This is to allow non-root users to start and stop IHS via sudo scripts. It also allows IHS to automatically start following a server restart.
As root
(1) Copy the init scripts into place
$ cp ~/ibmhttp* /etc/init.d/
(2) Set executable permissions
$ chmod a+x /etc/init.d/ibmhttp*
(3) Register the services
$ chkconfig --add ibmhttpd
$ chkconfig --add ibmhttpadmin
(4) Check the autostart options
$ chkconfig --list | grep ibm
ibmhttpadmin 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ibmhttpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
(5) Add to the /etc/sudoers file
Add: -
hayd ALL=NOPASSWD: /sbin/service ibmhttpd *
hayd ALL=NOPASSWD: /sbin/service ibmhttpadmin *
to the end of /etc/sudoers.
As the non-root user e.g. hayd
(1) Check the sudo permissions
$ sudo -l
Matching Defaults entries for hayd on this host:
requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS
DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1
PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE
LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY
LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL
LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",
secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin
User hayd may run the following commands on this host:
(root) NOPASSWD: /sbin/service ibmhttpd *
(root) NOPASSWD: /sbin/service ibmhttpadmin *
(2) Test the scripts
$ sudo /sbin/service ibmhttpd status
IBM HTTP Server is not running:
$ sudo /sbin/service ibmhttpadmin status
IBM HTTP Server is not running:
(3) Use the scripts
$ sudo /sbin/service ibmhttpd start
Starting IBM HTTP Server: [ OK ]
$ sudo /sbin/service ibmhttpadmin start
Starting IBM HTTP Server: /opt/IBM/HTTPServer/bin/adminctl start: admin http started
[ OK ]
(4) Check processes and logs
$ ps auxw | grep -i httpd
root 22928 0.0 0.1 5488 2664 ? Ss 01:02 0:00 /opt/IBM/HTTPServer/bin/httpd -d /opt/IBM/HTTPServer -k start
nobody 22930 0.0 0.0 5076 1444 ? S 01:02 0:00 /opt/IBM/HTTPServer/bin/httpd -d /opt/IBM/HTTPServer -k start
nobody 22931 0.0 0.0 5488 1712 ? S 01:02 0:00 /opt/IBM/HTTPServer/bin/httpd -d /opt/IBM/HTTPServer -k start
nobody 22932 0.0 0.0 283220 1844 ? Sl 01:02 0:00 /opt/IBM/HTTPServer/bin/httpd -d /opt/IBM/HTTPServer -k start
root 23100 0.0 0.0 4312 1512 ? Ss 01:14 0:00 /opt/IBM/HTTPServer/bin/httpd -f /opt/IBM/HTTPServer/conf/admin.conf
root 23102 0.0 0.0 4304 788 ? S 01:14 0:00 /opt/IBM/HTTPServer/bin/httpd -f /opt/IBM/HTTPServer/conf/admin.conf
ihsadmin 23103 0.0 0.1 77164 3468 ? Sl 01:14 0:00 /opt/IBM/HTTPServer/bin/httpd -f /opt/IBM/HTTPServer/conf/admin.conf
$ netstat -aon | grep 80
tcp 0 0 :::80 :::* LISTEN off (0.00/0/0)
tcp 0 0 :::8008 :::* LISTEN off (0.00/0/0)
$ cat /opt/IBM/HTTPServer/logs/error.log
[Sat Jun 23 01:02:03 2012] [notice] PLUGIN: mod_was_ap22_http: apache_log_header: WebSphere Plugins loaded.
[Sat Jun 23 01:02:03 2012] [notice] PLUGIN: mod_was_ap22_http: apache_log_header: --------------------Plugin Information-----------------------
[Sat Jun 23 01:02:03 2012] [notice] PLUGIN: mod_was_ap22_http: apache_log_header: Bld version: 7.0.0
[Sat Jun 23 01:02:03 2012] [notice] PLUGIN: mod_was_ap22_http: apache_log_header: Bld date: Aug 19 2008, 23:45:47
[Sat Jun 23 01:02:03 2012] [notice] PLUGIN: mod_was_ap22_http: apache_log_header: Webserver: IBM_HTTP_Server
[Sat Jun 23 01:02:03 2012] [notice] PLUGIN: mod_was_ap22_http: apache_log_header: --------------------------------------------------------------
[Sat Jun 23 01:02:03 2012] [notice] Using config file /opt/IBM/HTTPServer/conf/httpd.conf
[Sat Jun 23 01:02:03 2012] [notice] IBM_HTTP_Server/7.0.0.0 (Unix) configured -- resuming normal operations
[Sat Jun 23 01:02:03 2012] [notice] Core file limit is 0; core dumps will be not be written for server crashes
$ cat /opt/IBM/HTTPServer/Plugins/logs/webserver1/http_plugin.log
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - ERROR: lib_security: loadSecurityLibrary: Failed to load gsk library from /opt/IBM/HTTPServer/Plugins/gsk7/gsk7_32
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - ERROR: ws_transport: transportInitializeSecurity: Unable to load security library
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - ERROR: ws_server: serverAddTransport: Failed to initialize security
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - ERROR: ws_server: serverAddTransport: HTTPS Transport is skipped
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: Plugins loaded.
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: --------------------System Information-----------------------
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: Bld version: 7.0.0
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: Bld date: Aug 19 2008, 23:43:56
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: Webserver: IBM_HTTP_Server
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: Hostname = rhel6.uk.ibm.com
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: NOFILES = hard: 1024, soft: 1024
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: MAX COREFILE SZ = hard: INFINITE, soft: 0
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: DATA = hard: INFINITE, soft: INFINITE
[Sat Jun 23 01:02:03 2012] 00005990 f77276c0 - PLUGIN: --------------------------------------------------------------
( I'll come back to the security related errors later )
(5) Test the site via a browser i.e. http://localhost:80 or similar
(6) Reboot the server and check that the httpd tasks automatically start.
No comments:
Post a Comment