Menu
▾
▴
sql-ledger-users
|
From: Ibrahim S. <gtk...@ya...> - 2001-04-21 16:12:26
|
Following my previous emails, here is a copy of the screen I receive when calling setup.html (which is a copy of setup.cgi). Whenever I try to click on "Add User" (or List Users) I get a message : "Netscape in unable to find the file or directory named /var/lib/apache/sql-ledger/admin/$script, Check the name and try again". When I try to call from Netscape's File, Open Location, sometimes it says that file not found and sometimes it brings me to "http://localhost" with the famous apache page announcing the success of of its installation. Thank you for your hints Ibrahim __________________________________________________ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ |
|
From: Izzy B. <iz...@ec...> - 2001-04-22 08:41:58
|
At 10:12 AM 21/04/01, you wrote: >Following my previous emails, here is a copy of the >screen I receive when calling setup.html (which is a >copy of setup.cgi). Whenever I try to click on "Add >User" (or List Users) I get a message : "Netscape in >unable to find the file or directory named >/var/lib/apache/sql-ledger/admin/$script, Check the >name and try again". When I try to call from >Netscape's File, Open Location, sometimes it says that >file not found and sometimes it brings me to >"http://localhost" with the famous apache page >announcing the success of of its installation. > >Thank you for your hints That's about what I'd expect from opening a cgi script in a web browser! :) I'm new to this as well so please forgive me if I'm wrong, but I think your problem is with your Apache setup. You have to specifically tell Apache it's ok to run scripts outside of it's default cgi directory. The answers are in the SQL-Ledger FAQ, but I too had problems understanding at first. There's so many things to install and configure and if you've never done any of it before, it can be quite a daunting task! :( I think your problem is with Apache, so here's what you need to do for it. The first thing is to add support for running .pl files as cgi scripts as the first point in the FAQ suggests. Edit your httpd.conf file (mine was in /etc/httpd/httpd.conf) and searched for "To use CGI scripts". You should find a section like this: # To use CGI scripts: AddHandler cgi-script .cgi If it isn't there already, add the following as is indicated in the FAQ. AddHandler cgi-script .pl Next I'd skip to the bottom of the FAQ to the section on security and follow all these steps. Don't make the mistake I did and assume that Apache is running as the default user nobody.nogroup. I found out mine was running as wwwrun.nogroup which is the default configuration under SuSE. If you search your httpd.conf file for "User/Group", you should find entries like this User wwwrun Group nogroup Change step 2 in the FAQ to match these settings. Of course you will also want to change the path in all these steps to match where you've put the sql-Ledger directory. For step 4, I'd just copy the lines as he has them there (with adjustments to the sql-ledger path if needed) and place them in the httpd.conf file. If you search for "<Directory" you'll find the section where you want to put them. Just move to the bottom of the last entry (they end with </Directory>) and past it all there. Make sure the path is correct for where you put sql-ledger. I didn't understand step 5, and step 6 you can probably skip. Hope this helps. ...Izzy |
|
From: Andrew B. <an...@hg...> - 2001-04-22 12:01:20
|
> > I didn't understand step 5, and step 6 you can probably skip. > Step 5 simply means that you should create a .htaccess file in the admin directory. This will not prevent users from executing (i.e. including) the config files, but it will prevent Apache from "handing" the files out to users who request: http://www....com/sql-ledger/admin/config Step 6 would probably be needed if the system has a number of "local" user acounts. Step 7 is also absolutely critical! If your SQL-Ledger/Apache server is also your PostgreSQL server, use the following line in pg_hba.conf host myledgerdb 127.0.0.1 255.255.255.255 password (assuming your database for SQL-Ledger is myledgerdb) Be sure NOT to have a line like this in the file: host all 0.0.0.0 0.0.0.0 trust Step 8 is entirely about how granular your security control needs to be. Implement it to suit yourself. BFN Andy |
|
From: Izzy B. <iz...@ec...> - 2001-04-22 17:15:53
|
At 06:01 AM 22/04/01, you wrote: Thanks Andy, I was obviously in need of sleep last night. I only saw the first 6 steps last night. When I saw the last step in my browser window I thought that was it and off to bed I went! :) Thanks for filling in the missing steps for me and explaining step 5 and the reason for step 6. It's a good habit to configure security assuming you do have local users and the threat of attack from inside as well as outside is very real. Even if you only have a single server in a home based network protected by a firewall. :) > > > > I didn't understand step 5, and step 6 you can probably skip. > > > >Step 5 simply means that you should create a .htaccess file in the admin >directory. This will not prevent users from executing (i.e. including) the >config files, but it will prevent Apache from "handing" the files out to users >who request: > >http://www....com/sql-ledger/admin/config > >Step 6 would probably be needed if the system has a number of "local" user >acounts. > >Step 7 is also absolutely critical! If your SQL-Ledger/Apache server is also >your PostgreSQL server, use the following line in pg_hba.conf > >host myledgerdb 127.0.0.1 255.255.255.255 password > >(assuming your database for SQL-Ledger is myledgerdb) > >Be sure NOT to have a line like this in the file: > >host all 0.0.0.0 0.0.0.0 trust > >Step 8 is entirely about how granular your security control needs to be. >Implement it to suit yourself. > >BFN >Andy |
|
From: Ibrahim S. <gtk...@ya...> - 2001-04-30 05:47:12
Attachments:
httpd.conf
|
Hi,
Thanks for the advice. I have trying to make it work following your tips.
Unfortunately I have not been able. The problem still persist. I am attaching
here my httpd.conf file if you can try to seen where I am missing.
Sorry for bothering everybody, but really I want to run sql-ledger.
Thanks in advance
Ibrahim Shaame
Izzy Blacklock wrote:
> At 10:12 AM 21/04/01, you wrote:
> >Following my previous emails, here is a copy of the
> >screen I receive when calling setup.html (which is a
> >copy of setup.cgi). Whenever I try to click on "Add
> >User" (or List Users) I get a message : "Netscape in
> >unable to find the file or directory named
> >/var/lib/apache/sql-ledger/admin/$script, Check the
> >name and try again". When I try to call from
> >Netscape's File, Open Location, sometimes it says that
> >file not found and sometimes it brings me to
> >"http://localhost" with the famous apache page
> >announcing the success of of its installation.
> >
> >Thank you for your hints
>
> That's about what I'd expect from opening a cgi script in a web browser! :)
>
> I'm new to this as well so please forgive me if I'm wrong, but I think your
> problem is with your Apache setup. You have to specifically tell Apache
> it's ok to run scripts outside of it's default cgi directory. The answers
> are in the SQL-Ledger FAQ, but I too had problems understanding at
> first. There's so many things to install and configure and if you've never
> done any of it before, it can be quite a daunting task! :(
>
> I think your problem is with Apache, so here's what you need to do for
> it. The first thing is to add support for running .pl files as cgi scripts
> as the first point in the FAQ suggests. Edit your httpd.conf file (mine
> was in /etc/httpd/httpd.conf) and searched for "To use CGI scripts". You
> should find a section like this:
>
> # To use CGI scripts:
> AddHandler cgi-script .cgi
>
> If it isn't there already, add the following as is indicated in the FAQ.
>
> AddHandler cgi-script .pl
>
> Next I'd skip to the bottom of the FAQ to the section on security and
> follow all these steps. Don't make the mistake I did and assume that
> Apache is running as the default user nobody.nogroup. I found out mine was
> running as wwwrun.nogroup which is the default configuration under
> SuSE. If you search your httpd.conf file for "User/Group", you should find
> entries like this
>
> User wwwrun
> Group nogroup
>
> Change step 2 in the FAQ to match these settings. Of course you will also
> want to change the path in all these steps to match where you've put the
> sql-Ledger directory.
>
> For step 4, I'd just copy the lines as he has them there (with adjustments
> to the sql-ledger path if needed) and place them in the httpd.conf
> file. If you search for "<Directory" you'll find the section where you
> want to put them. Just move to the bottom of the last entry (they end with
> </Directory>) and past it all there. Make sure the path is correct for
> where you put sql-ledger.
>
> I didn't understand step 5, and step 6 you can probably skip.
>
> Hope this helps.
>
> ...Izzy
|
|
From: Roderick A. A. <raa...@ti...> - 2001-04-30 14:22:26
|
On Mon, 30 Apr 2001, Ibrahim Shaame wrote:
> Hi,
> Thanks for the advice. I have trying to make it work following your tips.
> Unfortunately I have not been able. The problem still persist. I am attaching
> here my httpd.conf file if you can try to seen where I am missing.
>
> Sorry for bothering everybody, but really I want to run sql-ledger.
Use
ScriptAlias /sql-ledger/ /var/lib/apache/sql-ledger/
instead of
Alias /sql-ledger/ /var/lib/apache/sql-ledger/
Rod
--
Remove the word 'try' from your vocabulary ...
Don't try. Do it or don't do it ...
Steers try!
Don Aslett
|
|
From: Ibrahim S. <gtk...@ya...> - 2001-05-02 15:53:53
|
Changed to that but still no success. Any other proposal? I wonder if someone can send me a working httpd.conf so that I can try it on my machine (maybe one running Slackware) Thanks Ibrahim "Roderick A. Anderson" wrote: > On Mon, 30 Apr 2001, Ibrahim Shaame wrote: > > > Hi, > > Thanks for the advice. I have trying to make it work following your tips. > > Unfortunately I have not been able. The problem still persist. I am attaching > > here my httpd.conf file if you can try to seen where I am missing. > > > > Sorry for bothering everybody, but really I want to run sql-ledger. > > Use > > ScriptAlias /sql-ledger/ /var/lib/apache/sql-ledger/ > > instead of > > Alias /sql-ledger/ /var/lib/apache/sql-ledger/ > > Rod > -- > Remove the word 'try' from your vocabulary ... > Don't try. Do it or don't do it ... > Steers try! > > Don Aslett _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com |
|
From: Roderick A. A. <raa...@ti...> - 2001-05-02 16:41:41
|
On Wed, 2 May 2001, Ibrahim Shaame wrote:
> Changed to that but still no success.
> Any other proposal?
> I wonder if someone can send me a working httpd.conf so that I can try it on my
> machine (maybe one running Slackware)
Did you remember to restart the web server so it re-reads the
configuration files? (This gets me all the time.)
Rod
--
Remove the word 'try' from your vocabulary ...
Don't try. Do it or don't do it ...
Steers try!
Don Aslett
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X