/usr/web
/sys/lib/httpd.conf
/lib/namespace.httpd
/sys/lib/httpd.rewrite
2006/08/24 renewed
2003/01/11 updated
Here I will explain how to install Pegasus with policies:
pegasus-2.2.tgz
pegasus-2.2
" will be created in the directory in which you executed "tar". Let this directory be "$pegasus
" in the explanation below.term% cd $pegasus/mon term% mk install
/adm/users
":web:web:web:bobwhere "bob" is your account name. You must execute
echo users | con /srv/fsconsto reflect the change to fossil.
You need not give password for user "web".
/usr/web
/usr/web
" is a default base directory on which Pegasus configures namespace.( You can use other directory. Look "/sys/lib/httpd.conf
".)term% mkdir /usr/web term% chmod 775 /usr/webDon't let owner of "
/usr/web/
" be "web
".
Create directories under "/usr/web/
". The goal is like the followings*.
d-rwxrwxr-x bob bob ..... /usr/web/bin/386 d-rwxrwxr-x bob bob ..... /usr/web/bin/rc d-rwxrwxr-x bob bob ..... /usr/web/dev d-rwxrwxr-x bob bob ..... /usr/web/doc d-rwxrwxr-x bob bob ..... /usr/web/env d-rwxrwxr-x bob bob ..... /usr/web/etc d-rwxrwx--- bob web ..... /usr/web/etc/nonce d-rwxrwxr-x bob bob ..... /usr/web/lib d-rwxrwxr-x bob bob ..... /usr/web/mnt d-rwxrwxr-x bob bob ..... /usr/web/proc d-rwxrwxr-x bob bob ..... /usr/web/rc/lib d-rwxrwxr-x bob bob ..... /usr/web/sys/lib d-rwxr-xr-x bob bob ..... /usr/web/tmpwhere "bob" is your account name. Take notice of the permission bits and the group of "
/usr/web/etc/nonce/
".
You have the replica under "$pegasus/example/usr/web/
". Therefore you may copy the replica to "/usr/web
". The copy is easy if you use my tool "cpdir". You can get "cpdir" from http://plan9.aichi-u.ac.jp/netlib/cmd/
.
term% cpdir -mv $pegasus/example/usr/web /usr/weband then
term% chmod 770 /usr/web/etc/nonce term% chgrp web /usr/web/etc/nonce
Ntoe that:
/usr/web/etc/nonce
" must be given full access permission to user "web".example/usr/web/
" is configured for CGI, therefore there are needless directories if you do not use CGI. However I think they are harmless./usr/web/doc
". This directory is something like a dish to which web content is dynamically bound.$pegasus/sample
". Copy them to the appropriate place:term% cd $pegasus/sample term% cp sys/lib/httpd.conf /sys/lib/httpd.conf term% cp sys/lib/httpd.rewrite /sys/lib/httpd.rewrite term% cp lib/namespace.httpd /lib/namespace.httpdNote that you have already "
/sys/lib/httpd.rewrite
" and "/lib/namespace.httpd
" of official httpd. It is wise to make a backup of these files.
/sys/lib/httpd.conf
/sys/lib/httpd.conf
". You need not change the default values in this file. The tuning is after you have monitored the performance of the server.
/lib/namespace.httpd
/lib/namespace.httpd
". The contents will bebind -a /usr/web/bin/$cputype /bin bind -a /usr/web/bin/rc /bin bind /sys/lib /usr/web/sys/lib bind /lib /usr/web/lib bind /bin /usr/web/bin bind /rc/lib /usr/web/rc/lib bind -c #e /usr/web/env bind #c /usr/web/dev bind /proc /usr/web/procNot all will be required. And note that the line:
bind /sys/lib /usr/web/sys/libwill make all files under "
/sys/lib
" accessible via CGI. Especially you should note that some secret files such as "/sys/lib/ssh
" and "/sys/lib/tls
" might be there.
CGI environment configured in "/lib/namespace.httpd
" will be inherited to real host, virtual hosts, and regular users. Therefore you should be careful enough.
Although the content is configured for CGI and the content might be too much for regular CGI service, I think the configuration is harmless.
/sys/lib/httpd.rewrite
/usr/bob/www/doc
". Then the following single line is enough for most cases./ */usr/bob/wwwIf you do want to configure more complicated hosting service, look "
/sys/lib/httpd.rewrite
".
/usr/bob/www/
", then/usr/bob/www/doc/is the directory.
Put a file "index.html
" to this directory. You will find the sample in "$pegasus/sample/usr/bob/www/doc/index.html
".
term% cd /sys/log term% touch http blacklist term% chmod 666 http blacklist term% chmod +a http blacklistYou might fail to create log files. Appropriate privilege will be required.
term% b=/usr/local/bin/$cputype term% $b/mon -du web $b/httpd -suMand confirm by "ps" command that "mon" and "httpd" is really running.
/sys/log/http
".