Re: [Zope] Zope in Virtual Host on ISP
On 1/31/99 2:53 PM , Kevin Dangoor kid@ans.net said:
On Sun, Jan 31, 1999 at 01:24:24PM -0600, Chris Larson wrote: ,----- | OK. Here's the deal. Can someone tell me what issues I face trying to | install Zope in my ISP-hosted virtual Apache. I have no access to root, | and have been through much pain and suffering trying to get the thing | installed. Ideally, a step-by-step how-to is what I'm looking for, but | I'd welcome anything up to and including "ya can't do that." | | NOTE: This is not an authentication question. I look forward to the day | I'm asked to authenticate. <cha-grin>
Actually, it's pretty straightforward, except for the authentication part. The INSTALL.txt file (in the docs directory of the Zope distribution) breaks it down to a nice set of steps.
Assuming I can't convince my ISPs admin to help out (Or rather, that I'm too impatient to wait), is there a way around setting the var permission to 'nobody'? 'not permitted' at the moment. Rmemember, I do not have 'root' access.
If there is something unclear in that doc, you may want to send a note to the list asking about that specifically. (The DC guys have been working hard to improve the docs).
I'll do so.
As far as authentication, you are going to want to ask your ISP if they've got mod_rewrite installed. You can use Zope without mod_rewrite, but (to me) it seems like a pain, because you have to maintain a user list for the webserver (in .htpasswd) and another copy of the user list (in the User Folders) in Zope.
Is there a way for me to determine this by calling or examining Apache?
| Alternatively, I could prolly ask the admin to install it for me, but to | be honest, I'm not even sure what to ask. I'm relatively comfortable in | unix, but haven't dealt with Apache much at all, aside from uploading | pages and cgis.
Is python already installed there? If so, I really don't think you'll run into much trouble...
On that note, when I run a simple python cgi to return the sys.version of python, I get "Python 1.4 (Feb 4 1997) [GCC 2.7.2.1]". It appears they do have PyApache installed. Am I getting a PyApache version number? When I 'locate python' all that shows up is 1.5. Also, or maybe more to the point, is there any way to force Zope (or any other .cgi) to execute python from my user directory as my username? I've installed 1.5.2b1 in my local/bin, and suspect that a lot of my problems may be coming from the installed 1.5. When I place my user account directory as the path (/myaccount/local/bin/python), I end up with "500 Internal Server Error". Thanks for the prompt help. Chris
On Mon, Feb 01, 1999 at 06:02:22AM -0600, Chris Larson wrote: ,----- | On 1/31/99 2:53 PM , Kevin Dangoor kid@ans.net said: | | >On Sun, Jan 31, 1999 at 01:24:24PM -0600, Chris Larson wrote: | >,----- | >Actually, it's pretty straightforward, except for the authentication part. | >The INSTALL.txt file (in the docs directory of the Zope distribution) | >breaks it down to a nice set of steps. | | Assuming I can't convince my ISPs admin to help out (Or rather, that I'm | too impatient to wait), is there a way around setting the var permission | to 'nobody'? 'not permitted' at the moment. Rmemember, I do not have | 'root' access. I'm actually working through the security issues myself right now. The easiest thing to do is make that directory world writeable. I know this is less than ideal in a shared environment... On my web server, I got the ISP to set the group ID on my directories to a group that the web server belongs to. So, I could set var to group writeable and other users that are logged on are unable to change that directory. (However, anyone on the machine could make their own CGI scripts that mess with that directory.) My ultimate goal is to get pcgi-wrapper running setuid. I have it doing this right now. All you do is go to the pcgi directory (under your Zope directory) and do "chmod u+s pcgi-wrapper". This lets Zope run as your user ID, so var only needs to be read/writeable by you. The problem that I am still working out with this arrangement is that pcgi-wrapper gets configured by the Zope.cgi script. This means that other people on the system could make their own PCGI programs that do arbitrary things with your website and data. If pcgi-wrapper is hard coded to just run your instance of Zope, this should be a pretty secure thing. | >As far as authentication, you are going to want to ask your ISP if they've | >got mod_rewrite installed. You can use Zope without mod_rewrite, but | >(to me) it seems like a pain, because you have to maintain a user list | >for the webserver (in .htpasswd) and another copy of the user list (in | >the User Folders) in Zope. | | Is there a way for me to determine this by calling or examining Apache? I think so. Just put: RewriteEngine on in your .htaccess file. If mod_rewrite isn't there, you should get an error when you try to view anything on your site. | >Is python already installed there? If so, I really don't think you'll | >run into much trouble... | > | On that note, when I run a simple python cgi to return the sys.version of | python, I get "Python 1.4 (Feb 4 1997) [GCC 2.7.2.1]". It appears they | do have PyApache installed. Am I getting a PyApache version number? When | I 'locate python' all that shows up is 1.5. Also, or maybe more to the | point, is there any way to force Zope (or any other .cgi) to execute | python from my user directory as my username? I've installed 1.5.2b1 in | my local/bin, and suspect that a lot of my problems may be coming from | the installed 1.5. When I place my user account directory as the path | (/myaccount/local/bin/python), I end up with "500 Internal Server Error". Hmm... do these scripts work from the command line? If so, you should make sure that the permissions on all of the python stuff are such that "nobody" can run everything. `----- Kevin -- Kevin Dangoor kid@ans.net / 734-214-7349
participants (2)
-
Chris Larson -
Kevin Dangoor