From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: Guardian 2 - Correction
Date: Sun, 17 Jul 2016 07:43:31 +0200 [thread overview]
Message-ID: <2f6e6eb9-0c64-c876-3e9d-6353ce48c070@ipfire.org> (raw)
In-Reply-To: <578AD7C1.7030202@dailydata.net>
[-- Attachment #1: Type: text/plain, Size: 6269 bytes --]
Hi,
another suggestion:
Delete ALL files in '/var/ipfire/guardian' and reload
'/srv/web/ipfire/cgi-bin/guardian.cgi'. If these files don't exist, they
will be created with standard settings.
Perhaps GUI can't load because of already wrong file permissions...
HTH,
Matthias
On 17.07.2016 02:56, R. W. Rodolico wrote:
> Do the following:
>
> Open a command prompt on the router, via whatever means you have, and
> issue the command:
>
> tail -f /var/log/httpd/error_log
>
> Note the latest timestamp of the entry
>
> Now, open a web browser and browse to the Guardian page, but nothing else.
>
> Copy the text from the command prompt after the timestamp you noted
> above. You can send that directly to me if you like, or reply here.
>
> If I can not suggest a fix, I'll be happy to work with you via
> messaging, email, or if you're in the US, phone.
>
> Rod
>
> On 07/16/2016 07:42 PM, Mark Coolen wrote:
>> I'm still getting nothing but a blank page. Everything else seems to
>> still be working fine, but I'm a bit afraid I'll mess something up
>> really badly with all this playing around.
>>
>> On Sat, Jul 16, 2016 at 7:19 PM, R. W. Rodolico <rodo(a)dailydata.net
>> <mailto:rodo(a)dailydata.net>> wrote:
>>
>> A partial fix would be to run the following bash commands. The reason I
>> say partial is because I got the permissions from a different firewall
>> that does not have Guardian installed on it, so it could not determine
>> the correct permissions for any of those directories.
>>
>> This was taken from the output of a perl script I threw together. It is
>> NOT commented (sorry) but pretty straight forward. Simply gets the
>> permissions and ownership from each directory (and parent directory) out
>> of an array based on Matthias' research. I did NOT check to verify the
>> permissions were not already set. The output is simply a list of
>> commands to set permissions from one machine to the same as the
>> permissions on another.
>>
>> The originating script is temporarily stored at
>> http://unixservertech.com/fixPermissions.pl
>> That is a web site in progress. Feel free to download and run it on a
>> machine that has Guardian (after looking at it and making sure I didn't
>> do something stoopid). No guarantee it won't eat your firewall, but I
>> ran it on a production machine, then ran the output on my test router
>> and it appears to have worked.
>> ======================================================
>> chown 0:0 /etc
>> chmod 0755 /etc
>>
>> chown 0:0 /etc/logrotate.d
>> chmod 0755 /etc/logrotate.d
>>
>> chown 0:0 /etc/rc.d
>> chmod 0755 /etc/rc.d
>>
>> chown 0:0 /etc/rc.d/init.d
>> chmod 0755 /etc/rc.d/init.d
>>
>> chown 0:0 /etc/rc.d/init.d/networking
>> chmod 0755 /etc/rc.d/init.d/networking
>>
>> chown 0:0 /etc/rc.d/init.d/networking/red.up
>> chmod 0755 /etc/rc.d/init.d/networking/red.up
>>
>> chown 0:0 /etc/rc.d/init.d/snort
>> chmod 0754 /etc/rc.d/init.d/snort
>>
>> chown 0:0 /etc/rc.d/rc0.d
>> chmod 0755 /etc/rc.d/rc0.d
>>
>> chown 0:0 /etc/rc.d/rc3.d
>> chmod 0755 /etc/rc.d/rc3.d
>>
>> chown 0:0 /etc/rc.d/rc6.d
>> chmod 0755 /etc/rc.d/rc6.d
>>
>> chown 0:0 /opt
>> chmod 0755 /opt
>>
>> chown 0:0 /opt/pakfire
>> chmod 0755 /opt/pakfire
>>
>> chown 0:0 /opt/pakfire/db
>> chmod 0755 /opt/pakfire/db
>>
>> chown 0:0 /opt/pakfire/db/installed
>> chmod 0755 /opt/pakfire/db/installed
>>
>> chown 0:0 /srv
>> chmod 0755 /srv
>>
>> chown 0:0 /srv/web
>> chmod 0755 /srv/web
>>
>> chown 0:0 /srv/web/ipfire
>> chmod 0755 /srv/web/ipfire
>>
>> chown 0:0 /srv/web/ipfire/cgi-bin
>> chmod 0755 /srv/web/ipfire/cgi-bin
>>
>> chown 0:0 /srv/web/ipfire/cgi-bin/ids.cgi
>> chmod 0755 /srv/web/ipfire/cgi-bin/ids.cgi
>>
>> chown 0:0 /usr
>> chmod 0755 /usr
>>
>> chown 0:0 /usr/bin
>> chmod 0755 /usr/bin
>>
>> chown 0:0 /usr/lib
>> chmod 0755 /usr/lib
>>
>> chown 0:0 /usr/lib/perl5
>> chmod 0755 /usr/lib/perl5
>>
>> chown 0:0 /usr/lib/perl5/site_perl
>> chmod 0755 /usr/lib/perl5/site_perl
>>
>> chown 0:0 /usr/lib/perl5/site_perl/5.12.3
>> chmod 0755 /usr/lib/perl5/site_perl/5.12.3
>>
>> chown 0:0 /usr/lib/perl5/site_perl/5.12.3/Net
>> chmod 0755 /usr/lib/perl5/site_perl/5.12.3/Net
>>
>> chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi
>> chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi
>>
>> chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto
>> chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto
>>
>> chown 0:0 /usr/sbin
>> chmod 0755 /usr/sbin
>>
>> chown 0:0 /var
>> chmod 0755 /var
>>
>> chown 0:0 /var/ipfire
>> chmod 0755 /var/ipfire
>>
>> chown 0:0 /var/ipfire/backup
>> chmod 0755 /var/ipfire/backup
>>
>> chown 0:0 /var/ipfire/backup/addons
>> chmod 0755 /var/ipfire/backup/addons
>>
>> chown 0:0 /var/ipfire/backup/addons/includes
>> chmod 0755 /var/ipfire/backup/addons/includes
>>
>> chown 0:0 /var/ipfire/langs
>> chmod 0755 /var/ipfire/langs
>>
>> chown 0:0 /var/ipfire/langs/de.pl <http://de.pl>
>> chmod 0644 /var/ipfire/langs/de.pl <http://de.pl>
>>
>> chown 0:0 /var/ipfire/langs/en.pl <http://en.pl>
>> chmod 0644 /var/ipfire/langs/en.pl <http://en.pl>
>>
>> chown 0:0 /var/ipfire/menu.d
>> chmod 0755 /var/ipfire/menu.d
>>
>> chown 0:0 /var/log
>> chmod 0755 /var/log
>> ======================================================
>>
>> --
>> Rod Rodolico
>> Daily Data, Inc.
>> POB 140465
>> Dallas TX 75214-0465
>> 214.827.2170 <tel:214.827.2170>
>> http://www.dailydata.net
>>
>>
>>
>>
>> --
>> _ _ _ ___ _
>> )\/,) ___ __ )L, )) __ __ )) __ _ _
>> ((`(( ((_( (| ((\ ((__((_)((_)(( (('((\(
>
next prev parent reply other threads:[~2016-07-17 5:43 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CACOO0z_XpLEKp3E7M1n6t6cgmVmDNO7OGzUaVN-pr9b7rOwWaQ@mail.gmail.com>
2016-07-17 0:56 ` R. W. Rodolico
2016-07-17 5:43 ` Matthias Fischer [this message]
[not found] <CACOO0z_2rhPGhW_rCe46VMCgWTT_4jLxMwSJZoAheY5ouiNt=g@mail.gmail.com>
2016-07-17 13:57 ` Matthias Fischer
2016-07-16 18:43 Guardian 2 R. W. Rodolico
2016-07-16 19:34 ` Guardian 2 - Correction R. W. Rodolico
2016-07-16 20:10 ` Matthias Fischer
2016-07-16 22:26 ` R. W. Rodolico
2016-07-16 23:19 ` R. W. Rodolico
2016-07-18 14:03 ` Stefan Schantl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2f6e6eb9-0c64-c876-3e9d-6353ce48c070@ipfire.org \
--to=matthias.fischer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox