¥«¥Æ¥´¥ê¡¼
ºÇ¿·¥Ë¥å¡¼¥¹µ»ö
¤ª´«¤á¥È¥ì¡¼¥Ë¥ó¥°¥³¡¼¥¹
Solaris´ØÏ¢½ñÀÒ
SolarisǧÄê»ñ³Ê
SolarisƦÃμ±
Solaris¥Ç¥¹¥¯¥È¥Ã¥×ÀßÄê
Windows´ØÏ¢¥á¥â
¢£Solaris10
zone¡¡FMA¡¡SMF¡¡ZFS
DTrace¡¡NFSv4¡¡IPFilter
Least Privilegeµ¡Ç½
x86/x64 Solaris¡¡ ²¾ÁÛ²½µ»½Ñ
¤½¤Î¾
¢£¥·¥¹¥Æ¥à´ÉÍý
¥¤¥ó¥¹¥È¡¼¥ë¡¡¥»¥¥å¥ê¥Æ¥£¥Á¥§¥Ã¥¯
¢£³Æ¼ï¥µ¡¼¥Ð´ØÏ¢
Apache
BIND
MySQL
sendmail
squid
SSH
VirtualBox
VMware ESX
VNC
¢£³Æ¼ï¥µ¡¼¥Ð¡¦¥¹¥È¥ì¡¼¥¸´ÉÍý
Sun N1 Software
Sun Cluster
Solaris Volume Manager (SVM)
¢£¥»¥¥å¥ê¥Æ¥£¥Ä¡¼¥ë¡¦µ¡Ç½
snort
nmap
IPSec
¢£¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹´ÉÍý
¥«¡¼¥Í¥ë¥Ñ¥é¥á¡¼¥¿
TCP/IP·Ï¥Ñ¥é¥á¡¼¥¿
NIC¥É¥é¥¤¥Ð·Ï¥Ñ¥é¥á¡¼¥¿
¤ª´«¤á¥È¥ì¡¼¥Ë¥ó¥°¥³¡¼¥¹
Solaris´ØÏ¢½ñÀÒ
SolarisǧÄê»ñ³Ê
SolarisƦÃμ±
Solaris¥Ç¥¹¥¯¥È¥Ã¥×ÀßÄê
Windows´ØÏ¢¥á¥â
¢£Solaris10
zone¡¡FMA¡¡SMF¡¡ZFS
DTrace¡¡NFSv4¡¡IPFilter
Least Privilegeµ¡Ç½
x86/x64 Solaris¡¡ ²¾ÁÛ²½µ»½Ñ
¤½¤Î¾
¢£¥·¥¹¥Æ¥à´ÉÍý
¥¤¥ó¥¹¥È¡¼¥ë¡¡¥»¥¥å¥ê¥Æ¥£¥Á¥§¥Ã¥¯
¢£³Æ¼ï¥µ¡¼¥Ð´ØÏ¢
Apache
BIND
MySQL
sendmail
squid
SSH
VirtualBox
VMware ESX
VNC
¢£³Æ¼ï¥µ¡¼¥Ð¡¦¥¹¥È¥ì¡¼¥¸´ÉÍý
Sun N1 Software
Sun Cluster
Solaris Volume Manager (SVM)
¢£¥»¥¥å¥ê¥Æ¥£¥Ä¡¼¥ë¡¦µ¡Ç½
snort
nmap
IPSec
¢£¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹´ÉÍý
¥«¡¼¥Í¥ë¥Ñ¥é¥á¡¼¥¿
TCP/IP·Ï¥Ñ¥é¥á¡¼¥¿
NIC¥É¥é¥¤¥Ð·Ï¥Ñ¥é¥á¡¼¥¿
Sun¼ÒÄ󶡾ðÊó
docs.sun.com
SunSolve Online
BigAdmin [ ÆüËܸìÈÇ ]
Solaris¥Õ¥©¡¼¥é¥à
OpenSolaris ¡Ú¥½¡¼¥¹¥³¡¼¥ÉÆþ¼ê¡Û
¥¸¥ç¥Ê¥µ¥ó¡¦¥·¥å¥ï¥ë¥Ä¤Î¥Ö¥í¥°
SunSolve Online
BigAdmin [ ÆüËܸìÈÇ ]
Solaris¥Õ¥©¡¼¥é¥à
OpenSolaris ¡Ú¥½¡¼¥¹¥³¡¼¥ÉÆþ¼ê¡Û
¥¸¥ç¥Ê¥µ¥ó¡¦¥·¥å¥ï¥ë¥Ä¤Î¥Ö¥í¥°
Solaris¥Ñ¥Ã¥±¡¼¥¸¥À¥¦¥ó¥í¡¼¥É
Sun¥Þ¥·¥ó¤ÏÇ㤦¤Ë¤Ï
blogs.sun.com
¢¡ Solaris ¥È¥ì¡¼¥Ë¥ó¥°¥¬¥¤¥É
¢¡ ¤ä¤Ã¤Ñ¤ê Sun ¤¬¥¹¥¡ª
¢¡ ²¬ºê - Okazaki's blog
¢¡ ¥è¥Ã¥·¡¼¥Ö¥í¥°
¢¡ Masaki Katakai's Weblog
¢¡ ¤ä¤Ã¤Ñ¤ê Sun ¤¬¥¹¥¡ª
¢¡ ²¬ºê - Okazaki's blog
¢¡ ¥è¥Ã¥·¡¼¥Ö¥í¥°
¢¡ Masaki Katakai's Weblog
¤ª´«¤á¥µ¥¤¥È
Least Privilege(ºÇ¾®Æø¢µ¡Ç½)¤ÇApache2¤ò´°Á´¤ËÈóÆø¢¥æ¡¼¥¶¤Ç¼Â¹Ô¤¹¤ë¡£
¡Ú¸¡¾Ú´Ä¶¡Û# more /etc/release
Solaris 10 3/05 s10_74L2a SPARC
Copyright 2005 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 22 January 2005
# uname -a
SunOS s10test 5.10 Generic sun4u sparc SUNW,Ultra-5_10
¡ÚApache2¤Îµ¯Æ°¡Û
¤È¤ê¤¢¤¨¤ºSolaris10¤Ëɸ½à¤ÇÆþ¤Ã¤Æ¤¤¤ëApache2¤¬SMF´Ä¶¤ÇÀµ¤·¤¯Æ°¤¯¤«³Îǧ¤·¤Æ¤ß¤ë¡£
Apache2¤Î¥Ð¡¼¥¸¥ç¥ó¤Ï2.0.52¤Î¤è¤¦¤À¡£
# /usr/apache2/bin/httpd -v
Server version: Apache/2.0.52
Server built: Jan 8 2005 01:51:11
¤Þ¤¡ÀßÄê¥Õ¥¡¥¤¥ë¤Î¾ì½ê¤Ê¤É¤ÏÁÛÁü¤Ç¤¤ë¤¬¡¢
°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÇApache2¥µ¡¼¥Ó¥¹¤Îµ¯Æ°¥¹¥¯¥ê¥×¥È¤ò³Îǧ¤·¤Æ¤ß¤ë¡£
# svcprop -p start/exec apache2
/lib/svc/method/http-apache2\ start
¤È¤¤¤¦¤ï¤±¤Ç¾åµ¥Õ¥¡¥¤¥ë¤ÎÃæ¿È¤ò³Îǧ¤¹¤ë¤È¡¢
ͽÁÛÄ̤ê/etc/apache2/httpd.conf¤¬ÀßÄê¥Õ¥¡¥¤¥ë¤À¤Í¡£
# more /lib/svc/method/http-apache2
#!/sbin/sh
...
...
APACHE_HOME=/usr/apache2
CONF_FILE=/etc/apache2/httpd.conf
PIDFILE=/var/run/apache2/httpd.pid
...
...
¤È¤¤¤¦¤ï¤±¤ÇÀßÄê¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¤Þ¤·¤ç¡£
¤¤¤Ä¤âÄ̤ê¥Æ¥ó¥×¥ì¡¼¥È¤ò¥³¥Ô¡¼¤·¤ÆServerName¤¯¤é¤¤¤ÏÊѹ¹¤·¤Þ¤·¤ç¤¦¤«¡£
¤Á¤Ê¤ß¤ËSolaris10¤ÎApache2¤Ï¼Â¹Ô¥æ¡¼¥¶¡¢¥°¥ë¡¼¥×¤Ïwebservd(80)¤Î¸¢¸Â¤ÇÆ°¤¯¡£
(80È֥ݡ¼¥È¤ò¥Ð¥¤¥ó¥É¤¹¤ë¥á¥¤¥ó¤Î¥Ç¡¼¥â¥ó¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¤Ïroot¸¢¸Â)
# cd /etc/apache2
# ls
highperformance-std.conf httpd.conf-example ssl-std.conf
highperformance.conf magic ssl.conf
httpd-std.conf mime.types
# cp httpd.conf-example httpd.conf
# vi httpd.conf
...
User webservd
Group webservd
...
ServerName s10test <--- ŬÅö¤Ë½¤Àµ
httpd.conf¤Î½¤Àµ¤ò¤·¤¿¤é¡¢¤¢¤È¤Ï°Ê²¼¤Î¤è¤¦¤Ëapache2¥µ¡¼¥Ó¥¹¤Îµ¯Æ°¤ò¤¹¤ë¡£
¢ª ¥µ¡¼ ¥Ó¥¹¤Îµ¯Æ°ÊýË¡¤ÎÀâÌÀ¤Ï¤³¤Á¤é
# svcadm enable apache2
# svcs -a | grep apache2
online 17:30:38 svc:/network/http:apache2
# svcs -p apache2
STATE STIME FMRI
online 17:30:38 svc:/network/http:apache2
17:30:38 842 httpd
17:30:39 843 httpd
17:30:39 844 httpd
17:30:39 845 httpd
17:30:39 846 httpd
17:30:39 847 httpd
# ps -ef | grep httpd
webservd 845 842 0 17:30:39 ? 0:00 /usr/apache2/bin/httpd -k start
root 842 1 0 17:30:38 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 847 842 0 17:30:39 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 846 842 0 17:30:39 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 844 842 0 17:30:39 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 843 842 0 17:30:39 ? 0:00 /usr/apache2/bin/httpd -k start
¾åµ¤Î¤è¤¦¤ËÄ̾ﵯư¤Ï³Îǧ¤Ç¤¤¿¡£
¤³¤ì¤«¤é¤¬ËÜÂê¤Ç¾åµ¤Îroot¤Ç¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¥×¥í¥»¥¹¤ò
Solaris10¤ÎLeast Privilegeµ¡Ç½¤ò»È¤Ã¤Æwebservd¤Ç¼Â¹Ô¤¹¤ë¤è¤¦¤ËÊѹ¹¤¹¤ë¡£
¡ÚLeast Privilegeµ¡Ç½¤ÎŬÍÑ¡Û
¤Þ¤ºapache2¤Îmanifest¤Ë°Ê²¼¤Î¤è¤¦¤Ë¥¨¥ó¥È¥ê¤òÄɲ乤롣
net_privaddrÆø¢¤ÏÆø¢ÉÕ¤¥Ý¡¼¥ÈÈÖ¹æ¤Ë¥Ð¥¤¥ó¥É¤Ç¤¤ë¤è¤¦¤Ë¤·¤Þ¤¹¡£
Æø¢ÉÕ¤¥Ý¡¼¥ÈÈÖ¹æ¤Ï 1 ¡Á 1023 ¤ÎÈÖ¹æ¤ò»ý¤Ä¥Ý¡¼¥È(½¾Íè¤Î UNIX Æø¢ÉÕ¤¥Ý¡¼¥È) ¤È¡¢"udp/tcp_extra_priv_ports" ¤È¥Þ¡¼¥¯¤µ¤ì¤Æ¤¤¤ë¥Ý¡¼¥È (NFS ¤Ç»ÈÍѤ¹¤ë¤¿¤á¤ËͽÌ󤵤ì¤Æ¤¤¤ë¥Ý¡¼¥È¤ò½ü¤¯) ¤Ç¤¹¡£
¢ª Least Privilegeµ¡Ç½¤ÎÆø¢°ìÍ÷¤Ï¤³¤Á¤é
# vi /var/svc/manifest/network/http-apache2.xml
...
...
<exec_method
type='method'
name='start'
exec='/lib/svc/method/http-apache2 start'
timeout_seconds='60'> <--- ¤³¤³¤Î / ¤òºï½ü¤·°Ê²¼¤òÄɲÃ
<method_context>
<method_credential user="webservd"
group="webservd"
privileges="basic,net_privaddr" />
</method_context>
</exec_method>
¤½¤·¤Æ¾åµ¥Õ¥¡¥¤¥ë¤òimport¤¹¤ë¡£
# svccfg import http-apache2.xml
# svcadm restart apache2
# svcs -a | grep apache2
maintenance 17:43:17 svc:/network/http:apache2
¤Ì¤©¡ª¤Ê¤ó¤Èmaintenance¤Ë¤Ê¤Ã¤Æ¤·¤Þ¤Ã¤¿¡£
¤·¤«¤·manifest¤Îµ½Ò¤ò´Ö°ã¤¨¤¿¤ï¤±¤Ç¤Ï¤Ê¤¤¤Î¤Ç¤´°Â¿´¤ò¡£ °Ê²¼¤Î¤è¤¦¤Ë¸¶°ø¤ò³Îǧ¤¹¤ë¤È¥¹¥¿¡¼¥È¥á¥½¥Ã¥ÉÃæ¤Ë¥¨¥é¡¼¤¬¤¢¤Ã¤¿Íͻҡ£
# svcs -xv apache2
svc:/network/http:apache2 (Apache 2 HTTP server)
¾õÂÖ: 2005ǯ04·î01Æü (¶â) 17»þ43ʬ17Éà °Ê¹ßmaintenance¤Ç¤¹
¸¶°ø: ³«»Ï¥á¥½¥Ã¥É¤Ë·«¤êÊÖ¤·¼ºÇÔ¤·¤Þ¤·¤¿¡£ºÇ¸å¤Ï ¾õÂÖ 1 ¤Ç½ªÎ»¤·¤Þ¤·¤¿.
»²¾È: http://sun.com/msg/SMF-8000-KS
»²¾È: man -M /usr/share/man -s 1M apache2
»²¾È: /var/svc/log/network-http:apache2.log
±Æ¶Á: ¤³¤Î¥µ¡¼¥Ó¥¹¤ÏÆ°ºî¤·¤Æ¤¤¤Þ¤»¤ó¡£
¤È¤¤¤¦¤ï¤±¤Ç¥µ¡¼¥Ó¥¹¤Î¥í¥°¥Õ¥¡¥¤¥ë¤ò³Îǧ¤·¤Æ¤ß¤ë¤È¡¢
apache¤Î¥í¥°¥Õ¥¡¥¤¥ë¤Ø¤Î¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤¬¤Ê¤«¤Ã¤¿¤ß¤¿¤¤¡£
# tail /var/svc/log/network-http:apache2.log
Unable to open logs
[ 4·î 1 17:43:16 Method "start" exited with status 1 ]
[ 4·î 1 17:43:16 Executing start method ("/lib/svc/method/http-apache2 start") ]
(13)Permission denied: httpd: could not open error log file /var/apache2/logs/error_log.
Unable to open logs
[ 4·î 1 17:43:16 Method "start" exited with status 1 ]
[ 4·î 1 17:43:16 Executing start method ("/lib/svc/method/http-apache2 start") ]
(13)Permission denied: httpd: could not open error log file /var/apache2/logs/error_log.
Unable to open logs
[ 4·î 1 17:43:17 Method "start" exited with status 1 ]
°Ê²¼¤Î¤è¤¦¤Ë¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤ò³Îǧ¤·¤Æwebservd¤ËÊѹ¹¤·¤Æ¤ß¤ë¡£
# cd /var/apache2/logs
# ls -l
¹ç·× 2
-rw-r--r-- 1 root root 0 4·î 1Æü 17:30 access_log
-rw-r--r-- 1 root root 717 4·î 1Æü 17:43 error_log
# chown webservd:webservd *
# ls -l
¹ç·× 2
-rw-r--r-- 1 webservd webservd 0 4·î 1Æü 17:30 access_log
-rw-r--r-- 1 webservd webservd 717 4·î 1Æü 17:43 error_log
maintenance¥¹¥Æ¡¼¥¿¥¹¤ò¥¯¥ê¥¢¤·¤Æ¤â¤¦°ìÅÙµ¯Æ°¤Ë¥Á¥ã¥ì¥ó¥¸¡£
# svcadm clear apache2
# svcadm enable apache2
# svcs apache2
STATE STIME FMRI
offline* 17:53:01 svc:/network/http:apache2
# svcs apache2
STATE STIME FMRI
online* 17:53:03 svc:/network/http:apache2
# svcs apache2
STATE STIME FMRI
online 17:53:04 svc:/network/http:apache2
# svcs apache2
STATE STIME FMRI
online* 17:53:05 svc:/network/http:apache2
# svcs apache2
STATE STIME FMRI
offline* 17:53:05 svc:/network/http:apache2
# svcs apache2
STATE STIME FMRI
online* 17:53:07 svc:/network/http:apache2
# svcs apache2
STATE STIME FMRI
online 17:53:08 svc:/network/http:apache2
¤à¤à¤Ã¡ª¤É¤¦¤â¥Ç¡¼¥â¥ó¤¬¸«¤¨¤Ê¤¤¤È»×¤Ã¤¿¤é¡¢
²¿¤ä¤éµ¯Æ°¡õÄä»ß¤¬¥ë¡¼¥×¤·¤Æ¤¤¤ë¤ß¤¿¤¤¤À¡£
°Ê²¼¤Î¤è¤¦¤Ë¥í¥°¥Õ¥¡¥¤¥ë¤ò¤ß¤ë¤ÈPID¥Õ¥¡¥¤¥ë¤Ë´Ø·¸¤¢¤ê¤½¤¦¤À¡£
# tail /var/svc/log/network-http:apache2.log
httpd (no pid file) not running
[ 4·î 1 17:56:15 Method "stop" exited with status 0 ]
[ 4·î 1 17:56:15 Executing start method ("/lib/svc/method/http-apache2 start") ]
[ 4·î 1 17:56:16 Method "start" exited with status 0 ]
[ 4·î 1 17:56:17 Stopping because all processes in service exited. ]
[ 4·î 1 17:56:17 Executing stop method ("/lib/svc/method/http-apache2 stop") ]
httpd (no pid file) not running
[ 4·î 1 17:56:17 Method "stop" exited with status 0 ]
[ 4·î 1 17:56:17 Executing start method ("/lib/svc/method/http-apache2 start") ]
[ 4·î 1 17:56:18 Method "start" exited with status 0 ]
¼¡¤Î¤è¤¦¤ËApache2¤Î¥¨¥é¡¼¥í¥°¥Õ¥¡¥¤¥ë¤â³Îǧ¤·¤Æ¤ß¤ë¡£
¤Ê¤ó¤È¡¢httpd.pid¥Õ¥¡¥¤¥ë¤ÎºîÀ®¤Ë¼ºÇÔ¤·¤Æ¤¤¤ë¤¸¤ã¤Ê¤¤¤«¡£
¤è¤¯¹Í¤¨¤ì¤Ðwebservd¸¢¸Â¤Ç¼Â¹Ô¤·¤Æ¤¤¤ë¤Î¤ÇÅö¤¿¤êÁ°¤À¤¬
¤Þ¤Ã¤¿¤¯À¤Ï䬤䤱¤ë¤Í¡£
# tail /var/apache2/logs/error_log
[Fri Apr 01 17:57:56 2005] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 01 17:57:56 2005] [notice] Digest: done
[Fri Apr 01 17:57:57 2005] [error] (13)Permission denied: could not create /var/run/apache2/httpd.pid
[Fri Apr 01 17:57:57 2005] [error] httpd: could not log pid to file /var/run/apache2/httpd.pid
[Fri Apr 01 17:57:58 2005] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 01 17:57:58 2005] [notice] Digest: done
[Fri Apr 01 17:57:59 2005] [error] (13)Permission denied: could not create /var/run/apache2/httpd.pid
[Fri Apr 01 17:57:59 2005] [error] httpd: could not log pid to file /var/run/apache2/httpd.pid
[Fri Apr 01 17:58:00 2005] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 01 17:58:00 2005] [notice] Digest: done
¤È¤¤¤¦¤ï¤±¤Ç/var/run/apache2¤Î¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤ò³Îǧ¡£
¤ä¤Ã¤Ñ¤ê¤À¡¦¡¦¡¦¡£
# cd /var/run
# ls -l
¹ç·× 128
drwxr-xr-x 2 root root 117 4·î 1Æü 17:22 apache
drwxr-xr-x 2 root root 117 4·î 1Æü 17:43 apache2
drwx------ 2 root root 419 3·î 30Æü 10:42 atokserver
drwxr-xr-x 2 daemon daemon 117 3·î 30Æü 10:42 daemon
srwxrwxrwx 1 root root 0 3·î 30Æü 10:42 jd_sockV6
Dr--r--r-- 1 daemon daemon 0 3·î 30Æü 10:42 kcfd_door
-rw-r--r-- 1 root root 0 3·î 30Æü 10:42 metaset.265
Dr--r--r-- 1 root root 0 3·î 30Æü 10:42 name_service_door
-rw-r--r-- 1 root root 0 3·î 30Æü 10:42 nfs4_domain
Dr--r--r-- 1 root root 0 3·î 30Æü 10:42 picld_door
-r--r--r-- 1 root root 4 3·î 30Æü 10:42 powerd.pid
drwxrwxrwt 2 root root 186 3·î 30Æü 10:42 rpc_door
drwxr-xr-x 3 root root 191 3·î 30Æü 10:42 sysevent_channels
-rw-r--r-- 1 root root 4 3·î 30Æü 10:42 syslog.pid
Drw-r--r-- 1 root root 0 3·î 30Æü 10:42 syslog_door
°Ê²¼¤Î¤è¤¦¤ËÊѹ¹¤¹¤ì¤Ð¡¢¥Ð¥Ã¥Á¥ê¤Î¤Ï¤º¡£
# chown webservd:webservd apache2
# ls -ld apache2
drwxr-xr-x 2 webservd webservd 183 4·î 1Æü 18:02 apache2
Ç°¤Î¤¿¤áapache2¤òdisable¤Ë¤·¤Æ¤«¤éenable¤Ë¤·¤ÆÆ°ºî³Îǧ¡£
# svcadm disable apache2
# svcs apache2
STATE STIME FMRI
disabled 18:03:50 svc:/network/http:apache2
# svcadm enable apache2
# svcs -p apache2
STATE STIME FMRI
online 18:04:04 svc:/network/http:apache2
18:04:04 5220 httpd
18:04:05 5221 httpd
18:04:05 5222 httpd
18:04:05 5223 httpd
18:04:05 5224 httpd
18:04:05 5225 httpd
º£Å٤Ϥ¦¤Þ¤¯Æ°¤¤¤Æ¤¤¤ëÍͻҡ£
¤·¤«¤â°Ê²¼¤ÎÄ̤ꤹ¤Ù¤Æ¤Î¥×¥í¥»¥¹¤¬webservd¤Ç¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¡£
# ps -ef | grep apache2
webservd 5223 5220 0 18:04:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5222 5220 0 18:04:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5221 5220 0 18:04:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5224 5220 0 18:04:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5220 1 0 18:04:04 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5225 5220 0 18:04:05 ? 0:00 /usr/apache2/bin/httpd -k start
¤·¤«¡¼¤·¡¢¼Â¤Ï¤³¤ì¤Ç¤â¥À¥á¤Ê¤Î¤è¡£
¸ÌÀ¤Ê¿Í¤Ê¤é¤ï¤«¤ë¤Ï¤º¤À¤±¤É¡¢/var/run/apache2¤Î¥Ñ¡¼¥ß¥Ã¥·¥ç¥óÊѹ¹¤ò¤·¤Æ¤â¡¢
Solaris¤Î/var/run¤Ïtmpfs¤Ê¤Î¤ÇºÆµ¯Æ°¤¹¤ë¤È¤¹¤Ù¤Æ¤Î¥Õ¥¡¥¤¥ë¤¬¾Ã¤¨¤ë¤ï¤±¤µ¡£
¤È¤¤¤¦¤³¤È¤Ï¡¢¾åµÀßÄê¤ÇºÆµ¯Æ°¤¹¤ì¤Ð¡¢·ë¶É¤ÏƱ¤¸¤³¤È¤Î·«¤êÊÖ¤·¤Ë¤Ê¤ë¤ï¤±¡£
¤Ê¤Î¤ÇÌÌÅݽ¤¤¤±¤É¡¢apache2¤ÎÀßÄê¥Õ¥¡¥¤¥ë¦¤ÇPID¥Õ¥¡¥¤¥ë¤ÎÀ¸À®¾ì½ê¤òÊѹ¹¤·¤Ê¤¤¤È¥À¥á¤ß¤¿¤¤¡£
# vi /etc/apache2/httpd.conf
...
<IfModule !mpm_netware.c>
#PidFile /var/run/apache2/httpd.pid
PidFile /var/apache2/run/httpd.pid
</IfModule>
...
ÅöÁ³¡¢¾åµÀßÄê¤ÎÄ̤ê/var/apache2¥Ç¥£¥ì¥¯¥È¥ê¤Ëwebservd¤¬¥ª¡¼¥Ê¡¼¤Îrun¥Ç¥£¥ì¥¯¥È¥ê¤òºîÀ®¤¹¤ë¡£
# mkdir /var/apache2/run
# chown webservd:webservd /var/apache2/run
¤µ¤é¤Ëapache2¤ÎÀ©¸æ¥¹¥¯¥ê¥×¥È¤Ç¤¢¤ë /lib/svc/method/http-apache2 ¤ò°Ê²¼¤Î¤è¤¦¤Ë½¤Àµ¤¹¤ë¡£
# vi /lib/svc/method/http-apache2
...
. /lib/svc/share/smf_include.sh
APACHE_HOME=/usr/apache2
CONF_FILE=/etc/apache2/httpd.conf
#PIDFILE=/var/run/apache2/httpd.pid
PIDFILE=/var/apache2/run/httpd.pid
[ ! -f ${CONF_FILE} ] && exit $SMF_EXIT_ERR_CONFIG
case "$1" in
start)
/bin/rm -f ${PIDFILE}
# /bin/mkdir -p /var/run/apache2 <--- ¤³¤Îºî¶È¤¬ÉÔÍפˤʤ俤Τǥ³¥á¥ó¥È¥¢¥¦¥È
ssl=`svcprop -p httpd/ssl svc:/network/http:apache2`
...
¤³¤ì¤Ç³µ¤ÍÌäÂê¤Ê¤¤¤Ï¤º¤À¤¬¡¢svcadm¥³¥Þ¥ó¥É¤Çapache2¤òenable¤Ë¤·¤Æ¤â¤Þ¤À¡¢µóÆ°¤¬²ø¤·¤¤¡£
/var/apache2/logs/error_log¤Ç³Îǧ¤¹¤ë¤È°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤¿¡£
# tail /var/apache2/logs/error_log
...
[Fri Apr 01 18:08:04 2005] [notice] Digest: done
[Fri Apr 01 18:08:05 2005] [emerg] (2)No such file or directory: Couldn't create accept lock
[Fri Apr 01 18:08:06 2005] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 01 18:08:06 2005] [notice] Digest: done
[Fri Apr 01 18:08:07 2005] [emerg] (2)No such file or directory: Couldn't create accept lock
¤È¤¤¤¦¤ï¤±¤Ç¤Þ¤¿¤â¤ähttpd.conf¤ÎÊÔ½¸¤Ç¡¢°Ê²¼¤Î¤è¤¦¤Ë¤·¤Æ¤ß¤¿¡£
...
<IfModule !mpm_netware.c>
#LockFile /var/apache2/logs/accept.lock
LockFile /var/apache2/logs/accept.lock
</IfModule>
...
¤³¤ì¤Ç¤â¤¦°ìÅÙapache2¤ò¥ê¥¹¥¿¡¼¥È¤¹¤ë¤È¥¨¥é¡¼¥í¥°¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¡¢OK¤½¤¦¤À¡£
# tail /var/apache2/logs/error_log
...
[Fri Apr 01 18:10:00 2005] [notice] Digest: done
[Fri Apr 01 18:10:01 2005] [notice] Apache/2.0.52 (Unix) DAV/2 configured -- resuming normal operations
¥·¥¹¥Æ¥àºÆµ¯Æ°¸å¤â°Ê²¼¤Î¤è¤¦¤Ëps¥³¥Þ¥ó¥É¤Ç¥Ç¡¼¥â¥ó¤ò³Îǧ¤·¤Æ¤âÀµ¾ï²ÔƯ¤¬³Îǧ¤Ç¤¤¿¡£
# ps -ef | grep apache2
webservd 5223 5220 0 18:14:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5222 5220 0 18:14:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5221 5220 0 18:14:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5224 5220 0 18:14:05 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5220 1 0 18:14:04 ? 0:00 /usr/apache2/bin/httpd -k start
webservd 5225 5220 0 18:14:05 ? 0:00 /usr/apache2/bin/httpd -k start
¤Õ¤¥¡Á¤ä¤Ã¤È¤¦¤Þ¤¯¤¤¤Ã¤¿¤«¤Ê¡£
º£²ó¤Ï¿È¶á¤Êapache¤Ç¸¡¾Ú¤·¤¿¤¬¡¢¤ª¤½¤é¤¯25/tcp¥Ý¡¼¥È¤òroot¸¢¸Â¤Ç¥Ð¥¤¥ó¥É¤¹¤ëɬÍפΤ¢¤ë
sendmail¤Ê¤É¤Î¥Ç¡¼¥â¥ó¤Ç¤âÀßÄê¤Ç¤¤ë¤Ï¤º¡£
Ãí°Õ¥Ý¥¤¥ó¥È¤ÏPID¥Õ¥¡¥¤¥ë¤ä¥í¥°¥Õ¥¡¥¤¥ë¤ÎÃÖ¤¾ì¤Î¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤À¤Í¡£
¡Ú¥¢¥ó¥±¡¼¥È¡Û
¤³¤Îµ»ö¤Ï¤¿¤á¤Ë¤Ê¤ê¤Þ¤·¤¿¤«¡©
¡¡¡¡¡¡¤Ï¤¤¡¡¡¡/¡¡¡¡¤¤¤¤¤¨