From: william@thinktankworkspaces.com
To: 9front@9front.org
Subject: Re: [9front] httpd minimal configuration
Date: Tue, 21 Jun 2022 23:25:15 -0700 [thread overview]
Message-ID: <A9BC3926A48AB958944891C1A10AF66C@thinktankworkspaces.com> (raw)
In-Reply-To: <Kx9BZ52Ckwv-9bstyn5mpZ29iJBJayv-jo2JUUAz7_38DgDUrotwAS-GnnOU91bCtqcHi5w3Ji671Sgvs434pqsunsjjF7Yws6Jh4CMNxuI=@proton.me>
Plenty of brilliant responses here in the various threads that followed. This might be
straight forward howerver.
### setup rc-httpd quick
touch /rc/bin/rc-httpd/select-handler
#!/bin/rc
PATH_INFO=$location
switch($SERVER_NAME) {
case 172.27.0.67
FS_ROOT=/usr/glenda/www/yoda
exec static-or-index
case*
error 503
}
touch /usr/glenda/www/yoda/index.html
touch /sys/doc/www
chgrp sys /sys/doc/www
chmod +aw www
mv /rc/bin/service/!tcp80 /rc/bin/service/tcp80
just replace that ip address and maybe change the directories
This example uses glenda. You can easily create a user /usr/www and put everything as that
user. But keep mind that user will need permission to that service tcp80.
I suggest experiement with this befor emoving to werc. I assure you werc is interesting
and fun.
Besides fqa. Here is some additional info
http://thinktankworkspaces.com/plan9/httpd-rc
Regards,
-Will
Quoth planless.user9 <planless.user9@proton.me>:
> Thank you very much moody!
>
> There are no serious reasons for my preference and the rc-httpd approach is also definitely an option for me. (Especially with your instructions, which seem to be straightforward to realize.)
>
> I'm just trying to understand the system and that's why I read "Notes on the Plan 9tm 3rd edition Kernel Source" and "The C Programming Language". An implementation in C would therefore play into my hands a bit (even more so, since I have almost no experience with scripts).
>
> Many thanks again!
>
> ------- Original Message -------
> Jacob Moody <moody@mail.posixcafe.org> schrieb am Dienstag, 21. Juni 2022 um 15:15:
>
>
> > On 6/21/22 06:58, planless.user9 wrote:
> >
> > > Thank you very much for your fast and helpful reply.
> > >
> > > I will look at the source code in that case, hoping to get a simple web server set up.
> > >
> > > Are there concrete insecurities in the implementation of namespaces?
> >
> >
> > Some thoughts:
> > First off you seemed to imply that rc-httpd had to be used with werc, this is not the case.
> > If your goal is to just serve some static files rc-httpd on its own is more then capable. I would be
> > curious to hear your reasoning for preferring httpd.
> >
> > Hiro claims that namespaces are not security boundaries. I think I would agree
> > maybe 6 months ago, but some work has been done lately to change this.
> > I'd argue that with chdev and auth/box we're in a much much nicer spot
> > in regards to making namespaces proper security boundaries, if you still disagree
> > with this statement I would be curious to hear what you think still needs changed.
> >
> > Also you mention /lib/namespace.httpd, it is expected that you customize it for your
> > system, modify it to place your webroot in the right spot.
> >
> > However if you are using rc-httpd with aux/listen, there is a namespace file already
> > that takes advantage of newer security features: /rc/bin/service/!tcp80.namespace.
> > If you would wish to use this, cp /rc/bin/!tcp80 /rc/bin/tcp80 and cp /rc/bin/!tcp80.namespace
> > /rc/bin/tcp80.namespace, then customize as desired.
> >
> > If you need some tips on writing/reading namespace files, check namespace(6), and the associated
> > (1) pages for commands mirrored in namespace files.
> >
> > Thanks,
> > moody
>
next prev parent reply other threads:[~2022-06-22 6:29 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-21 11:48 planless.user9
2022-06-21 12:23 ` hiro
2022-06-21 12:31 ` hiro
2022-06-21 12:58 ` planless.user9
2022-06-21 13:15 ` Jacob Moody
2022-06-21 14:06 ` planless.user9
2022-06-21 18:40 ` sirjofri
2022-06-22 6:25 ` william [this message]
2022-06-22 9:09 ` planless.user9
2022-06-22 9:29 ` umbraticus
2022-06-22 10:38 ` hiro
2022-06-21 17:52 ` mkf9
2022-06-21 17:44 ` mkf9
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=A9BC3926A48AB958944891C1A10AF66C@thinktankworkspaces.com \
--to=william@thinktankworkspaces.com \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).