From mboxrd@z Thu Jan  1 00:00:00 1970
From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: Guardian 2 - Correction
Date: Sun, 17 Jul 2016 07:43:31 +0200
Message-ID: <2f6e6eb9-0c64-c876-3e9d-6353ce48c070@ipfire.org>
In-Reply-To: <578AD7C1.7030202@dailydata.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3170736060768170776=="
List-Id: <development.lists.ipfire.org>

--===============3170736060768170776==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

another suggestion:

Delete ALL files in '/var/ipfire/guardian' and reload
'/srv/web/ipfire/cgi-bin/guardian.cgi'. If these files don't exist, they
will be created with standard settings.

Perhaps GUI can't load because of already wrong file permissions...

HTH,
Matthias

On 17.07.2016 02:56, R. W. Rodolico wrote:
> Do the following:
>=20
> Open a command prompt on the router, via whatever means you have, and
> issue the command:
>=20
> tail -f /var/log/httpd/error_log
>=20
> Note the latest timestamp of the entry
>=20
> Now, open a web browser and browse to the Guardian page, but nothing else.
>=20
> Copy the text from the command prompt after the timestamp you noted
> above. You can send that directly to me if you like, or reply here.
>=20
> If I can not suggest a fix, I'll be happy to work with you via
> messaging, email, or if you're in the US, phone.
>=20
> Rod
>=20
> On 07/16/2016 07:42 PM, Mark Coolen wrote:
>> I'm still getting nothing but a blank page. Everything else seems to
>> still be working fine, but I'm a bit afraid I'll mess something up
>> really badly with all this playing around.
>>=20
>> On Sat, Jul 16, 2016 at 7:19 PM, R. W. Rodolico <rodo(a)dailydata.net
>> <mailto:rodo(a)dailydata.net>> wrote:
>>=20
>>     A partial fix would be to run the following bash commands. The reason I
>>     say partial is because I got the permissions from a different firewall
>>     that does not have Guardian installed on it, so it could not determine
>>     the correct permissions for any of those directories.
>>=20
>>     This was taken from the output of a perl script I threw together. It is
>>     NOT commented (sorry) but pretty straight forward. Simply gets the
>>     permissions and ownership from each directory (and parent directory) o=
ut
>>     of an array based on Matthias' research. I did NOT check to verify the
>>     permissions were not already set. The output is simply a list of
>>     commands to set permissions from one machine to the same as the
>>     permissions on another.
>>=20
>>     The originating script is temporarily stored at
>>     http://unixservertech.com/fixPermissions.pl
>>     That is a web site in progress. Feel free to download and run it on a
>>     machine that has Guardian (after looking at it and making sure I didn't
>>     do something stoopid). No guarantee it won't eat your firewall, but I
>>     ran it on a production machine, then ran the output on my test router
>>     and it appears to have worked.
>>     =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D
>>     chown 0:0 /etc
>>     chmod 0755 /etc
>>=20
>>     chown 0:0 /etc/logrotate.d
>>     chmod 0755 /etc/logrotate.d
>>=20
>>     chown 0:0 /etc/rc.d
>>     chmod 0755 /etc/rc.d
>>=20
>>     chown 0:0 /etc/rc.d/init.d
>>     chmod 0755 /etc/rc.d/init.d
>>=20
>>     chown 0:0 /etc/rc.d/init.d/networking
>>     chmod 0755 /etc/rc.d/init.d/networking
>>=20
>>     chown 0:0 /etc/rc.d/init.d/networking/red.up
>>     chmod 0755 /etc/rc.d/init.d/networking/red.up
>>=20
>>     chown 0:0 /etc/rc.d/init.d/snort
>>     chmod 0754 /etc/rc.d/init.d/snort
>>=20
>>     chown 0:0 /etc/rc.d/rc0.d
>>     chmod 0755 /etc/rc.d/rc0.d
>>=20
>>     chown 0:0 /etc/rc.d/rc3.d
>>     chmod 0755 /etc/rc.d/rc3.d
>>=20
>>     chown 0:0 /etc/rc.d/rc6.d
>>     chmod 0755 /etc/rc.d/rc6.d
>>=20
>>     chown 0:0 /opt
>>     chmod 0755 /opt
>>=20
>>     chown 0:0 /opt/pakfire
>>     chmod 0755 /opt/pakfire
>>=20
>>     chown 0:0 /opt/pakfire/db
>>     chmod 0755 /opt/pakfire/db
>>=20
>>     chown 0:0 /opt/pakfire/db/installed
>>     chmod 0755 /opt/pakfire/db/installed
>>=20
>>     chown 0:0 /srv
>>     chmod 0755 /srv
>>=20
>>     chown 0:0 /srv/web
>>     chmod 0755 /srv/web
>>=20
>>     chown 0:0 /srv/web/ipfire
>>     chmod 0755 /srv/web/ipfire
>>=20
>>     chown 0:0 /srv/web/ipfire/cgi-bin
>>     chmod 0755 /srv/web/ipfire/cgi-bin
>>=20
>>     chown 0:0 /srv/web/ipfire/cgi-bin/ids.cgi
>>     chmod 0755 /srv/web/ipfire/cgi-bin/ids.cgi
>>=20
>>     chown 0:0 /usr
>>     chmod 0755 /usr
>>=20
>>     chown 0:0 /usr/bin
>>     chmod 0755 /usr/bin
>>=20
>>     chown 0:0 /usr/lib
>>     chmod 0755 /usr/lib
>>=20
>>     chown 0:0 /usr/lib/perl5
>>     chmod 0755 /usr/lib/perl5
>>=20
>>     chown 0:0 /usr/lib/perl5/site_perl
>>     chmod 0755 /usr/lib/perl5/site_perl
>>=20
>>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3
>>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3
>>=20
>>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3/Net
>>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3/Net
>>=20
>>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi
>>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi
>>=20
>>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto
>>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto
>>=20
>>     chown 0:0 /usr/sbin
>>     chmod 0755 /usr/sbin
>>=20
>>     chown 0:0 /var
>>     chmod 0755 /var
>>=20
>>     chown 0:0 /var/ipfire
>>     chmod 0755 /var/ipfire
>>=20
>>     chown 0:0 /var/ipfire/backup
>>     chmod 0755 /var/ipfire/backup
>>=20
>>     chown 0:0 /var/ipfire/backup/addons
>>     chmod 0755 /var/ipfire/backup/addons
>>=20
>>     chown 0:0 /var/ipfire/backup/addons/includes
>>     chmod 0755 /var/ipfire/backup/addons/includes
>>=20
>>     chown 0:0 /var/ipfire/langs
>>     chmod 0755 /var/ipfire/langs
>>=20
>>     chown 0:0 /var/ipfire/langs/de.pl <http://de.pl>
>>     chmod 0644 /var/ipfire/langs/de.pl <http://de.pl>
>>=20
>>     chown 0:0 /var/ipfire/langs/en.pl <http://en.pl>
>>     chmod 0644 /var/ipfire/langs/en.pl <http://en.pl>
>>=20
>>     chown 0:0 /var/ipfire/menu.d
>>     chmod 0755 /var/ipfire/menu.d
>>=20
>>     chown 0:0 /var/log
>>     chmod 0755 /var/log
>>     =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D
>>=20
>>     --
>>     Rod Rodolico
>>     Daily Data, Inc.
>>     POB 140465
>>     Dallas TX 75214-0465
>>     214.827.2170 <tel:214.827.2170>
>>     http://www.dailydata.net
>>=20
>>=20
>>=20
>>=20
>> --=20
>>  _  _           _     ___         _        =20
>>  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
>> ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(
>=20


--===============3170736060768170776==--