[OpenBSDsupport]

Gallery software working in chroot apache in OpenBSD


#!/bin/sh
#
# [ gallery-openbsd-chroot-install ]
#
# ------------------------------------------------------------------------
# Copyright (c) 2005 Nick G Holmes 
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# ------------------------------------------------------------------------
#
# 1.0    03-Apr-2005    NGH    First release
# 1.1 22-May-2005 NGH    Update for PHP 4.3.11, Gallery 1.5, + tidy up
#
# From 1.1 we're using netpbm only as it's easier to manage!
#
#
# OVERVIEW
# ========
# This script copies the necessary files from the true root
# to Apache's chroot'd environment. Script creates needed
# directories. Assumes you're using ports, otherwise just
# add your binary packages the usual way.
#
# Test Environment:
#    * OpenBSD 3.7 -CURRENT (i386)
#    * Compaq D5S SFF - P4 1.7GHz, 256MB RAM
#    * Gallery 1.5
#    * PHP 4.3.11
#    * NetPBM 9.24
#
# INSTALLING A CHROOT'D GALLERY
# =============================
#
#    00*    First, make sure you change rc.conf to httpd_flags=""
#    01    cd /usr/ports/www/php4/core
#    02    make install
#    03    cp /usr/local/share/examples/php4/php.ini-recommended
/var/www/conf/php.ini
#    04    /usr/local/sbin/phpxs -s
#    05    echo '' > /var/www/htdocs/phptest.html
#            - Use your browser to checkout the phptest page to make sure it is all
working!
#    06    cd /usr/ports/graphics/netpbm
#    07    make install
#    08    cd /usr/ports/graphics/jhead
#    09    make install
#    10    Download gallery and tar xfz the file into htdocs
#    11    mkdir -p /var/www/htdocs/albums
#    12    chown www:www /var/www/htdocs/albums
#    13    chmod 755 /var/www/htdocs/albums
#    14    ** NOW RUN THIS SCRIPT **
#    15    Using your web browser, follow the gallery setup procedure
#        - Don't forget temp directory is /tmp as it will be chroot!
#    16    After it's all working, cd to /var/www/htdocs/gallery and run
./secure.sh
#
#
# A FINAL NOTE
# ============
# This script worked for me. It might not work for you. Mileage may vary.
# My scripting isn't so hot, so the below is probably very basic looking.
# If you spot any errors, please e-mail me.
#
# My thanks goes out to:
#    * Bruno Rohee.........(Suggestions on libraries)
#    * Stuart Henderson....(advice on using ldd)
#    * Daniel Polak........(Help with files I missed)
#    * And everyone else on the OpenBSD misc@ mailing list
#
# ===============================================
#

echo '== Gallery chroot Copy Tool =='

echo 'Making /var/www/tmp ...'
mkdir -p /var/www/tmp
chmod -R 777 /var/www/tmp
echo 'Making /var/www/htdocs/gallery/config.php ...'
touch /var/www/htdocs/gallery/config.php
chmod 0777 /var/www/htdocs/gallery/config.php
echo 'Making /var/www/htdocs/gallery/.htaccess ...'
touch /var/www/htdocs/gallery/.htaccess
chmod 0777 /var/www/htdocs/gallery/.htaccess
echo ' Creating support directories within chroot ...'
mkdir -p /var/www/bin
mkdir -p /var/www/var/run
mkdir -p /var/www/usr/lib
mkdir -p /var/www/usr/libexec
mkdir -p /var/www/usr/local/bin
mkdir -p /var/www/usr/local/lib
mkdir -p /var/www/usr/local/include
mkdir -p /var/www/usr/local/include/libpng
mkdir -p /var/www/usr/local/share/netpbm
#
# Mirror misc files
# -----------------
echo 'Copying shell files...'
cd /var/www/bin
cp /bin/sh .
cd /var/www/usr/local/bin
echo 'Copying jhead files...'
cp /usr/local/bin/jhead .
echo 'Copying jpegtran files...'
cp /usr/local/bin/jpegtran .
#
# Mirror libs to chroot jail
# --------------------------
echo 'Copying library files...'
cp /usr/lib/libc*                /var/www/usr/lib
cp /usr/lib/libm*                /var/www/usr/lib
cp /usr/lib/libz*                /var/www/usr/lib
cp /usr/libexec/ld.so            /var/www/usr/libexec
cp /usr/local/lib/libiconv.*        /var/www/usr/local/lib
cp /usr/local/lib/libjpeg.*        /var/www/usr/local/lib
cp /usr/local/lib/libpbm.*        /var/www/usr/local/lib
cp /usr/local/lib/libpgm.*        /var/www/usr/local/lib
cp /usr/local/lib/libpng.*        /var/www/usr/local/lib
cp /usr/local/lib/libpnm.*        /var/www/usr/local/lib
cp /usr/local/lib/libppm.*        /var/www/usr/local/lib
cp /usr/local/lib/libtiff.*        /var/www/usr/local/lib
cp /usr/local/include/libpng/*    /var/www/usr/local/include/libpng
cp /var/run/ld.so.hints            /var/www/var/run
#
# Mirror netpbm to chroot jail
# ----------------------------
echo 'Copying netpbm files...'
cd /var/www/usr/local/bin
cp         /usr/local/bin/*ppm*        .
cp         /usr/local/bin/*pnm*        .
cp         /usr/local/bin/*pgm*        .
cp         /usr/local/bin/*pbm*        .
cp         /usr/local/bin/*pam*        .
cp         /usr/local/bin/*pcd*        .
cd /var/www/usr/local/include
cp         /usr/local/include/pam.h        .
cp         /usr/local/include/pammap.h    .
cp         /usr/local/include/pbm.h        .
cp         /usr/local/include/pgm.h        .
cp         /usr/local/include/pm.h        .
cp         /usr/local/include/pm_config.h    .
cp         /usr/local/include/pm_shhopt.h    .
cp         /usr/local/include/pnm.h        .
cp         /usr/local/include/ppm.h        .
cp         /usr/local/include/ppmcmap.h    .
cp         /usr/local/include/ppmdraw.h    .
cp         /usr/local/include/ppmfloyd.h    .
cd /var/www/usr/local/lib
cp         /usr/local/lib/libp*        .
cd /var/www/usr/local/share/netpbm
cp         /usr/local/share/netpbm/* .
echo 'Setting permissions on chroot jail...'
chmod -R 755 /var/www/usr
cd /var/www
echo 'Complete.'