dee2041da1
ok naddy@ |
||
---|---|---|
.. | ||
README.chroot |
# $OpenBSD: README.chroot,v 1.5 2009/02/17 09:04:07 giovanni Exp $ # Author: Jolan Luff <jolan@openbsd.org> In order to make CVSweb operate in a chroot environment, it is necessary to copy all of the relevant tools, libraries, and perl modules that CVSweb employs into /var/www. First, create the basic directory structure: $ cd /var/www # mkdir {tmp,usr} # chown www:www tmp (needs to be writeable for the www user) $ cd /var/www/usr # mkdir -p {bin,lib,libdata/perl5,libexec} $ cd /var/www/usr/libdata/perl5 # mkdir -p {File,IPC,Time,warnings,`machine`-openbsd/5.10.0} Now, the required binaries: $ cd /var/www/usr/bin # cp -p /usr/bin/{co,cvs,diff,perl,rcsdiff,rlog,uname} . Next, the libraries that the binaries are linked to: NOTE: Wildcards will, of course, copy any old, unused libraries that are lurking around (for example, from an upgrade): $ cd /var/www/usr/lib # cp -p /usr/lib/lib{c,crypto,des,gssapi,krb5,m,perl,util,z}.so* . Now, the run-time link-editor: $ cd /var/www/usr/libexec # cp -p /usr/libexec/ld.so . And finally, the perl modules: $ cd /var/www/usr/libdata/perl5 # cp -p /usr/libdata/perl5/{Carp,Exporter,Symbol,base,integer}.pm . # cp -p /usr/libdata/perl5/{strict,warnings,vars}.pm . # cp -p /usr/libdata/perl5/File/Basename.pm ./File/ # cp -p /usr/libdata/perl5/IPC/Open{2,3}.pm ./IPC/ # cp -p /usr/libdata/perl5/Time/Local.pm ./Time/ # cp -p /usr/libdata/perl5/warnings/register.pm ./warnings/ $ cd /var/www/usr/libdata/perl5/`machine`-openbsd/5.10.0 # cp -p /usr/libdata/perl5/`machine`-openbsd/5.10.0/{Config,Cwd}.pm . Editing cvsweb and cvsweb.conf ------------------------------ The cvsweb program itself and cvsweb.conf both assume Apache is not running in a chroot environment, so we need to change some default paths so they are relative to /var/www. In /var/www/cgi-bin/cvsweb: for ("$mydir/cvsweb.conf", '/var/www/conf/cvsweb/cvsweb.conf') { for ("$mydir/cvsweb.conf", '/conf/cvsweb/cvsweb.conf') { In /var/www/conf/cvsweb/cvsweb.conf: Change CVSrepositories to reflect the location of the directories which contain CVSROOT. This example shows a local repository NFS mounted over loopback into /var/www/cvs, since the directory must be relative to /var/www, we use /cvs. @CVSrepositories = ( 'local' => ['Local Repository', '/home/cvs'], (default) 'local' => ['Local Repository', '/cvs'], (chroot) And the same idea for $mimetypes: $mime_types = '/var/www/conf/mime.types'; (default) $mime_types = '/conf/mime.types'; (chroot)