there so I want to > move it to /usr/htdocs. This is in 5.7. No problem I thought, I've > had to do it before. So my /etc/httpd.conf looks like this: > > chroot "/usr/htdocs" Why din't you use he standard /var/www? > And I get logging into /usr/htdocs/logs but httpd doesn''t seem to > find files in /usr/htdocs. What is your "root" directive for the server? Remember, it's relative to the chroot. > I get a 404 error that says OpenBSD httpd > in it but it can't find even index.html which does exist. I've played > with htdocs vs htdocs/. If I comment out the chroot line it finds > files in /var/www/htdocs. My /usr is in a different MBR partition > (actually an exended one) with 129 gigs free. You might be better off having /usr hold your /usr, and have a biug separate /var/www for your web content. Then you can leave httpd chroot the default. > Anybody tried to move their htdocs? I didn't find anything by > searching. I wouldn't want to write something and put it out there > for everybody to beat on. I did read the PDF and man pages. > > Also I found that if I set httpd_flags to "-d -v" in > /etc/rc.conf.local then booting the machine seems to hang there. Without -d, the httpd deamonizes into the background, and the boot goes on. With -d, it stays running in the foreground; only after you kill it, the boot will go on. Jan
Re: Trying to move my httpd chroot
On Wed, Mar 16, 2016 at 8:58 PM, Alan Corey wrote:
> I don't have enough room in / to have my htdocs there so I want to
> move it to /usr/htdocs. This is in 5.7. No problem I thought, I've
> had to do it before. So my /etc/httpd.conf looks like this:
>
> chroot "/usr/htdocs"
It's probably supposed to be
chroot "/usr"
Check out `man httpd.conf`. Look at the descriptions for the `chroot`
and `root` settings. It appears that both of these settings combine
to get you what you're looking for in this case.
> server "d530.my.domain" {
> listen on * port 80
> }
>
> And I get logging into /usr/htdocs/logs but httpd doesn''t seem to
> find files in /usr/htdocs. I get a 404 error that says OpenBSD httpd
> in it but it can't find even index.html which does exist. I've played
> with htdocs vs htdocs/. If I comment out the chroot line it finds
> files in /var/www/htdocs. My /usr is in a different MBR partition
> (actually an exended one) with 129 gigs free.
>
> Anybody tried to move their htdocs? I didn't find anything by
> searching. I wouldn't want to write something and put it out there
> for everybody to beat on. I did read the PDF and man pages.
>
> Also I found that if I set httpd_flags to "-d -v" in
> /etc/rc.conf.local then booting the machine seems to hang there.
> Permissions on the file look like:
> -rwxr--r-- 1 www daemon 4022 Jan 19 2015 index.html
>
> --
> Credit is the root of all evil. - AB1JX
Re: Trying to move my httpd chroot
Bingo. /usr does it. One clue I guess was that it was logging into
/usr/logs. With Apache at least the chroot dir wasn't the same as the
document root. And you don't want the logs dir readable through the
httpd. So essentially there's htdocs and logs inside of what you
specify as a chroot dir.
On 3/16/16, Rick Hanson wrote:
> On Wed, Mar 16, 2016 at 8:58 PM, Alan Corey wrote:
>> I don't have enough room in / to have my htdocs there so I want to
>> move it to /usr/htdocs. This is in 5.7. No problem I thought, I've
>> had to do it before. So my /etc/httpd.conf looks like this:
>>
>> chroot "/usr/htdocs"
>
> It's probably supposed to be
>
> chroot "/usr"
>
> Check out `man httpd.conf`. Look at the descriptions for the `chroot`
> and `root` settings. It appears that both of these settings combine
> to get you what you're looking for in this case.
>
>> server "d530.my.domain" {
>> listen on * port 80
>> }
>>
>> And I get logging into /usr/htdocs/logs but httpd doesn''t seem to
>> find files in /usr/htdocs. I get a 404 error that says OpenBSD httpd
>> in it but it can't find even index.html which does exist. I've played
>> with htdocs vs htdocs/. If I comment out the chroot line it finds
>> files in /var/www/htdocs. My /usr is in a different MBR partition
>> (actually an exended one) with 129 gigs free.
>>
>> Anybody tried to move their htdocs? I didn't find anything by
>> searching. I wouldn't want to write something and put it out there
>> for everybody to beat on. I did read the PDF and man pages.
>>
>> Also I found that if I set httpd_flags to "-d -v" in
>> /etc/rc.conf.local then booting the machine seems to hang there.
>> Permissions on the file look like:
>> -rwxr--r-- 1 www daemon 4022 Jan 19 2015 index.html
>>
>> --
>> Credit is the root of all evil. - AB1JX
>
--
Credit is the root of all evil. - AB1JX
Re: Trying to move my httpd chroot
On Mar 16 22:04:19, alan01...@gmail.com wrote: > Bingo. /usr does it. One clue I guess was that it was logging into > /usr/logs. With Apache at least the chroot dir wasn't the same as the > document root. With default httpd, it also isn't. > And you don't want the logs dir readable through the > httpd. So essentially there's htdocs and logs inside of what you > specify as a chroot dir. Yes.
Re: Trying to move my httpd chroot
> Your webserver should NOT be in /. > Your /usr should not have 129G free. > Your web server should not be in /usr. In case your thinking does it matter beyond doing things correctly! What sprang to my mind immediately is that those partitions won't have things like nosuid,noexec settable without breaking things. Not to mention a rogue web server may do extra damage like filling the filesystem up may prevent upgrades etc. etc.. Partitioning on OpenBSD is a lot saner than on 'modern' Linux where too much stuff now goes in /usr (now /!!), systemd cross links are one insanity. -- KISSIS - Keep It Simple So It's Securable
Re: Trying to move my httpd chroot
Hi Alan, On 2016-03-16 Wed 20:58 PM |, Alan Corey wrote: > I don't have enough room in / to have my htdocs there so I want to > move it to /usr/htdocs. This is in 5.7. Re-install (5.8) with a better partitioning layout: $ mount -d /var/www exec: mount_ffs -o rw -o nodev -o nosuid -o noexec -o softdep -o noatime /dev/[something] /var/www Cheers! -- You're at the end of the road again.
Re: Trying to move my httpd chroot
On 03/16/16 20:58, Alan Corey wrote:
> I don't have enough room in / to have my htdocs there so I want to
> move it to /usr/htdocs. This is in 5.7. No problem I thought, I've
> had to do it before. So my /etc/httpd.conf looks like this:
>
> chroot "/usr/htdocs"
hint: the default is /var/www. NOT /var/www/htdocs.
>
> server "d530.my.domain" {
> listen on * port 80
> }
>
> And I get logging into /usr/htdocs/logs but httpd doesn''t seem to
> find files in /usr/htdocs. I get a 404 error that says OpenBSD httpd
> in it but it can't find even index.html which does exist.
actually, it doesn't. man httpd.conf
chroot directory
Set the chroot(2) directory. If not specified, it
defaults to /var/www, the home directory of the www user.
...
directory
Set the document root of the server. The directory is a
pathname within the chroot(2) root directory of httpd.
If not specified, it defaults to /htdocs.
You are trying to serve /usr/htdocs/htdocs/index.html, and that is a
good 404.
I verified that I could chroot to my /tmp dir and serve a file out of
/tmp/htdocs/ with no problem.
> I've played
> with htdocs vs htdocs/. If I comment out the chroot line it finds
> files in /var/www/htdocs. My /usr is in a different MBR partition
> (actually an exended one) with 129 gigs free.
and this is also wrong.
Your webserver should NOT be in /.
Your /usr should not have 129G free.
Your web server should not be in /usr.
You really need to be reloading that system with a less insane
partitioning plan. Then you don't have to worry about moving the
chroot. It can be done. But don't. Just don't. Not for this reason.
You need to upgrade soon anyway. Good time to rebuild properly.
Nick.
