Background
NDT uses the fakewww http server to publish its html and java applet. SLAC security is somewhat dubious about the security of fakewww. This page outlines the steps required to make ndt utilise an apache2 installation rather than fakewww.
Virtual Server
Rather than creating a whole config, i will utilise a virtual server.
ports.conf
Add the following line to the below mentioned configuration file.
| Code Block | ||
|---|---|---|
| ||
Listen 7123 |
001-ndt
Write following in the file on the path mentioned.
| Code Block | ||
|---|---|---|
| ||
NameVirtualHost *:7123
<VirtualHost *:7123>
ServerAdmin webmaster@localhost
DocumentRoot /usr/local/ndt
<Directory />
AllowOverride None
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
</VirtualHost>
|
We probably also want to have a link to the main page:
| Code Block |
|---|
sudo ln -s /usr/local/ndt/tcpbw100.html /usr/local/ndt/index.html |
Disable fakewww
We now need to disable fakewww on bootbup on the NPT. This has to be done by hacking the ndt init.d script to read '0' for the FAKE_DAEMON.
This change is made inside ndt init script and is shown in Configuration files section below.
Enable apache2
We simply need to create a symlink into the relevant runmode
| Code Block |
|---|
ln -s /etc/init.d/apache2 /etc/rc3.d/S91apache2 |
As of ps Performance Toolkit 3.1, S91apache2 script is packaged with the Knoppix. This script is placed inside the run-level 3 (/etc/rc3.d).
Configuration files
ndt init script
Changes don't stick by default and are wiped out automatically at each reboot. To modify the init script, you'll need to setup something so that your new init script overrides default script of the ISO at each each reboot. The trick is to check at boot-time if you're running a certain version of the disc, and if so, overwrite the init script. To do that, make a directory like "/mnt/store/updates", and then copy the ndt init script there and make changes to it.
Make appropriate changes (shown enclosed inside <changes> .. </changes>) to ndt init script.
| Code Block | ||
|---|---|---|
| ||
#!/bin/bash
#
# chkconfig: 2345 55 25
# description: Starts the NDT Web server
# written by Peter Bertoncini <pjb@anl.gov>
#
# Customized NTP startup script for Internet Network Performance Tools
# Live CD. The process for this tool, and all the others, it to let
# Knoppix take care of some customization during the boot phase. Knoppix
# will automatically look for, and execute, a knoppix.sh script on an
# attached drive. This means that we will store the customized file
# on a USB thumb drive. At boot time the boot process will find and
# execute a knoppix.sh script that will copy the config files into
# the proper place. If they don't exist, then prompt the user to
# customize things.
#
# At shutdown, copy the files back to the mounted USB drive.
# Rich Carlson - 4/20/06
#
# Added a function to alert a daemon that NDT has started up, along with the
# location of the configuration file
# Aaron Brown - 2008-07-02
path=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
NDT_DAEMON=/usr/local/sbin/web100srv
# <changes>
# set to the full path of fakewww or 0 to not run server
FAKE_DAEMON=0
# </changes>
NDT_LOG_DIRECTORY=/var/log/ndt
# bring in NPT functions for later use
ENV="env -i PATH=/lib/init:/bin:/sbin:/usr/bin"
. /lib/init/nptoolkit-functions.sh
[ -f /usr/local/ndt/web100_variables ] || exit 0
# Extra logging can be enabled by adding "--snaplog" or "--tcpdump" options.
# These logs will get stored in the NDT_LOG_DIRECTORY
mkdir -p $NDT_LOG_DIRECTORY
pushd $NDT_LOG_DIRECTORY
# Specify some default options.
WEB100SRV_OPTIONS="-a"
# <changes>
FAKEWWW_OPTIONS=""
# FAKEWWW_OPTIONS="-l $NDT_LOG_DIRECTORY/access.log -e $NDT_LOG_DIRECTORY/error.log"
# </changes>
# FAKEWWW_OPTIONS="-l /var/log/fakewww.log"
# logging now on by default writing access_log and error_log files
# in /usr/local/ndt
case "$1" in
start)
echo -n "Starting NDT Services: "
if [ -f /usr/local/ndt/tcpbw100.html ]; then
echo " - using customized NDT web server page."
else
/bin/cp /usr/local/etc/tcpbw100.knoppix /usr/local/ndt/tcpbw100.html
echo " - using generic NDT web server page - Please customize"
/bin/touch /tmp/customize.ndt
fi
mkdir -p /var/run/ndt/run
chmod 755 /var/run/ndt/run
chown root:wheel /var/run/ndt/run >/dev/null 2>&1 || true
echo -n " "
# <changes>
# don't run www daemon if no content
if [ ! $FAKE_DAEMON ]; then
# </changes>
if [ ! -x $FAKE_DAEMON ]; then
echo "fakewww binary missing - Not starting"
exit 1
fi
start-stop-daemon --start -m --pidfile=/var/run/ndt/run/fakewww.pid \
--exec $FAKE_DAEMON -- $FAKEWWW_OPTIONS >/dev/null 2>&1 &
if [ $? != 0 ]; then
echo "Problem starting fakewww"
exit -1
fi
echo -n "fakewww"
fi
if [ ! -x $NDT_DAEMON ]; then
echo "web100srv binary missing - Not starting"
exit 1
fi
start-stop-daemon --start -m --pidfile=/var/run/ndt/run/web100srv.pid \
--exec $NDT_DAEMON -- $WEB100SRV_OPTIONS >/dev/null 2>&1 &
echo -n " web100srv"
echo "."
;;
stop)
echo -n "Stopping NDT services: "
start-stop-daemon --stop --name fakewww
echo -n "fakewww"
start-stop-daemon --stop --name web100srv
echo -n " web100srv"
# <changes>
mount_NPT_drives
select_NPT_drive
if [ "$DRVS" == "" ] ; then
echo "Error: no drives available to hold customized files."
else
for DRV in $DRVS ; do
save_NPT_file $DRV /usr/local/ndt/tcpbw100.html tcpbw100.html
save_NPT_file $DRV /usr/local/ndt/web100srv.log web100srv.log
save_NPT_file $DRV /usr/local/ndt/access_log access_log
save_NPT_file $DRV /usr/local/ndt/error_log error_log
echo "Saving NDT customization files to '$DRV' drive"
done
fi
# </changes>
echo "."
;;
restart)
echo -n "Restarting NDT services: "
start-stop-daemon --stop --name fakewww
start-stop-daemon --stop --name web100srv
sleep 2
start-stop-daemon --start -m --pidfile=/var/run/ndt/run/fakewww.pid \
--exec $FAKE_DAEMON -- $FAKEWWW_OPTIONS >/dev/null 2>&1 &
echo -n "fakewww"
start-stop-daemon --start -m --pidfile=/var/run/ndt/run/web100srv.pid \
--exec $NDT_DAEMON -- $WEB100SRV_OPTIONS >/dev/null 2>&1 &
echo " web100srv."
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
;;
esac
exit 0
|
knoppix.local.sh
To make things stick in NPT after reboot, we first create a knoppix.local.sh file for local modifications.
| Code Block | ||
|---|---|---|
| ||
#!/bin/bash
# make changes stick in npt everytime system reboots
if [ "$2" == "3.1" -o "$2" == "3.1.1" ]; then
cp /mnt/store/updates/ndt /etc/init.d/ndt
fi
|
Also do the following to make the script executable.
| Code Block | ||
|---|---|---|
| ||
sudo chmod +x /mnt/store/knoppix.local.sh |
and have the relevant files on the jumpdrive.
End Note
Do "sudo netstat -nlp" to see if apache2 now listens on 7123 (ndt) instead of fakewww. Moreover reboot and repeat the netstat command. If changes stick then congratulations you are done!