[legacyb4]

Turns out that the server side setup was not the issue, but rather a client software issue…

On 2K, make sure you are patched and updated…

Go Windows! 😈

Cheers.

[legacyb4]

Okay, I think I found a semi-acceptable solution.

I created a /shared subdirectory in the webroot and then the necessary /users within that.

I’ve created a specific realm for each user. I’ve disabled Everyone and added specifically user:browse/author and a guest account:browse.

This gives me a standard password-protected web directory that can only be accessed by the two accounts listed and only the author can mount the WebDAV enabled directory which is pretty close to the level of security I need.

It works perfectly in OS X (I can create, rename, copy, and delete files within the directory; however, from a Windows machine, I can only create, rename, delete new folders and only rename/delete existing files.

I get errors trying to copy stuff from a Windows machine with the following errors showing up in the log:

[b:b80c37b814]10.130.0.129 – – [27/Jan/2003:14:02:23 +0900] “HEAD /shared/user/test.txt HTTP/1.1” 401 0[/b:b80c37b814]

Any ideas why this might be?

Owner and group of the /user directory have been set to “www”.

[legacyb4]

Interesting, now I get the proper error message that:

The Folder entered for this realm is not within the site’s Web folder.

Please enter or select another folder that is part of the site’s web folder and try saving again.

Wonder why that didn’t come up earlier… is my only option creating a set of webroot/users/username directories and forgo the normal ~user directories?

Cheers.

[legacyb4]

I, too, had problems on my initial attempt to get MySQL up and running.

However, on a second attempt on a fresh install on a work machine, I think I figured out what the issue might be. What I did:

1. Clean install of OS Server (also assuming DNS, etc. are properly configured for your machine).
2. Install all necessary updates (god, starting to sound like Windoze…)
3. Run Check and Fix Permissions

After doing the above, MySQL started like a champ by first clicking on the Install files button, starting the MySQL server, then enabling Run on Startup.

HOpe that helps.

Cheers.

[quote:dfda9f0d37=”Cabbage”]I had a broken MySQL Manager also.

Read [url=https://www.afp548.com/eBBS/viewtopic.php?t=160&highlight=mysql]this thread[/url] on how I solved it.[/quote:dfda9f0d37]

[legacyb4]

Hate to run through the basics, but did you happen to make any changes to the /etc/sshd_config file?

Also, did you copy your public key into your account on the server under the .ssh/authorized_keys file? [url=http://macosx.dyndns.org/guides/ssh_win/]Link[/url] for using SSH from a Windows machine; doing on a Mac is tons easier…

Cheers.

[quote:d99b287443=”kikjou”]I am using MacOSX Server 10.3.2 and I am trying to establish an ssh connection using my public key. In the past (I believe before 10.1) this was possible, but only for the administrator account. In the current configuration (out of the box ssh daemon, no changes) public key authentication fails.
Is there a way to get this to work? I can think of
(a) upgrading SSH to the latest version (but I will need to do that after every OS upgrade and I am not too Unix savvy) or
(b) making changes to the configuration file but I would not know how.[/quote:d99b287443]

[legacyb4]

Almost embarrassed to mention in public, but here goes…

Turns out that the chmod problems I was having seem to stem from a non-server issue; the firewall (a Watchguard Firebox) had the “Deny Incoming Site Commands” option enabled on the FTP proxy which effectively killed any ability to run chmod.

Turn that option off, and now everything is peachy.

What I did get out of the whole exercise was another chance to configure, compile, and install PureFTP though…

Cheers.

[legacyb4]

I had the same problem, but found that the problem lay in:

Include /private/etc/[b:8d6fd76a16][u:8d6fd76a16]httpd[/u:8d6fd76a16][/b:8d6fd76a16]/httpd_squirremail.conf

You probably left out the “d” in the pathname.

Cheers.

[quote:8d6fd76a16=”A-H”]Hi,

Include /private/etc/http/httpd_squirrelmail.conf

[/quote:8d6fd76a16]

[legacyb4]

Was doing a little off-line testing on a spare machine to see if this would work and have not been able to get 10.2 Server to install properly on a RAID 1 internal IDE array on a PowerMac G3.

This machine was previously running 10.2 client on a single drive so my firmware is properly updated. I hooked up a pair of matched drives, booted off the CD, ran Disk Utility, built the RAID 1 set, then installed Server to it. So far so good. Then on reboot, got a the question mark/smiley folder icon…

Any ideas why?

Cheers.

[quote:331dfa9987=”legacyb4″]So the procedure would be:

1) boot off CD
2) run Disk Utility
3) create RAID (1, in my case)
4) install clean system to RAID partition

Hrm, for some reason, I didn’t get that far and went ahead with a single boot and a RAID1 on my data drives.

So, theoretically, I should be able to:

1) Yank the existing RAID (temporarily)
2) Install pair of same-sized HDs and create RAID1 partition
3) Use Carbon Copy Cloner to copy existing OS X system to the RAID1 partition
4) boot off new partition?

[quote:331dfa9987=”pepi”]If you create your RAID 0 or 1 with Apple’s Disk Utility it will be bootable running Mac OS X 10.2 and X.2 Server. This works on PowerMacs as well as on the Xserve. From an AppleTechPromoter in Germany I’ve heard that Apple plans to support RAID Level 10 in one of it’s next DiskUtility updates since Xserve and PowerMacs support up to 4 HDs now, which would work fine for L10.

Of course you don’t even get to see a SoftRAID in Mac OS 9. (Classic surely does.)[/quote:331dfa9987][/quote:331dfa9987]

[legacyb4]

Alright, I did some tinkering around and here’s what I was able to test out.

Before going any further, I made a backup copy of the original libphp4.so file:

[b:0b8c7f4e3d]sudo cp /usr/libexec/httpd/libphp4.so libphp4.so.bak[/b:0b8c7f4e3d]

In addition, I went ahead and commented out the following from inside /etc/httpd/httpd.conf

[b#LoadModule apple_auth_module /usr/libexec/httpd/mod_auth_apple.so[/b]

as well as

[b:0b8c7f4e3d]#AddModule mod_auth_apple.c[/b:0b8c7f4e3d]

since Marc wrote that this module needed to be disabled.

Next, I downloaded the latest 4.2.3 installer from [url=http://www.entropy.ch/software/macosx/php/]Marc Liyanage’s site[/url]. This was then unzipped and moved into the /usr/libexec/httpd directory

[b:0b8c7f4e3d]curl -O http://www2.entropy.ch/download/libphp4.so.gz
gunzip libphp4.so.gz
sudo mv libphp4.so.gz /usr/libexec/httpd[/b:0b8c7f4e3d]

Next, I loaded the module into Apache with:

[b:0b8c7f4e3d]sudo apxs -e -a -n php4 libexec/httpd/libphp4.so[/b:0b8c7f4e3d]

which spits back:

[b:0b8c7f4e3d][activating module `php4′ in /private/etc/httpd/httpd.conf]
cp /private/etc/httpd/httpd.conf /private/etc/httpd/httpd.conf.bak
cp /private/etc/httpd/httpd.conf.new /private/etc/httpd/httpd.conf
rm /private/etc/httpd/httpd.conf.new[/b:0b8c7f4e3d]

I didn’t run step #5 of his instructions which state:

[b:0b8c7f4e3d]echo ‘echo “AddType application/x-httpd-php .php” >> /etc/httpd/httpd.conf’ | sudo sh -s[/b:0b8c7f4e3d]

because in the Server conf file, it specifically states:

[b:0b8c7f4e3d] #### For Mac OS X Server: Do not uncomment; this is already handled by
#### Server Settings app, with directives in mime_macosxserver.conf
#
#AddType application/x-httpd-php .php
#AddType application/x-httpd-php-source .phps[/b:0b8c7f4e3d]

which, if you check in the mime_macosxserver.types file, it already lists:

[b:0b8c7f4e3d]AddType application/x-httpd-php php
AddType application/x-httpd-php-source phps[/b:0b8c7f4e3d]

which I assume is good enough (note the absence of the “.” though).

Restarting the webserver with the control panel and testing the ol’ phpinfo test script gives back the config page in IE:
[b:0b8c7f4e3d]
PHP Version 4.2.3

System:
Darwin primavera.entropy.ch 6.1 Darwin Kernel Version 6.1: Fri Sep 6 23:24:34 PDT 2002; root:xnu/xnu-344.2.obj~2/RELEASE_PPC Power Macintosh powerpc

Build Date:
Sep 24 2002 23:15:03

Configure Command:
‘./configure’ ‘–disable-cli’ ‘–with-apxs’ ‘–with-mysql’ ‘–with-pgsql’ ‘–with-gd=/usr/local’ ‘–with-png-dir=/usr/local’ ‘–with-zlib-dir=/usr’ ‘–with-jpeg-dir=/usr/local’ ‘–with-freetype-dir=/usr/local’ ‘–with-t1lib=/usr/local’ ‘–enable-trans-sid’ ‘–enable-exif’ ‘–with-xml’ ‘–enable-wddx’ ‘–with-curl=/usr/local’ ‘–with-pdflib=/usr/local’ ‘–enable-ftp’ ‘–enable-mbstring’ ‘–enable-xslt’ ‘–with-xslt-sablot=/usr/local’ ‘–with-imap=../imap-2001a’ ‘–enable-dbx’ ‘–enable-dbase’ ‘–with-mcrypt=/usr/local’ ‘–enable-sockets’ ‘–with-ldap’ ‘–with-xmlrpc’ ‘–with-iodbc’
[/b:0b8c7f4e3d]
and in particular, it specifically lists that GD support is now in.

myphpAdmin runs without a hitch so I assume the update went smoothly. What I would like to know is what gets broken by disabling auth_apple_module?

Cheers.

[quote:0b8c7f4e3d=”legacyb4″]For all of us who have been on 10.x client, many of us have probably been on the receiving end of Marc Liyanage’s precompiled PHP module that included GD support.

However, the last I checked, he mentioned that his binary doesn’t specifically support Server… have any of you gone out and tried it or recompiled for yourselves?

Thanks in advance.[/quote:0b8c7f4e3d]

[legacyb4]

Thanks for the tip.

Assuming not, but any idea if the FTP control panel will function if you use an alternative FTP server such as [url=http://www.pureftpd.org/]PureFTPD[/url]?

Any info on getting a new wu-ftp up and running would be appreciated too!

Cheers.

[quote:8ab8c19c8d=”Cabbage”]You’ll probably have to recompile the wu-ftp since you can’t chmod anything in its present form. I know I need that on my web site in order to allow certain php programs to run correctly.[/quote:8ab8c19c8d]

[legacyb4]

It’s convoluted and there are definitely better ways to get the same results, but I think I’ve finally come up with an acceptable (and maintainable) solution to accomplish what I need to use 10.2 Server as an Internet server.

Sorry for the sparse instructions but I’m assuming that those interested will know their way around Server and the various GUI settings plus be somewhat comfortable in Terminal as well.

DIRECTORIES
I am running a server serving only a few users, but each with a handful of their own domain so adapt as needed. I’m keeping all of my user data on a physically separate hard drive from the system which is why I have /Volumes/Data.

/Volumes/Data/www (755)
/jeff/domain01, /domain02, etc. (jeff 755)
/jeff/cgi-bin
/jeff/logs

/bill/domain01, /domain02, etc. (bill 755)
/bill/cgi-bin
/bill/logs
/bill/FTPRoot (jeff 700)

/Volumes/Data/ftp
/ftproot

WORKGROUP MANAGER Settings

User Tab
Jeff (machine admin)
Advanced: Enable simultaneous login
Groups: staff, and other groups that you might create
Home: Advanced | Home: /Users/jeff

Bill (remote user)
Advanced: Enable simultaneous login
Groups: bill
Home: Advanced | Home: /Volumes/Data/www/bill

Sharing Tab
Each user directory (/Volumes/Data/www/user) needs to be shared with FTP sharing enabled.

SERVER SETTINGS (FTP Settings – general)
Access: Anonymous access disabled
Advanced: Authentication (Standard)
Advanced: Real users view (Home + Shares)
Advanced: FTP Root – /Volumes/Data/ftp/ftproot

SERVER SETTINGS (WWW Settings for bill/domain01)
General: as you please
Sites/General: Web folder mapped to /Volumes/Data/www/bill/domain01
Options: as you please
Logging: Access (disabled), Error (enabled)
Access: as you please
Security: as you please

HTTPD CONF Settings

/etc/httpd/httpd_macosxserver.conf

Inside the respective Virtualhost directive, I included:
Include /etc/httpd/users/httpd_bill_domain01.conf
turning off Logging:Access Log will result in the following (leave as is)
CustomLog “/dev/null” “%h %l %u %t \”%r\” %>s %b”

/etc/httpd/users/httpd_bill_domain01.conf

CustomLog “/Volumes/Data/www/bill/domain01/logs/access_log” combined

ScriptAlias /cgi-bin/ “/Volumes/Data/www/bill/cgi-bin/”

<Directory “/Volumes/Data/www/bill/cgi-bin”>
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

THINGS TO WATCH OUT FOR

Don’t bother logging in as a remote user on the local machine; haven’t tried but I can tell you it will cause more grief than it’s worth.

The first time a remote user FTPs into the server, a link called FTPRoot will be generated by virtue of the FTP Setting of “Real users view Home + Shares”; by having placed a non-user modifiable FTPRoot folder in the domain, that link is never generated. This had to be done to allow Jeff, the administrator to FTP in and access his web directory yet lock out remote users from being able to escape out of their own roots.

I could have put the admin’s own site in his Sites folder but that means that from any domain, /~jeff/ can be called up which might not be desirable.

I’ve allowed individual users to have access to their own private cgi-bin; those hosting services for a larger, commercial environment might want to think about the security issues involved.

This is my first run at trying to get OS X 10.2 up and running as a full-blown web, ftp, and mail server but nothing else.

Hope that helps.

[legacyb4]

MySQL is suddently working for me after checking and following a few of the tips I saw on Apple Discussions.

What did it for me:

– Making sure your machine hostname is matching a proper DNS entry in /etc/hostconfig (will require a reboot if you have to change it).

– Adding the machine’s domain name into the Optional Search Domain field under Networking.

– Running “sudo chown -R mysql /var/mysql *”

– Running “sudo safe_mysqld” (shoudl really use the full start server with mysql user, but this was a quick and dirty to make sure the server started)

Once I was able to get the MySQL server up and running, using the MySQL manager app seemed to work for starting and stopping the server.

A bit convoluted and I really wish Apple did make it as simple as a single-click.

Good luck.

[legacyb4]

Had the same problem.

Saw:
[list:64c3f067b7]
021210 08:00:38 mysqld started
021210 8:00:38 /usr/libexec/mysqld: Table ‘mysql.host’ doesn’t exist
021210 08:00:38 mysqld ended
[/list:u:64c3f067b7]
in the log but haven’t had time to getting around to fixing it yet.

Strange that the “Install” button didn’t completely install everything needed!

Cheers.

[quote:64c3f067b7=”didde”]Sounds like you don’t have the permissions set correctly for MySQL.

Try chowning /var/mysql/* and /var/mysql/mysql/ (I think) to the user mysql..

That should fix it. If not, the err log in /var/mysql is usually pretty good at telling you what went wrong.

Good luck.[/quote:64c3f067b7]

[legacyb4]

I think I’m answering my own questions as I go along here so I hope someone else gets something out of it…

My goal was to set up this Server purely as a web/FTP server and not really using it for much else (ie. “network” services).

So, I’ve set up the following:

1) FTP access to Home Directory only (Server Settings)
2) Created a share with access set to owner (R/W), group (R/W), and everyone (R). In addition, I named the FTP share as “domainname”.
3) I enabled “Allow Simultaneous Login” as Default (turning this off disabled FTP access)
4) I set up an Advanced Home Directory setting with Home: being set to /Volumes/Data/www/domainname

Seems to work like a charm now with FTP login by the specified user being dropped straight into the domain www root folder, ftpchrooted in this directory without any explicit configuration, and uploads being set to 644 without having to set an ftpd.conf file like you do in 10.2 Client. However, for reason though, I’m unable to chmod a file to a different set of permissions despite being the file owner.

Comments appreciated.

[legacyb4]

It was what I tried and noticed something weird:

When I tried to disable the default shares using a domain administrator, the settings didn’t stick; however, when I did the same using a local machine administrator (no domain account), it seemed to work although I had to ignore the warning.

I’m leaving the folders in place as you mentioned to be safe.

[quote:4484ebc5bc=”bryan”]I left the folders on my hard drive because I wasn’t sure if I’d need them in the future. To turn off their shared status, I went into Workgroup Manager, clicked the Sharing icon in the toolbar, and clicked on each Share Point that I didn’t want. On the right side of the window, I unchecked “Share this item and its contents”, clicked Save, and they disappeared from the left side of the window “Share Points.” Is this what you tried?

Bryan[/quote:4484ebc5bc]

[Author]

Posts