Firewall Handbuch für LINUX 2.0 und 2.2 - zurück
Firewall Handbuch für LINUX 2.0 und 2.2 - zurück
Firewall Handbuch für LINUX 2.0 und 2.2 - zurück
Sie wollen auch ein ePaper? Erhöhen Sie die Reichweite Ihrer Titel.
YUMPU macht aus Druck-PDFs automatisch weboptimierte ePaper, die Google liebt.
GNU utilities:<br />
bash cat cksum comm cp csplit cut<br />
du expand find fmt fold gawk<br />
grep head join ln locate ls mkdir<br />
mv nl od paste pr rm rmdir<br />
sort split sum tac tail touch tr<br />
unexpand uniq wc xargs<br />
Copy all of these files into /wtree/bin<br />
I also compiled a staticly-linked version of perl (version 5). This took a<br />
few iterations, mostly because I dislike the 'Configure' Skript. So I<br />
installed perl in /wtree/bin/ and the Perl libraries in<br />
/wtree/lib/perl5/<br />
In addition, 'date' and 'file' are useful. So I copied the HP versions of<br />
them, and took the shared library and dynamic loader that I needed for them.<br />
Thus on an HP system you need to copy /lib/libc.sl and /lib/dld.sl into<br />
/wtree/lib/ For 'file' you also need 'magic', which you should put in<br />
/wtree/etc<br />
It is also useful to create a symbolic link from bash to 'sh' and from gawk<br />
to 'awk' in /wtree/bin. Note: pretending that bash is 'sh' is quite<br />
functional; however on HP-UX the 'system()' C-function wants /bin/posix/sh.<br />
Trying to fool it with a link to bash won't work (I was compiling 'glimpse'<br />
for our web tree, and it uses lots of inane system() calls. So I was forced<br />
to copy /bin/posix/sh into /wtree/bin/posix/)<br />
PLEASE NOTE: place COPIES of files in the web tree, do not use hard links!<br />
Otherwise, why are you bothering to chroot the tree? Anyway, the web tree<br />
should be able to live on any disk... hard links can't!<br />
Make the /wtree/dev/null device file<br />
Copy any needed networking files into /wtree/etc; the following should do<br />
from your host's /etc/ tree. By all means, make these files as minimal as<br />
possible:<br />
hosts<br />
resolv.conf ## the DNS resolver file<br />
and maybe:<br />
nsswitch.conf ## Naming Server fall-over file; useful with NIS<br />
Now go and compile the daemon 'httpd' staticly. Also make staticly- linked<br />
versions of cgiparse and cgiutils. Copy all of these into /wtree/bin/ Make<br />
any additional directory structure that you will need in your web tree; for<br />
example:<br />
/wtree/icons<br />
/wtree/so<strong>und</strong>s<br />
/wtree/images<br />
/wtree/log<br />
(or just copy these from your existing web tree)<br />
And of course create a directory for your cgi-bin tree, using whatever name<br />
you have specified in the http configuration file. Copy your prepared<br />
configuration file 'httpd.conf' into /wtree/etc/ (or whatever sub-directory<br />
you have designated for this purpose). Also prepare and copy any other httpd<br />
files that you will need; for example, 'passwd', 'group', 'protection' (and<br />
copy an appropriate .www_acl file into these directories as well).<br />
Make a chroot wrapper for your daemon, compile and install it, and update<br />
whatever Skript will be launching it from boot up. For example, if I call my<br />
wrapper 'httpd' and install it in /usr/local/bin, then from /etc/inittab the<br />
Erstellt von Doc Gonzo - http://kickme.to/plugins