On 2024/08/21 10:21, David Colburn wrote:
> Notes:
>
> 1. I've read the manual entry, and multiple threads related to this, more
> than once.
>
> 2. The “chroot location” as defined in /etc/lighttpd.conf. is unchanged -
> /var/www
>
> 3. Someone suggested, and I also tried "/var/www/" - same error.
>
> 4. As previously noted - Stuart's answer was tested on a clean, unmodified,
> lighttpd.conf.
>
> 5. As previously noted I also tried removing "nodev" from /etc/fstab on line
> "/var ffs
> rw,nosuid 1 2"
Did you either reboot or remount /var after changing this?
> Thanks
>
>
> ``` # lighttpd configuration file
>
> ############ Options you really have to take care of ####################
>
> ## modules to load
> # at least mod_access and mod_accesslog should be loaded
> # all other module should only be loaded if really neccesary
> # - saves some time
> # - saves memory
> server.modules = (
> # "mod_rewrite",
> # "mod_redirect",
> # "mod_alias",
> "mod_access",
> # "mod_trigger_b4_dl",
> # "mod_auth",
> # "mod_status",
> # "mod_setenv",
> # "mod_fastcgi",
> # "mod_proxy",
> # "mod_simple_vhost",
> # "mod_evhost",
> # "mod_userdir",
> # "mod_cgi",
> # "mod_deflate",
> # "mod_ssi",
> # "mod_expire",
> # "mod_rrdtool",
> "mod_accesslog" )
>
> ## A static document-root. For virtual hosting take a look at the
> ## mod_simple_vhost module.
> server.document-root = "htdocs/"
>
> #### accesslog module
> accesslog.filename = "logs/access.log"
>
> ## where to send error-messages to
> server.errorlog = "logs/error.log"
>
> # files to check for if .../ is requested
> index-file.names = ( "index.html", "index.htm", "default.htm" )
>
> server.event-handler = "kqueue"
> server.network-backend = "writev"
>
> server.bind = "0.0.0.0"
> server.port = "80"
>
> $SERVER["socket"] == "[::]:80" { }
>
> # mimetype mapping
>
> mimetype.assign = (
> ".pdf" => "application/pdf",
> ".sig" => "application/pgp-signature",
> ".spl" => "application/futuresplash",
> ".class" => "application/octet-stream",
> ".ps" => "application/postscript",
> ".torrent" => "application/x-bittorrent",
> ".dvi" => "application/x-dvi",
> ".gz" => "application/x-gzip",
> ".pac" => "application/x-ns-proxy-autoconfig",
> ".swf" => "application/x-shockwave-flash",
> ".tar.gz" => "application/x-tgz",
> ".tgz" => "application/x-tgz",
> ".tar" => "application/x-tar",
> ".zip" => "application/zip",
> ".mp3" => "audio/mpeg",
> ".m3u" => "audio/x-mpegurl",
> ".wma" => "audio/x-ms-wma",
> ".wax" => "audio/x-ms-wax",
> ".ogg" => "application/ogg",
> ".wav" => "audio/x-wav",
> ".gif" => "image/gif",
> ".jar" => "application/x-java-archive",
> ".jpg" => "image/jpeg",
> ".jpeg" => "image/jpeg",
> ".png" => "image/png",
> ".xbm" => "image/x-xbitmap",
> ".xpm" => "image/x-xpixmap",
> ".xwd" => "image/x-xwindowdump",
> ".css" => "text/css",
> ".html" => "text/html",
> ".htm" => "text/html",
> ".js" => "text/javascript",
> ".asc" => "text/plain",
> ".c" => "text/plain",
> ".cpp" => "text/plain",
> ".log" => "text/plain",
> ".conf" => "text/plain",
> ".text" => "text/plain",
> ".txt" => "text/plain",
> ".dtd" => "text/xml",
> ".xml" => "text/xml",
> ".mpeg" => "video/mpeg",
> ".mpg" => "video/mpeg",
> ".mov" => "video/quicktime",
> ".qt" => "video/quicktime",
> ".avi" => "video/x-msvideo",
> ".asf" => "video/x-ms-asf",
> ".asx" => "video/x-ms-asf",
> ".wmv" => "video/x-ms-wmv",
> ".bz2" => "application/x-bzip",
> ".tbz" => "application/x-bzip-compressed-tar",
> ".tar.bz2" => "application/x-bzip-compressed-tar",
> # default mime type
> "" => "application/octet-stream",
> )
>
> # Use the "Content-Type" extended attribute to obtain mime type if possible
> #mimetype.use-xattr = "enable"
>
> ## send a different Server: header
> ## be nice and keep it at lighttpd
> # server.tag = "lighttpd"
>
> ## deny access the file-extensions
> #
> # ~ is for backupfiles from vi, emacs, joe, ...
> # .inc is often used for code includes which should in general not be part
> # of the document-root
> url.access-deny = ( "~", ".inc" )
>
> $HTTP["url"] =~ "\.pdf$" {
> server.range-requests = "disable"
> }
>
> ##
> # which extensions should not be handle via static-file transfer
> #
> # .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
> static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
>
> ######### Options that are good to be but not neccesary to be changed #######
>
> ## error-handler for status 404
> #server.error-handler-404 = "/error-handler.html"
> #server.error-handler-404 = "/error-handler.php"
>
> ## to help the rc.scripts
> server.pid-file = "/var/run/lighttpd.pid"
>
> ###### virtual hosts
> ##
> ## If you want name-based virtual hosting add the next three settings and
> load
> ## mod_simple_vhost
> ##
> ## document-root =
> ## virtual-server-root + virtual-server-default-host +
> virtual-server-docroot
> ## or
> ## virtual-server-root + http-host + virtual-server-docroot
> ##
> #simple-vhost.server-root = "/srv/www/vhosts/"
> #simple-vhost.default-host = "www.example.org"
> #simple-vhost.document-root = "/htdocs/"
>
>
> ##
> ## Format: <errorfile-prefix><status-code>.html
> ## -> ..../status-404.html for 'File not found'
> #server.errorfile-prefix = "/usr/share/lighttpd/errors/status-"
> #server.errorfile-prefix = "/srv/www/errors/status-"
>
> ## virtual directory listings
> #dir-listing.activate = "enable"
> ## select encoding for directory listings
> #dir-listing.encoding = "utf-8"
>
> ## enable debugging
> #debug.log-request-header = "enable"
> #debug.log-response-header = "enable"
> #debug.log-request-handling = "enable"
> #debug.log-file-not-found = "enable"
>
> # chroot() to directory
> server.chroot = "/var/www"
>
> server.username = "_lighttpd"
> server.groupname = "_lighttpd"
>
> #### compress module
> #compress.cache-dir = "/var/cache/lighttpd/compress/"
> #compress.filetype = ("text/plain", "text/html")
>
> #### proxy module
> ## read proxy.txt for more info
> #proxy.server = ( ".php" =>
> # ( "localhost" =>
> # (
> # "host" => "192.168.0.101",
> # "port" => 80
> # )
> # )
> # )
>
> #### fastcgi module
> ## read fastcgi.txt for more info
> ## for PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini
> #fastcgi.server = ( ".php" =>
> # ( "localhost" =>
> # (
> # "socket" =>
> "/var/run/lighttpd/php-fastcgi.socket",
> # "bin-path" => "/usr/local/bin/php-cgi"
> # )
> # )
> # )
>
> #### CGI module
> #cgi.assign = ( ".pl" => "/usr/bin/perl",
> # ".cgi" => "/usr/bin/perl" )
> #
>
> #### SSL engine
> #ssl.engine = "enable"
> #ssl.pemfile = "/etc/ssl/private/lighttpd.pem"
>
> #### status module
> #status.status-url = "/server-status"
> #status.config-url = "/server-config"
>
> #### auth module
> ## read authentication.txt for more info
> #auth.backend = "plain"
> #auth.backend.plain.userfile = "lighttpd.user"
> #auth.backend.plain.groupfile = "lighttpd.group"
>
> #auth.backend.ldap.hostname = "localhost"
> #auth.backend.ldap.base-dn = "dc=my-domain,dc=com"
> #auth.backend.ldap.filter = "(uid=$)"
>
> #auth.require = ( "/server-status" =>
> # (
> # "method" => "digest",
> # "realm" => "download archiv",
> # "require" => "user=jan"
> # ),
> # "/server-config" =>
> # (
> # "method" => "digest",
> # "realm" => "download archiv",
> # "require" => "valid-user"
> # )
> # )
>
> #### url handling modules (rewrite, redirect, access)
> #url.rewrite = ( "^/$" => "/server-status" )
> #url.redirect = ( "^/wishlist/(.+)" => "http://www.123.org/$1"; )
> #### both rewrite/redirect support back reference to regex conditional using
> %n
> #$HTTP["host"] =~ "^www\.(.*)" {
> # url.redirect = ( "^/(.*)" => "http://%1/$1"; )
> #}
>
> #
> # define a pattern for the host url finding
> # %% => % sign
> # %0 => domain name + tld
> # %1 => tld
> # %2 => domain name without tld
> # %3 => subdomain 1 name
> # %4 => subdomain 2 name
> #
> #evhost.path-pattern = "/srv/www/vhosts/%3/htdocs/"
>
> #### expire module
> #expire.url = ( "/buggy/" => "access 2 hours", "/asdhas/" =>
> "access plus 1
> seconds>
>
> #### ssi
> #ssi.extension = ( ".shtml" )
>
> #### rrdtool
> #rrdtool.binary = "/usr/local/bin/rrdtool"
> #rrdtool.db-name = "/var/lib/lighttpd/lighttpd.rrd"
>
> #### setenv
> #setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" )
> #setenv.add-response-header = ( "X-Secret-Message" => "42" )
>
> ## for mod_trigger_b4_dl
> # trigger-before-download.gdbm-filename = "/var/lib/lighttpd/trigger.db"
> # trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" )
> # trigger-before-download.trigger-url = "^/trigger/"
> # trigger-before-download.download-url = "^/download/"
> # trigger-before-download.deny-url = "http://127.0.0.1/index.html";
> # trigger-before-download.trigger-timeout = 10
>
> #### variable usage:
> ## variable name without "." is auto prefixed by "var." and becomes "var.bar"
> #bar = 1
> #var.mystring = "foo"
>
> ## integer add
> #bar += 1
> ## string concat, with integer cast as string, result: "www.foo1.com"
> #server.name = "www." + mystring + var.bar + ".com"
> ## array merge
> #index-file.names = (foo + ".php") + index-file.names
> #index-file.names += (foo + ".php")
>
> #### include
> #include /etc/lighttpd/lighttpd-inc.conf
> ## same as above if you run: "lighttpd -f /etc/lighttpd/lighttpd.conf"
> #include "lighttpd-inc.conf"
>
> #### include_shell
> #include_shell "echo var.a=1"
> ## the above is same as:
> #var.a=1
>
> ```
>
> On 8/21/24 06:06, Robert Klein wrote:
>
> Hi,
>
> your “chroot location” is defined in /etc/lighttpd.conf. If you didn't
> change it, it is /var/www.
>
> Please read the man page for chroot(8). The command to do this is “man 8
> chroot” (without the quotes). Alternatively the Wikipedia entry for chroot
> can help you understand what chroot is and does.
>
> Stuart's answers assume you didn't change the file /etc/lighttpd.conf.
> If you did change it, you might want to send the contents of the changed
> file, too.
>
> Best regards,
> Robert
>
>
> On Tue, 20 Aug 2024 12:33:57 -0400
> David Colburn <q...@kd4e.com> wrote:
>
>
> So, I'm at a dead end atm.
>
> It was a clean install - OpenBSD 7.5, php 8.3.10,
> lighttpd-1.4.74-mysql
>
> What should have worked (Stuart's instructions) didn't.
>
> 'chroot' locations are as listed (see following).
>
> Where do I go from here, please?
>
> Is it possible that the lighttpd.conf from lighttpd-1.4.74-mysql
> contains errors?
>
> Or, that I should have used a different version of lighttpd?
>
> Or ...
>
> Thanks.
>
>
> b7# locate chroot
>
> /usr/local/share/doc/pkg-readmes/femail-chroot
>
> /usr/sbin/chroot
>
> /usr/share/man/man2/chroot.2
>
> /usr/share/man/man8/chroot.8
>
> /var/db/pkg/femail-chroot-1.0p3
>
> /var/db/pkg/femail-chroot-1.0p3/+CONTENTS
>
> /var/db/pkg/femail-chroot-1.0p3/+DESC
>
> /var/db/pkg/femail-chroot-1.0p3/+REQUIRED_BY
>
> /var/db/pkg/femail-chroot-1.0p3/REQUIRING
>
> On 8/18/24 20:30, Stuart Henderson wrote:
>
> Hmm. That should be ok...
>
> --
> Sent from a phone, apologies for poor formatting.
>
>
> On 18 August 2024 21:19:25 David Colburn <q...@kd4e.com> wrote:
>
>
> total 0
>
> crw-rw-rw- 1 root wheel 2, 2 Aug 18 10:07 null
>
>
> On 8/18/24 16:00, Stuart Henderson wrote:
>
> Did you do the mkdir etc? What does ls -l /var/www/dev
> show?
>
> --
> Sent from a phone, apologies for poor formatting.
>
>
> On 18 August 2024 17:01:52 David Colburn <q...@kd4e.com>
> wrote:
>
>
> I removed "nodev" from the /var line and rebooted.
>
> Same error:
>
> 2024-08-13 22:29:37:
>
> (/usr/obj/ports/lighttpd-1.4.74-mysql/lighttpd-1.4.74/src/configfile.c.1891)
>
> opening /dev/null failed. No such file or directory.
> 2024-08-13 22:29:37:
>
> (/usr/obj/ports/lighttpd-1.4.74-mysql/lighttpd-1.4.74/src/server.c.1935)
>
> Opening errorlog failed.
>
>
> On 8/18/24 11:19, David Colburn wrote:
>
> /etc/fstab currently looks like this:
>
> none swap sw
> / ffs rw 1 1
> /home ffs rw,nodev,nosuid 1 2
> /tmp ffs rw,nodev,nosuid 1 2
> /usr ffs rw,nodev 1 2
> /usr/X11R6 ffs rw,nodev 1 2
> /usr/local ffs rw,wxallowed,nodev 1 2
> /usr/obj ffs rw,nodev,nosuid 1 2
> /usr/src ffs rw,nodev,nosuid 1 2
> /var ffs rw,nodev,nosuid 1 2
>
>
> On 8/18/24 10:28, David Colburn wrote:
>
> That's very helpful, thanks!
>
> /var is mounted "ffs rw,nodev,nosuid, 1 2"
>
> /var/www isn't specifically mentioned.
>
> Would it be affected by the /var mount
> settings?
>
> Thanks again.
>
> On 8/18/24 07:50, Stuart Henderson wrote:
>
> On 2024-08-15, David Colburn
> <q...@kd4e.com> wrote:
>
> This is a multi-part message in MIME
> format.
> --------------SIjdwSa43FawypA6wB8kzt18
> Content-Type: text/plain;
> charset=UTF-8; format=flowed
> Content-Transfer-Encoding: 7bit
>
> Dell OptiPlex 7050
>
> OpenBSD 7.5
>
> php 8.3.10
>
> lighttpd-1.4.74-mysql
>
> I'm using root.
>
> "*rcctl -df start lighttpd*" errors
>
> "/daemonized server failed to start;
> check error log for
> details doing
> _rc_rm_runfile (failed)/"
>
> error.log says:
>
> "...
>
> (/usr/obj/ports/lighttpd-1.4.74-mysql/lighttpd-1.4.74/src/configfile.c.1981)
>
>
> opening /dev/null failed: No such
> file or directory"
>
> "...
>
> (/usr/obj/ports/lighttpd-1.4.74-mysql/lighttpd-1.4.74/src/configfile.c.1935)
>
>
> Opening errorlog failed: No such file
> or directory"
>
> According to this:
>
>
> https://www.reddit.com/r/openbsd/comments/nygjdm/lighttpd_cant_find_devnull_on_69/
>
>
>
> there's supposed to be a directory
> here: /usr/sbin/chroot/ but
> chroot is
> actually a file.
>
> I'm not sure how to proceed to fix
> the dev/null problem ...
>
> Assuming /var/www/dev does not already
> exist, this should do it:
>
> # mkdir /var/www/dev
> # cd /var/www/dev
> # sh /dev/MAKEDEV std
> # rm !(null)
>
> If it already exists then you may need to
> adapt the rm command to
> preserve existing entries, or use
> mknod(8) manually to just create
> the "null" node.
>
> You'll also need to make sure that
> /var/www is _not_ mounted with
> the "nodev" option (/etc/fstab).
>
> If this is a hard requirement for
> lighttpd then the port could
> probably do with explaining it somewhere
> .. (maintainer cc'd)
>
>
>
>
>
