Re: [CentOS-docs] Wiki Edits: HowTos/OS_Protection
On 08/21/2009 11:50 PM, Voyek, William wrote: whats your username ? wvoyek Would you be able to make it FirstnameLastname ? That way things stay uniform for everyone -- Karanbir Singh : http://www.karan.org/ : 2522...@icq ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] document proposal: TipsAndTricks/ApacheVHostDir
On Fri, Aug 21, 2009 at 3:41 PM, Ed Herone...@heron-ent.com wrote: ... I've written a quick little article detailing how to create a vhost directory under CentOS. ... From: Brian Mathis, Friday, August 21, 2009 1:52 PM I always figured that the CentOS way to handle that was to put them into the conf.d folder. Is there an advantage to using this method? One thing I can think of is that the conf.d is included in the middle of the httpd.conf file, while this would be at the bottom. On 08/22/2009 12:12 AM, Ed Heron wrote: That is exactly my reasoning. The config file, as distributed, has the virtual host containers at the end of the file. From: Manuel Wolfshant, Friday, August 21, 2009 3:31 PM No, the config file as distributed has - just like the original apache config - an example at the end of it. I do understand that there is already a config file directory. However, the example virtual host is at the end of the the distributed Apache config file. From that positioning, I conclude that it is recommended to have the virtual host stuff at the end, rather than the middle. The existing include is in the middle, therefore, (I'm concluding that) it is not recommended. conf.d appears to be for module config files. I don't know if the virtual host only inherits configuration directives that are defined before it is. If that is the case, any configuration items after the conf.d include would not apply to the virtual hosts (though this is easy to test). Even if that is not the case, it still seems that putting virtual host files in conf.d is improper. Putting virtual host files in conf.d may work but appears to be a shortcut. While nobody would suggest you can't take a shortcut, if it works for you, there should be an official method. To me, moving virtual hosts out of the main config file requires a separate directory. It may be my 'heritage' but separate directories is how it is done in Gentoo. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] document proposal: TipsAndTricks/ApacheVHostDir
On 08/22/2009 10:29 PM, Ed Heron wrote: It may be my 'heritage' but separate directories is how it is done in Gentoo. While we are at it, let's also add a folder for all existing modules and another one for symlinks of active modules, pointing back to the first folder. And also, let's have all vhosts in a folder, but all active vhosts should be symlinks to them, from another folder. And why not compile the binary from source, that's how gentoo does it ! ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] document proposal: TipsAndTricks/ApacheVhostDefault
Draft at http://wiki.centos.org/EdHeron/ApacheVhostDefault Obviously, if ApacheVhostDir is not accepted, I'd remove the parts that refer to my vhost.d... ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] document proposal: TipsAndTricks/ApacheVHostDir
From: Manuel Wolfshant, Saturday, August 22, 2009 2:00 PM While we are at it, let's also add a folder for all existing modules and another one for symlinks of active modules, pointing back to the first folder. And also, let's have all vhosts in a folder, but all active vhosts should be symlinks to them, from another folder. And why not compile the binary from source, that's how gentoo does it ! I didn't realize I was inviting sarcasm. I don't think it is appropriate in this forum. I was, apparently unreasonably, expecting calm, thought out discussion followed by a consensus. I was merely suggesting I am not alone in my opinion. As were you when you made reference to Fedora method. Both Fedora and Gentoo are merely alternate examples of GNU/Linux distributions. Just because an idea is used in another distribution, whose basic tenents you don't agree with, doesn't make the idea useless or valueless or, worse, worthy of scorn. CentOS has a philosophy of method. Apache has a philosophy of method. I am making a suggestion that I believe fits with both that would make a more proper solution than putting the virtual host files in conf.d. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] document proposal: TipsAndTricks/ApacheVHostDir
On Sat, Aug 22, 2009 at 4:00 PM, Manuel Wolfshantwo...@nobugconsulting.ro wrote: On 08/22/2009 10:29 PM, Ed Heron wrote: It may be my 'heritage' but separate directories is how it is done in Gentoo. While we are at it, let's also add a folder for all existing modules and another one for symlinks of active modules, pointing back to the first folder. And also, let's have all vhosts in a folder, but all active vhosts should be symlinks to them, from another folder. And why not compile the binary from source, that's how gentoo does it ! There's a saying in the US: If you have nothing nice to say, say nothing at all. I think that could be modified a bit to something like If you have nothing constructive to add, and prefer to make passive-aggressive pot-shots from the sidelines, say nothing at all. As for the topic at hand... I am not what one might call an advanced user of apache -- I usually host one or two sites, and even with that minimal config I find it difficult to configure apache by only creating files in the conf.d directory. I've not done a complete analysis, but often it seems like settings in the main httpd.conf file do not get overridden completely for every case. I always end up editing the httpd.conf file when the main purpose for a server is to act as a web server. I'd really like to know how to handle this as close to the CentOS Way as possible. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Wiki Edits: HowTos/OS_Protection
On Fri, Aug 21, 2009 at 6:50 PM, Voyek, Williamwvo...@edmc.edu wrote: wvoyek Once you have your username in the format Karanbir describes, we can give you the appropriate permissions. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] document proposal: TipsAndTricks/ApacheVHostDir
On Sat, 22 Aug 2009, Ed Heron wrote: From: Manuel Wolfshant, Saturday, August 22, 2009 2:00 PM While we are at it, let's also add a folder for all existing modules and another one for symlinks of active modules, pointing back to the first folder. And also, let's have all vhosts in a folder, but all active vhosts should be symlinks to them, from another folder. And why not compile the binary from source, that's how gentoo does it ! I didn't realize I was inviting sarcasm. I don't think it is appropriate in this forum. I was, apparently unreasonably, expecting calm, thought out discussion followed by a consensus. The problem is this -- a vhost.d and linkfarm constellation works (for some meanings of 'works'), and is not unheard of -- but it also contemplates adding directories not identifiable by: rpm -qf /path/to/vhost.d/templates is note integrated with SELinux, and it not accompanied by a documented or LSB or FHS model management tool (see, eg, alternatives, or chkconfig) Local extensions are all well and good; but the CentOS approach is conservative, and not developmental; it is about management within the model of the upstream, of a form that will not get 'tromped on' by an async upstream security upgrade, and automatable sysadmin provisioning and management tools. We have the memory of the 'cacheing nameserver' and 'bind' named.conf changes mid release causing outages upon the unwary. Those using non-upstream docoed's approaches were caught when a local extension was stepped on by upstream. That means we at CentOS, when we extend, package sources into RPMs, with directories that SELinux is comfortable with, and use versioned tools so delivered. I strongly suspect that the draft model of links needs a raft of SElinux modifications as well. Haven't tried yet, as frankly, it strikes me that this type of work needs to be thrashed out in the Fedora context and rough and tumble of development. It is just not where the CentOS wiki needs to be, in my opinion. 'wolfy' used the executive sumamry and telegraphic model to communicate this which we use in IRC when proposals like this arise; I hope this longer form is not considered 'sarcastic' -- Russ herrold ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs