Tag: php

Portsnap, Apache Configurations, and CGI – Questions Answered

  1. Explain the importance of installing and running portsnap after installing a current version of FreeBSD.

    Portsnap is a system for securely distributing the FreeBSD ports tree. Approximately once an hour, a “snapshot” of the ports tree is generated, repackaged, and cryptographically signed. The resulting files are then distributed via HTTP.

    The first time portsnap is run, it will need to download a compressed snapshot of the entire ports tree (portsnap fetch) and then a “live” copy of the ports tree can be extracted into /usr/ports/ (portsnap extract). This is necessary even if a ports tree has already been created in that directory (e.g., by using CVSup), since it establishes a baseline from which portsnap can determine which parts of the ports tree need to be updated later.

    Initializing portsnap as soon as possible will ensure the most secure and up to date software installations on your machine and will prevent a long download of the initial compressed tree when you need it later.

    After the initialization of portsnap, it is recommended to put ‘portsnap cron’ in a cronjob to fetch updates regularly. Then you should use ‘portsnap update’ before using the ports system. Putting ‘portsnap update’ in cron is not recommended since it can cause problems if run while using the ports tree.

  2. Explain the role configuration files in Unix applications. In Apache version 2.2, the configuration files have been modularized. What are the advantages and disadvantages of using a modular approach to configuration files?

    Configuration files allow you to control the settings and parameters of a service or program by editing in most cases a simple text file. Well known configuration files include /etc/hosts (local hostname to ip resolution), /etc/nsswitch.conf (name service configuration), /etc/resolv.conf (DNS server configuration). Samba uses a configuration file which looks more like a windows .ini file. Apache uses it’s own XML-ish format

    Apache’s use of modular configuration files is not new in version 2.2 as can be seen here: http://httpd.apache.org/docs/1.3/mod/core.html#include

    More likely you are used to a binary distribution of Apache which has split the configuration file into several files/directories and included them for te base configuration. The reason for doing this is convenience. It is easy to manage multiple Apache servers with similar settings by creating a basic shared configuration for all servers and only modifying a subset of the configuration sitting in an included file.

    It is also popular to use a set of prepared configuration files (module configurations/vhost configurations) in a directory marked “_available” and symlink them into a directory called “_enabled” which is included in the Apache configuration. This provides a quick on/off mechanism for certain configurations.

  3. Explain the use of “directives” in configuration files. Provide an example of two directives found in an Apache configuration file and detail what each accomplishes.

    Directives is a word which is pretty specific to Apache. Each directive controls some part of the configuration. Apache has ~410 of them. Each one is characterized by the syntax of the arguments it accepts, the default value if there is one, the context in which it can be used (server, virtual host, directory, etc.), what overrides must be in place for the directive to be used in a .htaccess file, status, module, and compatibility.


    ServerName is a directive which sets the request scheme, hostname and port that the server uses to identify itself. http://httpd.apache.org/docs/2.2/mod/core.html#servername

    The ServerAdmin directive sets the contact address that the server includes in any error messages it returns to the client. http://httpd.apache.org/docs/2.2/mod/core.html#serveradmin

  4. What is meant by “overrides”? Provide an example of an override found in an Apache configuration file and detail what is accomplished by the override.

    An override allows a directive to be overridden by directives in a .htaccess file located in one of the web content directories.

    An example of an override is AuthConfig. This override will allow the .htaccess file in a directory to change the apache configuration of that directory in terms of authentication (either allow or deny access, specify users, etc.) http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride

  5. Define what is meant up a Common Gateway Interface, how it is used in websites, and the methods for providing one? Discuss the advantages and disadvantages of providing this functionality on a web site.

    CGI is an older standard for allowing a web server like Apache to send request parameters to an external program and use the program’s output as a response. Before scripting languages like PHP or PERL where built straight into web server modules, this was the only way to use dynamically generated content.

    CGI is generally not a great solution today although it is still used. It’s performance is poor due to the need to start a completely new process on each request. CGIs generally take more memory and require more open processes on the server. PERL has a CGI module which makes writing a CGI script fairly easy.

    More common today is the use of FastCGI which requires a different interface from the external program. FastCGI keeps a number of external programs running to improve performance. Many recommend running PHP as a FastCGI program in order to take advantage of Apache’s newer multi-threaded MPM.

Sun Apache2 breaks PHP?

This post isn’t going to solve anyone’s problems but maybe someone will solve mine.
I recently compiled and packaged a new release of php4 (4.4.7) for use with Sun’s Apache2 (Solaris 10 11/06 patched).
Unfortunately for some very strange reason, Apache segfaults whenever it tries to server a page. It segfaults even if the page has no php involved and only if the php module is loaded.

Here is some sample truss output:

2146:   stat64("/var/apache2/vservers/htdocs/favicon.ico", 0xFFBFF720) Err#2 ENOENT
2146: lstat64("/var", 0xFFBFF720) = 0
2146: lstat64("/var/apache2", 0xFFBFF720) = 0
2146: lstat64("/var/apache2/vservers", 0xFFBFF720) = 0
2146: lstat64("/var/apache2/vservers/htdocs", 0xFFBFF720) = 0
2146: lstat64("/var/apache2/vservers/htdocs/favicon.ico", 0xFFBFF720) Err#2 ENOENT
2146: Incurred fault #6, FLTBOUNDS %pc = 0xFE887CF8
2146: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000054
2146: Received signal #11, SIGSEGV [caught]
2146: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000054
2146: schedctl() = 0xFEE06000
2146: lwp_sigmask(SIG_SETMASK, 0x00000400, 0x00000000) = 0xFFBFFEFF [0x0000FFFF]
2146: chdir("/usr/apache2") = 0
2146: sigaction(SIGSEGV, 0xFFBFF2B8, 0xFFBFF358) = 0
2146: getpid() = 2146 [912]
2146: getpid() = 2146 [912]
2146: kill(2146, SIGSEGV) = 0
2146: setcontext(0xFFBFF298)
2146: Received signal #11, SIGSEGV [default]
2146: siginfo: SIGSEGV pid=2146 uid=80

I configured Solaris to dump core and gdb’d the core file:

#0  php_handler (r=0x1964e8) at /root/dev/php-4.4.7/sapi/apache2handler/sapi_apache2.c:470
470 /root/dev/php-4.4.7/sapi/apache2handler/sapi_apache2.c: No such file or directory.
in /root/dev/php-4.4.7/sapi/apache2handler/sapi_apache2.c
(gdb) bt full
#0 php_handler (r=0x1964e8) at /root/dev/php-4.4.7/sapi/apache2handler/sapi_apache2.c:470
ctx = (php_struct *) 0x0
conf = (void *) 0x0
brigade = (apr_bucket_brigade *) 0x197f38
bucket = (apr_bucket *) 0x0
parent_req = (request_rec *) 0x0
#1 0x0002e730 in ap_run_handler ()
No symbol table info available.
#2 0x0002ed20 in ap_invoke_handler ()
No symbol table info available.
#3 0x0002baa8 in ap_process_request ()
No symbol table info available.
#4 0x0002670c in .st_double_foreff ()
No symbol table info available.
#5 0x0002670c in .st_double_foreff ()
No symbol table info available.
Previous frame identical to this frame (corrupt stack?)
(gdb) quit

I found some people with a similar problem but no answers here: http://forum.java.sun.com/thread.jspa?threadID=5137425&tstart=270

I even tried my old package for php 4.4.3 but no luck. The only difference between the old machine and the new that I know of is that the old machine is 06/06 and the new one is 11/06????

In the end, I ditch Sun’s Apache2 and install Blastwave packages and everything works.

All I can say is that Sun is wasting it’s time on desktops. Sun needs to bring their software delivery and upgrade management up to Redhat/Debian standards. If they would just do that, they could start charging for their OS again.

Setup PPTP on Ubuntu

Here is a quick howto on installing and setting up PPTP on Ubuntu.
Specifically I’ll be attempting to configure this machine to use the Israeli ISP 012 over a cable modem. 012 provides some sort of installation package for Linux but it doesn’t support Ubuntu.

Anyway- here are my steps:
xhost +
sudo su-
export DISPLAY=’:0′
echo ‘deb http://quozl.netrek.org/pptp/pptpconfig ./’ >> /etc/apt/sources.list
apt-get update
apt-get install pptp-linux
apt-get install pptpconfig
Use the server cablepns.012.net.il and the user/password provided by the ISP

Set the Cable connection to by your default route (All to Tunnel)

Select ‘usepeerdns’ enabled (Automatic)

Set the tunnel to reconnect if disconnected.
Use the following pppd options:

noipdefault noauth default-asyncmap noipx defaultroute hide-password nodetach maxfail 1 lcp-max-configure 6 linkname cable ipparam cable-pptp userpeerdns persist mtu 1460 mru 1460 noproxyarp noaccomp nobsdcomp nodeflate nopcomp user cable lcp-echo-interval 20 lcp-echo-failure 3

Click Add and Start
Now if you don’t have a network connection which is very likely you will need your ubuntu cd and these files from the apt source we added:

Instead of the ‘apt-get install pptpconfig’ step above do:
dpkg -i php-gtk-pcntl_1.0.0-2_i386.deb
dpkg -i php-pcntl_4.3.8-2_i386.deb
dpkg -i pptpconfig_20060821-0_all.deb