- jeromel's home page
- Posts
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
- December (1)
- November (1)
- October (2)
- September (1)
- July (2)
- June (1)
- March (3)
- February (1)
- January (1)
- 2014
- 2013
- 2012
- 2011
- 2010
- December (2)
- November (1)
- October (4)
- August (3)
- July (3)
- June (2)
- May (1)
- April (4)
- March (1)
- February (1)
- January (2)
- 2009
- December (3)
- October (1)
- September (1)
- July (1)
- June (1)
- April (1)
- March (4)
- February (6)
- January (1)
- 2008
- My blog
- Post new blog entry
- All blogs
Web server readiness
Web server upgrade quick
All areas requring a password should go through https as much as possibly achievable. Beware of areas where we may "grab" files automatically using wget or similar. Startegy would imply to make sure areas are set to use https entirely (for example, alias drupal.star.bnl.gov may be entirely https) and/or use re-direct.| Area | Install/enable date | Testing status |
| Main pages (WB) |
2013/06/21 | 06/21 ~ OK but redirects missing (for example, drupal2.star.bnl.gov would lead to the front page and this is not desirable) 06/21 - drupal2.star.bnl.gov/ Redirect fixed (DA). Status seems OK 06/24 - missing rule needed for our Web server to pass nessus scan (TRACE and TRACK) - rule tend to be needed for VH - fixed (JL) 06/26 - fixed with VH fixes (JL) 06/26 - PHP5 issues in main pages (minor) fixed - (JL) |
| Verifications of images/, webdata/, common/ , img/ and data/ (JL) |
2013/06/24 | 06/24 - xalias missing fixed and img/ would be a link to images/ 06/25 - "not sure if data/ is used (left commented)" - used for miscelaneous scripts alternate tmp/ directory space |
| doc_public and doc_protected and other AFS areas (/protected and /public) (JL) |
2013/06/24 | 06/24 - missing xalias fixed, working |
| Verification of access protections (JL) |
2013/06/24 | Not correctly set for many areas as per 06/19 [depends on other tasks to be completed] 06/24 - Many access wrong (areas incompletely setup). Fixed? 06/25 - fixed as we went (clash of VH rules was the biggest issue - fixed WB, JL) |
| Drupal including virtual hosting drupal.star.bnl.gov versus www.star.bnl.gov settings & possibly using https (http://drupal.* redirect to https://drupal$1) (DA) |
2013/06/19 | Virtual hosting is not set, redirect missing and .htaccess used instead of central confuguration as per 06/19 06/21 - moving to drupal main pages then back to drupal2.star.bnl.gov (root without /STAR) should not move to ww2.star.bnl.gov but shows an empty page. Redirects or VH still not correct. Fixed 2013/06/21 (DA) 06/24 - apache complains "[warn] _default_ VirtualHost overlap on port 443, the first has precedence" - fixed (JL) 06/24 - the VH would be missing redirect rules + TRACE|TRACK rules - fixed (JL) 06/25 - All VH fixed (JL), Drupal config fix (DA) 06/26 - Issues wih PHP5 and Drupal modeul fixed (DA) |
| Support or other virtual hosting (qm2008, nsac2004, rhicii-science, hq2004, hq2006, hq2008, hq2010, hq2012) (JL) |
2013/06/23 | 06/19 - Pending ITD change of one VH, this could be tested soon. 06/21 - nsac2004.bnl.gov alias advertized to be changed (it should be as strating from the front page). Needs to be set and checked (internal and external). 06/24 - asked ITD to switch the other aliases. Would be done during the global swap of www.star and drupal.star aliases. Note: areas in AFS still exists for sevreal VH. Cleanup overdue. |
| RT ticket system (DA) |
2013/06/20 | Content conversion 06/18. Tested 06/21: - 'root' account checked and working - personal account worked - test ticket working and has attachements 06/20 - EMail notices/receipt will need to be set and tested (but outgoing ticket creation notice worked) 06/24 - Redirect from rt2 to rt3 done (JL) 06/24 - config fix after the alias change (DA) |
| Hypernews (JL) |
2013/06/19 | 06/19 - EMail receivenot yet tested. Emails go out for sure (send works, received one) 06/20 - Entry point drupal2.star.bnl.gov/HyperNews-star/index is possible but would fail (missing redirects as no virtual hosting for ww2.star and drupal2.star was set). 06/24 - issue found with forum rebuild fixed 06/24 - missing indexer - fixed by copying glimpse over + home directory does not start at the same place as before (JL) 06/24 - Email receive fails, smrsh/ equivalent for postfix not set (JL, WB): trick was to set the script to be owned by mail:mail as for smrsh BUT also enable in main.cf defaul_privs=mail (see those perlmonk tips giving us a hint) - oddity: this was not needed for rt-mailgate 06/26 - drupal.star/Hypernew path now redirect properly |
| awstats, perl-status, serv-info and serv-status (JL) |
2013/06/24 | 06/24 - OK - initial setup skipped protection but fixed. 06/26 - Made those part of the https:// path (and not others) |
| QA area in AFS land (php enabler) | 06/14 - This will not work - local account starqa missing uid=4725(starqa) gid=31012(rhstar) groups=31012(rhstar) 06/24 - starqa account not set to proper uid but files should be copied locally 07/?? - Done, but authorized_keys is empty (??) - PHP enabler settled |
|
| starkeyw system (WB, DA) |
2013/06/14 | Crash occuring at access - reason unclear. Speculation: user logs in, PAM call (php -> PAM -> AFS) returns proper auth data but apache thread dies in the end. |
| dbAdmin (1, 2), Browser, falcon, ... (DA, JL) |
2013/06/20 | Interface working - falcon needed odbc as suspected/indicated (RPM worked out of the box). 06/21 - dbAdmin TBC |
| starsimstats (DA) |
2013/06/20 | OK |
| Ganglia (https) (WB) |
2013/02/05 | OK |
| cgi-bin/ (Ex1, Ex2, Ex3, Ex3, ...), devcgi/ (Ex1, Ex2, Ex3, Ex4, Ex5 ...) (JL) |
2013/06/24 | 06/19 - Hypernews cgi are working so this should work but ... 06/24 - Examples are working at this stage 06/24 - devcgi working by end of day - "Can't locate hpss.pm in @INC " due to missing /opt/star (and env). % fs sysname Current sysname is 'amd64_linux26' Bummer! Patch is to use /afs/rhic.bnl.gov/x8664_sl6/opt/star as link to /opt/star (which was also missing) 06/24 - cgi-bin/ incompletely setup (need transfer). Fixed. Misc notes % chmod +rx /var/log/httpd/ # needed for viewlog.cgi % yum install perl-IPC-Run # needed for cvsweb % scp root@orion.star.bnl.gov:/etc/httpd/conf/cvsweb.conf . % scp -r root@orion.star.bnl.gov:/home/users/starweb/WWW/counter . # needed for counter.cgi OK? (need more testing / www.star.bnl.gov hardwired in a few of them) 06/25 - use Mysql not needed (informed LD) 06/26 - CGI fixed (LD) |
| Verifications of grandfathered redirects (JL) |
2013/06/26 | 06/19 - verified and many missing 06/26 - all needed imported - asked users |
| Use home directories - test example ~jeromel/ (JL) |
2013/06/24 | OK |
| AutoIndex feature (~/jeromel/test) (JL) |
2013/06/24 | OK |
| Miscelaneous | [after migration] | hq2010/abstractSubmission.cgi should be indentified and disabled (not copied) /home/users/ has links to starweb and webman for easy integration. Those could (should) be cleaned later. Some cgi hardwire www.star.bnl.gov - need to fix this as we go. 06/26 - missing robots.txt file and link 06/26 - MX records for www.star.bnl.gov not set (Email going nowhere) |
Groups:
- jeromel's blog
- Login or register to post comments