From mboxrd@z Thu Jan 1 00:00:00 1970 From: "R. W. Rodolico" To: development@lists.ipfire.org Subject: Re: Guardian 2 - Correction Date: Sat, 16 Jul 2016 19:56:33 -0500 Message-ID: <578AD7C1.7030202@dailydata.net> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1569430773683593639==" List-Id: --===============1569430773683593639== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Do the following: Open a command prompt on the router, via whatever means you have, and issue the command: tail -f /var/log/httpd/error_log Note the latest timestamp of the entry Now, open a web browser and browse to the Guardian page, but nothing else. Copy the text from the command prompt after the timestamp you noted above. You can send that directly to me if you like, or reply here. If I can not suggest a fix, I'll be happy to work with you via messaging, email, or if you're in the US, phone. Rod On 07/16/2016 07:42 PM, Mark Coolen wrote: > I'm still getting nothing but a blank page. Everything else seems to > still be working fine, but I'm a bit afraid I'll mess something up > really badly with all this playing around. > > On Sat, Jul 16, 2016 at 7:19 PM, R. W. Rodolico > wrote: > > A partial fix would be to run the following bash commands. The reason I > say partial is because I got the permissions from a different firewall > that does not have Guardian installed on it, so it could not determine > the correct permissions for any of those directories. > > This was taken from the output of a perl script I threw together. It is > NOT commented (sorry) but pretty straight forward. Simply gets the > permissions and ownership from each directory (and parent directory) out > of an array based on Matthias' research. I did NOT check to verify the > permissions were not already set. The output is simply a list of > commands to set permissions from one machine to the same as the > permissions on another. > > The originating script is temporarily stored at > http://unixservertech.com/fixPermissions.pl > That is a web site in progress. Feel free to download and run it on a > machine that has Guardian (after looking at it and making sure I didn't > do something stoopid). No guarantee it won't eat your firewall, but I > ran it on a production machine, then ran the output on my test router > and it appears to have worked. > ====================================================== > chown 0:0 /etc > chmod 0755 /etc > > chown 0:0 /etc/logrotate.d > chmod 0755 /etc/logrotate.d > > chown 0:0 /etc/rc.d > chmod 0755 /etc/rc.d > > chown 0:0 /etc/rc.d/init.d > chmod 0755 /etc/rc.d/init.d > > chown 0:0 /etc/rc.d/init.d/networking > chmod 0755 /etc/rc.d/init.d/networking > > chown 0:0 /etc/rc.d/init.d/networking/red.up > chmod 0755 /etc/rc.d/init.d/networking/red.up > > chown 0:0 /etc/rc.d/init.d/snort > chmod 0754 /etc/rc.d/init.d/snort > > chown 0:0 /etc/rc.d/rc0.d > chmod 0755 /etc/rc.d/rc0.d > > chown 0:0 /etc/rc.d/rc3.d > chmod 0755 /etc/rc.d/rc3.d > > chown 0:0 /etc/rc.d/rc6.d > chmod 0755 /etc/rc.d/rc6.d > > chown 0:0 /opt > chmod 0755 /opt > > chown 0:0 /opt/pakfire > chmod 0755 /opt/pakfire > > chown 0:0 /opt/pakfire/db > chmod 0755 /opt/pakfire/db > > chown 0:0 /opt/pakfire/db/installed > chmod 0755 /opt/pakfire/db/installed > > chown 0:0 /srv > chmod 0755 /srv > > chown 0:0 /srv/web > chmod 0755 /srv/web > > chown 0:0 /srv/web/ipfire > chmod 0755 /srv/web/ipfire > > chown 0:0 /srv/web/ipfire/cgi-bin > chmod 0755 /srv/web/ipfire/cgi-bin > > chown 0:0 /srv/web/ipfire/cgi-bin/ids.cgi > chmod 0755 /srv/web/ipfire/cgi-bin/ids.cgi > > chown 0:0 /usr > chmod 0755 /usr > > chown 0:0 /usr/bin > chmod 0755 /usr/bin > > chown 0:0 /usr/lib > chmod 0755 /usr/lib > > chown 0:0 /usr/lib/perl5 > chmod 0755 /usr/lib/perl5 > > chown 0:0 /usr/lib/perl5/site_perl > chmod 0755 /usr/lib/perl5/site_perl > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3 > chmod 0755 /usr/lib/perl5/site_perl/5.12.3 > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3/Net > chmod 0755 /usr/lib/perl5/site_perl/5.12.3/Net > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi > chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi > > chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto > chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto > > chown 0:0 /usr/sbin > chmod 0755 /usr/sbin > > chown 0:0 /var > chmod 0755 /var > > chown 0:0 /var/ipfire > chmod 0755 /var/ipfire > > chown 0:0 /var/ipfire/backup > chmod 0755 /var/ipfire/backup > > chown 0:0 /var/ipfire/backup/addons > chmod 0755 /var/ipfire/backup/addons > > chown 0:0 /var/ipfire/backup/addons/includes > chmod 0755 /var/ipfire/backup/addons/includes > > chown 0:0 /var/ipfire/langs > chmod 0755 /var/ipfire/langs > > chown 0:0 /var/ipfire/langs/de.pl > chmod 0644 /var/ipfire/langs/de.pl > > chown 0:0 /var/ipfire/langs/en.pl > chmod 0644 /var/ipfire/langs/en.pl > > chown 0:0 /var/ipfire/menu.d > chmod 0755 /var/ipfire/menu.d > > chown 0:0 /var/log > chmod 0755 /var/log > ====================================================== > > -- > Rod Rodolico > Daily Data, Inc. > POB 140465 > Dallas TX 75214-0465 > 214.827.2170 > http://www.dailydata.net > > > > > -- > _ _ _ ___ _ > )\/,) ___ __ )L, )) __ __ )) __ _ _ > ((`(( ((_( (| ((\ ((__((_)((_)(( (('((\( -- Rod Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 214.827.2170 http://www.dailydata.net --===============1569430773683593639==--