![[OpenBSDsupport]](/images/smalltitle-support.png)
Gallery software working in chroot apache in OpenBSD
#!/bin/sh
#
# [ gallery-openbsd-chroot-install ]
#
# ------------------------------------------------------------------------
# Copyright (c) 2005 Nick G Holmes
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# ------------------------------------------------------------------------
#
# 1.0 03-Apr-2005 NGH First release
# 1.1 22-May-2005 NGH Update for PHP 4.3.11, Gallery 1.5, + tidy up
#
# From 1.1 we're using netpbm only as it's easier to manage!
#
#
# OVERVIEW
# ========
# This script copies the necessary files from the true root
# to Apache's chroot'd environment. Script creates needed
# directories. Assumes you're using ports, otherwise just
# add your binary packages the usual way.
#
# Test Environment:
# * OpenBSD 3.7 -CURRENT (i386)
# * Compaq D5S SFF - P4 1.7GHz, 256MB RAM
# * Gallery 1.5
# * PHP 4.3.11
# * NetPBM 9.24
#
# INSTALLING A CHROOT'D GALLERY
# =============================
#
# 00* First, make sure you change rc.conf to httpd_flags=""
# 01 cd /usr/ports/www/php4/core
# 02 make install
# 03 cp /usr/local/share/examples/php4/php.ini-recommended
/var/www/conf/php.ini
# 04 /usr/local/sbin/phpxs -s
# 05 echo '' > /var/www/htdocs/phptest.html
# - Use your browser to checkout the phptest page to make sure it is all
working!
# 06 cd /usr/ports/graphics/netpbm
# 07 make install
# 08 cd /usr/ports/graphics/jhead
# 09 make install
# 10 Download gallery and tar xfz the file into htdocs
# 11 mkdir -p /var/www/htdocs/albums
# 12 chown www:www /var/www/htdocs/albums
# 13 chmod 755 /var/www/htdocs/albums
# 14 ** NOW RUN THIS SCRIPT **
# 15 Using your web browser, follow the gallery setup procedure
# - Don't forget temp directory is /tmp as it will be chroot!
# 16 After it's all working, cd to /var/www/htdocs/gallery and run
./secure.sh
#
#
# A FINAL NOTE
# ============
# This script worked for me. It might not work for you. Mileage may vary.
# My scripting isn't so hot, so the below is probably very basic looking.
# If you spot any errors, please e-mail me.
#
# My thanks goes out to:
# * Bruno Rohee.........(Suggestions on libraries)
# * Stuart Henderson....(advice on using ldd)
# * Daniel Polak........(Help with files I missed)
# * And everyone else on the OpenBSD misc@ mailing list
#
# ===============================================
#
echo '== Gallery chroot Copy Tool =='
echo 'Making /var/www/tmp ...'
mkdir -p /var/www/tmp
chmod -R 777 /var/www/tmp
echo 'Making /var/www/htdocs/gallery/config.php ...'
touch /var/www/htdocs/gallery/config.php
chmod 0777 /var/www/htdocs/gallery/config.php
echo 'Making /var/www/htdocs/gallery/.htaccess ...'
touch /var/www/htdocs/gallery/.htaccess
chmod 0777 /var/www/htdocs/gallery/.htaccess
echo ' Creating support directories within chroot ...'
mkdir -p /var/www/bin
mkdir -p /var/www/var/run
mkdir -p /var/www/usr/lib
mkdir -p /var/www/usr/libexec
mkdir -p /var/www/usr/local/bin
mkdir -p /var/www/usr/local/lib
mkdir -p /var/www/usr/local/include
mkdir -p /var/www/usr/local/include/libpng
mkdir -p /var/www/usr/local/share/netpbm
#
# Mirror misc files
# -----------------
echo 'Copying shell files...'
cd /var/www/bin
cp /bin/sh .
cd /var/www/usr/local/bin
echo 'Copying jhead files...'
cp /usr/local/bin/jhead .
echo 'Copying jpegtran files...'
cp /usr/local/bin/jpegtran .
#
# Mirror libs to chroot jail
# --------------------------
echo 'Copying library files...'
cp /usr/lib/libc* /var/www/usr/lib
cp /usr/lib/libm* /var/www/usr/lib
cp /usr/lib/libz* /var/www/usr/lib
cp /usr/libexec/ld.so /var/www/usr/libexec
cp /usr/local/lib/libiconv.* /var/www/usr/local/lib
cp /usr/local/lib/libjpeg.* /var/www/usr/local/lib
cp /usr/local/lib/libpbm.* /var/www/usr/local/lib
cp /usr/local/lib/libpgm.* /var/www/usr/local/lib
cp /usr/local/lib/libpng.* /var/www/usr/local/lib
cp /usr/local/lib/libpnm.* /var/www/usr/local/lib
cp /usr/local/lib/libppm.* /var/www/usr/local/lib
cp /usr/local/lib/libtiff.* /var/www/usr/local/lib
cp /usr/local/include/libpng/* /var/www/usr/local/include/libpng
cp /var/run/ld.so.hints /var/www/var/run
#
# Mirror netpbm to chroot jail
# ----------------------------
echo 'Copying netpbm files...'
cd /var/www/usr/local/bin
cp /usr/local/bin/*ppm* .
cp /usr/local/bin/*pnm* .
cp /usr/local/bin/*pgm* .
cp /usr/local/bin/*pbm* .
cp /usr/local/bin/*pam* .
cp /usr/local/bin/*pcd* .
cd /var/www/usr/local/include
cp /usr/local/include/pam.h .
cp /usr/local/include/pammap.h .
cp /usr/local/include/pbm.h .
cp /usr/local/include/pgm.h .
cp /usr/local/include/pm.h .
cp /usr/local/include/pm_config.h .
cp /usr/local/include/pm_shhopt.h .
cp /usr/local/include/pnm.h .
cp /usr/local/include/ppm.h .
cp /usr/local/include/ppmcmap.h .
cp /usr/local/include/ppmdraw.h .
cp /usr/local/include/ppmfloyd.h .
cd /var/www/usr/local/lib
cp /usr/local/lib/libp* .
cd /var/www/usr/local/share/netpbm
cp /usr/local/share/netpbm/* .
echo 'Setting permissions on chroot jail...'
chmod -R 755 /var/www/usr
cd /var/www
echo 'Complete.'
Copyright © 2004 - 2005 Daniel Ouellet. All rights reserved.
Articles and comments are copyright their respective authors, submission implies license to publish on this web site under a BSD license.
This site runs with Apache on OpenBSD.