New install, httpd client denied by server

[Guest]

I just installed the Toaster on a *fresh* 4.10-STABLE server. Here's what I've done:

Installed vim, bash, cvsup. Got the latest 4.10-STABLE sources, configured the kernel, build/install world. Reboot. Server now running 4.10-STABLE with custom kernel.

I went straight to the Mail::Toaster install. Everything went without a hitch -- except phpMyAdmin, which says it failed, but gives no error and seems to have worked (don't really know how to verify).

I added a doman, added a user, sent mail to the user, user received mail. Went to login via https, and, at first, SquirrelMail didn't work. I kept getting permission denied errors.

[Fri Sep 17 01:13:59 2004] [error] [client 192.168.0.1] client denied by server configuration: /usr/local/www/squirrelmail/src/redirect.php

I consider myself somewhat of an advanced user when it comes to Apache 1.3.x, but for Toaster I went ahead and stuck with 2.x. I figured the problem was the same, and that the PHP files needed the +x attribute. So, I gave it to them. They are world readable and (now) executable. It seems to have resolved that particular issue. I'm not absolutely certain, however, that the permissions on the files themselves were the cause, so if anyone can verify, that'd be awesome.

Also, when I go to the lsoqlog part of the system, I only see text for the images. I checked and it's giving the same errors with SquirrelMail before, but these files aren't executable and shouldn't be. Does anyone know what the issue is? I can't seem to figure it out. All of the directory tree has read-access as well. I wish the apache log was more informative.

One last thing, how do I administrate most of this? Is there an http-based interface? Or is everything done via the "mailadmin" command?

[NightStarLWR]

I have this same issue, I used 4.10-RELEASE.

Installed the toaster, no errors, all went well.

_EVERYTHING_ seems to work.

Except, I get the 403 Forbidden when attempting to use squirrelmail, and same with the isoqlog images (and trying to go to the image directory gives me a 403)

+x on the .php files didn't fix squirrelmail in my case.

I'd love to know what I'm doing wrong. :-/

I installed this toaster on a completely fresh system, installed all distributions, and ports, updated ports, then installed the toaster.

I have not modified ANY configs from how the toaster install set them up.

[Guest]

I'm not exactly sure what I did, but I was messing around with the /usr/local/etc/apache2/httpd.conf file, and had orignally changed the ServerRoot to /usr/local/www, but obviously that broke the paths (oops), so I changed it back, and then it seemed to work (the SquirrelMail). I've still no idea why I can't access the images.

Edit: Also, I've noticed that httpd does not have a startup script, at least not one that is being used. I had to startssl manually, anyone have ideas about that?

[donavan]

I didnt see one in share, but check the work dir in ports/www/apache/, might be something there. you can also use something like this:

Quote:

#!/bin/sh case "$1" in start)    touch /var/log/httpd-access.log    chmod 600 /var/log/httpd-access.log    chown www:www /var/log/httpd-access.log    touch /var/log/httpd-script.log    chmod 600 /var/log/httpd-script.log    chown www:www /var/log/httpd-script.log    touch /var/log/httpd-error.log    chmod 600 /var/log/httpd-error.log    chown www:www /var/log/httpd-error.log    touch /var/run/httpd.pid    chmod 600 /var/run/httpd.pid    chown www:www /var/run/httpd.pid    [ -x /usr/local/sbin/apachectl ] && {       su -m www -c \          '/usr/local/sbin/apachectl start > /dev/null'       echo -n ' apache'    }    ;; stop)    [ -r /var/run/httpd.pid ] && /usr/local/sbin/apachectl stop > /dev/null && echo -n ' apache'    ;; *)    echo "Usage: `basename $0` {start|stop}" >&2    ;; esac exit 0

if you edit the paths, user, etc to suit.

NOTE: Looks like the current Apache2 port installs this startup script, which may or may not work:

Quote:

#!/bin/sh # # $FreeBSD: ports/www/apache2/files/apache.sh,v 1.9 2004/08/23 15:44:51 clement Exp $ # # PROVIDE: apache2 # REQUIRE: NETWORKING SERVERS # BEFORE: DAEMON # KEYWORD: FreeBSD shutdown # # Add the following lines to /etc/rc.conf to enable apache2: # apache2_enable (bool):      Set to "NO" by default. #                             Set it to "YES" to enable apache2 # apache2ssl_enable (bool):   Set to "NO" by default. #                             Set it to "YES" to start apache with SSL #                             (if <IfDefined SSL> exists in httpd.conf) # apache2limits_enable (bool):Set to "NO" by default. #                             Set it to yes to run `limits $limits_args` #                             just before apache starts. # apache2_flags (str):        Set to "" by default. #                             Extra flags passed to start command # apache2limits_args (str):   Default to "-e -C daemon" #                             Arguments of pre-start limits run. # . /etc/rc.subr name="apache2" rcvar=`set_rcvar` start_precmd="apache2_precmd" restart_precmd="apache2_checkconfig" reload_precmd="apache2_checkconfig" command="/usr/local/sbin/httpd" pidfile="/var/run/httpd.pid" required_files=/usr/local/etc/apache2/httpd.conf [ -z "$apache2_enable" ]       && apache2_enable="NO" [ -z "$apache2ssl_enable" ]    && apache2ssl_enable="NO" [ -z "$apache2_flags" ]        && apache2_flags="" [ -z "$apache2limits_enable" ] && apache2limits_enable="NO" [ -z "$apache2limits_args" ]   && apache2limits_args="-e -C daemon" load_rc_config $name checkyesno apache2ssl_enable && \                        apache2_flags="-DSSL $apache2_flags" apache2_checkconfig() {        echo "Performing sanity check on apache2 configuration:"        ${command} -t } apache2_precmd() {        if test -f /usr/local/sbin/envvars        then                . /usr/local/sbin/envvars        fi        if checkyesno apache2limits_enable        then                eval `/usr/bin/limits ${apache2limits_args}` 2>/dev/null        else                return 0        fi } sig_reload=SIGUSR1 extra_commands="reload" run_rc_command "$1"

RE: Isoqlog is b0rked for me too. havnt played with it all though.
RE: Admin. Most of it can be done through Qmailadmin & Vqadmin, depending on how domains youre hosting. Only thing not immediatly available is a function to read/analyze the logs store in /var/log/maillog & /var/log/mail/*
/var/log/maillog will have a *lot* of info for you. look at the lines that have vchkpw-[pop3/smtp] for user info and the spamd and qmailscanner lines for mail filtering info.
[/b]

[Guest]

Wow, cool. Thanks donavan, that was very helpful. I did see some startup scripts, but I'm not sure why the Toaster doesn't make use of them. I'll see what I can do about implementing those. Now, if we can just figure out the isoqlogs...

[NightStarLWR]

Ahh...

I fixed my squirrelmail

<Directory "/usr/local/www/squirrelmail">
   Options Indexes MultiViews FollowSymLinks ExecCGI
   AllowOverride None
   Order allow,deny
   Allow from all
</Directory>

<Directory "/usr/local/share/isoqlog/htmltemp/images">
   Options Indexes MultiViews
   AllowOverride none
   Order allow,deny
   Allow from all
</Directory>

in my /usr/local/etc/apache2/httpd.conf


This fixed the isoqlog images, and squirrelmail.  Though, the squirrelmail login page has a broken image.

[Guest]

Yeah, I saw the broken image as well. You need to run the conf.pl or edit config.php in the Squirrelmail directory and configure the logo. Or, you can type ln -s /usr/local/www/squirrelmail/images/sm_logo.png /usr/local/www/squirrelmail/images/tnpi_logo.png

Also, about the Apache2 not starting up at boot time, I belive all that is needed is apache2ssl_enable="YES" to /etc/rc.conf

Cool, I guess that about sums everything up

Edit: Oops, I don't know how to read. You also need to add apache2_enable="YES" to /etc/rc.conf.