Why you have nobody as the httpd user in your configure command ??
El mar, 13-09-2005 a las 16:36 +0200, "Rösner, Jan" escribió: > Hi ListUsers, > > after 8 or 9 times trying to install a CA only environment on a debian 3.1 > I'm not far away fro giving up and installing a M$-CA. > > Here is what I have : > > debian 3.1 - virtual machine - kernel 2.4.30-xenU > Apache/2.0.54 (Unix) > mod_ssl/2.0.54 > OpenSSL/0.9.8 > PHP/4.4.0 > mod_perl/2.0.1 > Perl/v5.8.4 > > All of em compiled from source, nothing from the repository except Perl. > > ANd here ist what I did : I followed these two install instructions : > > http://www.openca.info/docs/howto/OpenCA_092_on_debian_dartmouth.txt > > and > > http://www.openca.info/docs/guide/openca-guide.html#id2454620 > > So I did the following : > > I created a user 'openca' and gave him home under /home/openca > I created a group 'openca' and put the user openca and nobody in it > I changed Apache to run as nobody:www-data > > using : perl -MCPAN -e shell I installed all the needed perl modules. > Some of the prerequesited modules I was not bale to install with the shell, > so I downloaded them by hand and installed them > like that : perl Makefile.PL && make && make install > > No trouble at all so far. I should mention, my apaches home is : /usr, so > htdocs and cgi-bin can be found under /usr/htdocs > and /usr/cgi-bin in my system. > > So I downloaded the latest stable release of openca : 0.9.2.4, unzipped and > untarred it. > > Then I configured it : > > ./configure --prefix=/usr/local/OpenCA --with-httpd-user=nobody > --with-httpd-group=www-data --with-openca-user=openca > --with-openca-group=openca --with-openca-prefix=/usr/local/OpenCA > --with-etc-prefix=/usr/local/OpenCA/etc --with-httpd-fs-prefix=/usr > --with-module-prefix=/usr/modules --with-node-prefix=ca-node --with-engine=no > --with-web-host=localhost --enable-dbi --enable-rbac > > and configure runs well ..... then I compiled all the stuff successfully > issuing a : 'make'. > > A 'make test' fails after a while, but the docu says, its ok. So I installed > the ca-depending stuff like that : 'make install-offline && make install-ca' > > Now to mysql. I logged on as root, created the database openca (not openra) > and gave the user called 'openca' all privileges just like I know it and just > like mentioned in the docs. A logon as openca worked very well, I was able to > choose the openca database and a 'show tables' showed up nothing .... as > expected. > > Fine. > After that one finished I went to /usr/local/OpenCA/etc and made my settings > ind config.xml : > > I changed : > > ca_organization -> my_name > ca_locality ->my_locality > ca_country -> DE > service_mail_account -> [EMAIL PROTECTED] > dbmodule -> DBI > db_type-> mysql > db_name -> openca > db_host -> localhost (or whatever) > db_port -> 3306 > db_user -> openca > db_passwd -> my password given in the GRANT statement in the last > step. > > I left untouched : > > configuration of absolute paths and > configuration of relative paths > > ... but I changed : > > dataexchange configuration ... commented the first part '0. no dataexchange > configure - the default' completely and uncommented '1. the node acts as CA > only' completely as well. Next step was changing ca-node.xml.template and > ca.xml.template where I put .* into <protocol> and 0 in <symmetric > keylength>. Thats all of changes. > I went back to etc and ran : sh configure_etc.sh which worked very well too. > > Last but not least I configured my Apache and added the following lines to > httpd.conf: > > Alias /ca /usr/htdocs/ca/ > Alias /ca-node /usr/htdocs/ca-node/ > ScriptAlias /cgi-bin/ca/ /usr/cgi-bin/ca/ > ScriptAlias /cgi-bin/ca-node/ /usr/cgi-bin/ca-node/ > > <Directory "/usr/cgi-bin/"> > AllowOverride None > Options ExecCGI > Order allow,deny > Allow from all > </Directory> > <Directory "/usr/htdocs/"> > AllowOverride None > Options FollowSymLinks Indexes > Order allow,deny > Allow from all > </Directory> > > After that I restarted Apache and tried to start openca. So I went to > /usr/local/OpenCA/etc and issued a 'openca_rc start' and here is what happens > : > PID TTY STAT TIME COMMAND > 1 ? S 0:01 init [3] > 2 ? S 0:00 [keventd] > 3 ? SN 0:00 [ksoftirqd_CPU0] > 4 ? S 0:00 [kswapd] > 5 ? S 0:00 [bdflush] > 6 ? S 0:00 [kupdated] > 192 ? Ss 0:00 /sbin/portmap > 246 ? Ss 0:00 /sbin/syslogd > 249 ? Ss 0:00 /sbin/klogd > 258 ? Ss 0:00 /usr/sbin/inetd > 262 ? Ss 0:00 /usr/sbin/lpd -s > 269 ? Ss 0:00 /usr/sbin/sshd > 275 ? Ss 0:00 /sbin/rpc.statd > 278 ? Ss 0:00 /usr/sbin/atd > 281 ? Ss 0:00 /usr/sbin/cron > 287 ? S 0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe > --datadir=/usr/local/mysql/var --pid-file=/usr/local/mysql/var/ica.pid > 290 ? Ss 0:00 sshd: [EMAIL PROTECTED]/0 > 316 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 317 ? S 0:00 sshd: [EMAIL PROTECTED]/0 > 319 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 320 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 321 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 322 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 323 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 324 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 325 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 326 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 327 ? S 0:00 /usr/local/mysql/libexec/mysqld > --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --user=mysql > --pid-file=/usr/local/mysql/var/ica. > 333 ? Ss 0:00 /usr/bin/httpd -k start -DSSL > 339 tty1 Ss+ 0:00 /sbin/getty 38400 tty1 > 340 tty2 Ss+ 0:00 /sbin/getty 38400 tty2 > 341 tty3 Ss+ 0:00 /sbin/getty 38400 tty3 > 342 tty4 Ss+ 0:00 /sbin/getty 38400 tty4 > 343 tty5 Ss+ 0:00 /sbin/getty 38400 tty5 > 344 tty6 Ss+ 0:00 /sbin/getty 38400 tty6 > 345 ? S 0:00 /usr/bin/httpd -k start -DSSL > 346 ? S 0:00 /usr/bin/httpd -k start -DSSL > 347 ? S 0:00 /usr/bin/httpd -k start -DSSL > 348 ? S 0:00 /usr/bin/httpd -k start -DSSL > 349 ? S 0:00 /usr/bin/httpd -k start -DSSL > 350 ? S 0:00 /usr/bin/httpd -k start -DSSL > 351 pts/0 Ss 0:00 -bash > 580 pts/0 S 0:00 /usr/bin/perl /usr/local/openca/etc/openca_start > 581 pts/0 S 0:00 /usr/bin/perl /usr/local/openca/etc/openca_start > 587 pts/0 R+ 0:00 ps ax > > The starting process hangs. If I try to run /usr/cgi-bin/ca/ca by hand, it > does not spit out anything and I get an Internal server error if I try to get > a page using firefox as expected. > > I' going nutz, I tried nearly everything now, thx god, its a virtual machine, > otherwise .... dont wanna think of it. > > Please can anyone help me and point me to my mistake ? > Thx in advance. > Jan Roesner > [EMAIL PROTECTED] > > ps ax : > > > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Openca-Users mailing list > Openca-Users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openca-users -- Jorge Isaac Davila Lopez ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
