「20201109查看mediawiki的LOG來debug」:修訂間差異
跳至導覽
跳至搜尋
(未顯示同一使用者於中間所作的 30 次修訂) | |||
行 1: | 行 1: | ||
*REF1:https://www.mediawiki.org/wiki/Manual:How_to_debug | *REF1:https://www.mediawiki.org/wiki/Manual:How_to_debug | ||
==用date指令查看給定時區的時間== | |||
*https://phoenixnap.com/kb/linux-date-command | |||
*https://tw.piliapp.com/time-now/converter/tw-taipei/us-cst/ | |||
<pre> | |||
[root@localhost ~]# timedatectl list-timezones | |||
: | |||
Asia/Taipei | |||
Asia/Tashkent | |||
Asia/Tbilisi | |||
Asia/Tehran | |||
: | |||
[root@localhost ~]# TZ='Asia/Taipei' date | |||
Wed 11 Nov 2020 04:20:56 PM CST | |||
[root@localhost ~]# date | |||
Wed 11 Nov 2020 03:21:12 AM EST | |||
[root@localhost ~]# date -u | |||
</pre> | |||
==圖檔上傳失敗訊息== | ==圖檔上傳失敗訊息== | ||
*https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads | |||
*https://www.mediawiki.org/wiki/Topic:Qlib7k3p2zvi7pkq | |||
<pre> | <pre> | ||
無法開啟 "mwstore://local-backend/local-public/e/e1/嘸蝦米字根表.gif" 的鎖定檔案。請確保您的上傳目錄配置正確,且您的網頁伺服器具有寫入該目錄的權限。參見https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:$wgUploadDirectory 獲取更多信息。 | 無法開啟 "mwstore://local-backend/local-public/e/e1/嘸蝦米字根表.gif" 的鎖定檔案。請確保您的上傳目錄配置正確,且您的網頁伺服器具有寫入該目錄的權限。參見https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:$wgUploadDirectory 獲取更多信息。 | ||
# chown admin.admin images | |||
chown apache.apache images | |||
# ps aux|grep httpd | |||
root 3175492 0.1 0.2 33728 11368 ? Ss 00:00 0:00 /usr/sbin/httpd -DFOREGROUND | |||
apache 3175493 0.0 0.1 45132 6656 ? S 00:00 0:00 /usr/sbin/httpd -DFOREGROUND | |||
apache 3175494 0.0 0.2 1692780 9112 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND | |||
apache 3175495 0.0 0.2 1561644 8232 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND | |||
apache 3175496 0.0 0.2 1561644 8248 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND | |||
apache 3176328 0.0 0.2 1561584 8232 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND | |||
root 3177637 0.0 0.0 216084 656 pts/0 S+ 00:01 0:00 grep --color=auto httpd | |||
$wgTmpDirectory = "/tmp"; | |||
# ls /var/log -t | # ls /var/log -t | ||
行 17: | 行 57: | ||
</pre> | </pre> | ||
==/var/log/httpd/access_log== | ==[[20201111查看/var/log/php-fpm/www-error.log並修改/var/www/html/uploads資料夾的權限讓影像檔可以上傳]]== | ||
==查看/var/log/httpd/access_log== | |||
<pre> | <pre> | ||
[root@localhost kmvswiki2]# ls /var/log/httpd -t | [root@localhost kmvswiki2]# ls /var/log/httpd -t | ||
行 32: | 行 74: | ||
</pre> | </pre> | ||
==/var/log/httpd/error_log== | ==查看/var/log/httpd/error_log== | ||
https://www.liquidweb.com/kb/apache-error-no-matching-directoryindex-index-html-found-solved/ | *https://www.liquidweb.com/kb/apache-error-no-matching-directoryindex-index-html-found-solved/ | ||
*https://linuxconfig.org/how-to-install-mod-ssl-on-redhat-8 | |||
<pre> | <pre> | ||
[root@localhost kmvswiki2]# cat /var/log/httpd/error_log | [root@localhost kmvswiki2]# cat /var/log/httpd/error_log | ||
: | : | ||
[Sun Nov 08 19:51:29.875119 2020] [autoindex:error] [pid 1874604:tid 1874666] [client 101.251.242.238:36919] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive | [Sun Nov 08 19:51:29.875119 2020] [autoindex:error] [pid 1874604:tid 1874666] [client 101.251.242.238:36919] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive | ||
行 47: | 行 87: | ||
;[http2:warn] [pid 1196989:tid 1196989] AH02951: mod_ssl does not seem to be enabled | ;[http2:warn] [pid 1196989:tid 1196989] AH02951: mod_ssl does not seem to be enabled | ||
</pre> | |||
==修改httpd.conf 及 php.ini == | |||
<pre> | |||
# vi /etc/httpd/conf/httpd.conf | # vi /etc/httpd/conf/httpd.conf | ||
行 66: | 行 110: | ||
1184331 pts/0 S+ 0:00 grep --color=auto httpd | 1184331 pts/0 S+ 0:00 grep --color=auto httpd | ||
# cat /etc/php.ini|grep open_basedir | |||
; open_basedir, if set, limits all file operations to the defined directory | |||
open_basedir = /var/www/html/kmvswiki2/images/:/var/www/html/uploads/:/tmp/ | |||
; Note: if open_basedir is set, the cache is disabled | |||
[root@localhost ~]# | |||
[root@localhost ~]# stat /var/www/html/uploads/ | |||
File: /var/www/html/uploads/ | |||
Size: 57 Blocks: 0 IO Block: 4096 directory | |||
Device: fd00h/64768d Inode: 11578759 Links: 2 | |||
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) | |||
Context: unconfined_u:object_r:httpd_sys_rw_content_t:s0 | |||
Access: 2020-11-10 22:34:30.326348884 -0500 | |||
Modify: 2020-10-27 00:59:57.339026081 -0400 | |||
Change: 2020-10-27 01:38:35.541541889 -0400 | |||
Birth: - | |||
[root@localhost ~]# stat /tmp/ | |||
File: /tmp/ | |||
Size: 180 Blocks: 0 IO Block: 4096 directory | |||
Device: 1fh/31d Inode: 20408 Links: 9 | |||
Access: (1777/drwxrwxrwt) Uid: ( 0/ root) Gid: ( 0/ root) | |||
Context: system_u:object_r:tmp_t:s0 | |||
Access: 2020-11-05 03:10:05.959282800 -0500 | |||
Modify: 2020-11-11 03:35:03.898004510 -0500 | |||
Change: 2020-11-11 03:35:03.898004510 -0500 | |||
Birth: - | |||
[root@localhost ~]# | |||
# cat /etc/php.ini |grep file_uploads | |||
file_uploads = On | |||
max_file_uploads = 20 | |||
# tree test | |||
test | |||
├── 1.txt | |||
└── b | |||
└── 1.php | |||
1 directory, 2 files | |||
# cat test/b/1.php | |||
<?php | |||
echo file_get_contents("../1.txt"); | |||
?> | |||
# systemctl restart httpd | |||
# php 1.php | |||
PHP Warning: file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2 | |||
Warning: file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2 | |||
PHP Warning: file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2 | |||
Warning: file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2 | |||
[root@localhost html]# cd test/b | |||
[root@localhost b]# vi 2.php | |||
[root@localhost b]# cat 2.php | |||
<?php | |||
system("rm -rf ../1.txt"); | |||
?> | |||
[root@localhost b]# php 2.php | |||
[root@localhost b]# ls .. | |||
b | |||
[root@localhost b]# | |||
</pre> | </pre> | ||
*https://www.jianshu.com/p/cf2cd07d02cf |
於 2020年11月12日 (四) 11:49 的最新修訂
用date指令查看給定時區的時間
- https://phoenixnap.com/kb/linux-date-command
- https://tw.piliapp.com/time-now/converter/tw-taipei/us-cst/
[root@localhost ~]# timedatectl list-timezones : Asia/Taipei Asia/Tashkent Asia/Tbilisi Asia/Tehran : [root@localhost ~]# TZ='Asia/Taipei' date Wed 11 Nov 2020 04:20:56 PM CST [root@localhost ~]# date Wed 11 Nov 2020 03:21:12 AM EST [root@localhost ~]# date -u
圖檔上傳失敗訊息
- https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads
- https://www.mediawiki.org/wiki/Topic:Qlib7k3p2zvi7pkq
無法開啟 "mwstore://local-backend/local-public/e/e1/嘸蝦米字根表.gif" 的鎖定檔案。請確保您的上傳目錄配置正確,且您的網頁伺服器具有寫入該目錄的權限。參見https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:$wgUploadDirectory 獲取更多信息。 # chown admin.admin images chown apache.apache images # ps aux|grep httpd root 3175492 0.1 0.2 33728 11368 ? Ss 00:00 0:00 /usr/sbin/httpd -DFOREGROUND apache 3175493 0.0 0.1 45132 6656 ? S 00:00 0:00 /usr/sbin/httpd -DFOREGROUND apache 3175494 0.0 0.2 1692780 9112 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND apache 3175495 0.0 0.2 1561644 8232 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND apache 3175496 0.0 0.2 1561644 8248 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND apache 3176328 0.0 0.2 1561584 8232 ? Sl 00:00 0:00 /usr/sbin/httpd -DFOREGROUND root 3177637 0.0 0.0 216084 656 pts/0 S+ 00:01 0:00 grep --color=auto httpd $wgTmpDirectory = "/tmp"; # ls /var/log -t messages sssd spooler-20201108 messages-20201025 secure-20201018 maillog-20201018 secure spooler messages-20201101 dnf.librepo.log-20201025 boot.log spooler-20201018 lastlog maillog btmp hawkey.log-20201025 boot.log-20201014 private wtmp php-fpm dnf.librepo.log-20201101 secure-20201025 sangfor_watchdog.log tallylog dnf.log messages-20201108 hawkey.log-20201101 maillog-20201025 sangfor_vm_proxyd.log README dnf.librepo.log httpd dnf.log.1 spooler-20201025 sfping.log samba hawkey.log dnf.librepo.log-20201108 secure-20201101 mariadb firewalld chrony dnf.rpm.log hawkey.log-20201108 btmp-20201101 messages-20201018 audit sangfor_module_update.log secure-20201108 maillog-20201101 dnf.librepo.log-20201018 journal sangfor maillog-20201108 spooler-20201101 hawkey.log-20201018 anaconda
20201111查看/var/log/php-fpm/www-error.log並修改/var/www/html/uploads資料夾的權限讓影像檔可以上傳
查看/var/log/httpd/access_log
[root@localhost kmvswiki2]# ls /var/log/httpd -t access_log error_log-20201108 error_log-20201101 error_log-20201025 error_log-20201018 error_log access_log-20201108 access_log-20201101 access_log-20201025 access_log-20201018 [root@localhost kmvswiki2]# cat /var/log/httpd/access_log : 163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "POST /kmvswiki2/api.php HTTP/1.1" 200 88 "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0" 163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "POST /kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=submit HTTP/1.1" 302 - "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0" 163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "GET /kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug HTTP/1.1" 200 20304 "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0" 221.225.114.106 - - [08/Nov/2020:20:57:52 -0500] "GET /phpmyAdmin/ HTTP/1.1" 404 196 "-" "-" [root@localhost kmvswiki2]#
查看/var/log/httpd/error_log
- https://www.liquidweb.com/kb/apache-error-no-matching-directoryindex-index-html-found-solved/
- https://linuxconfig.org/how-to-install-mod-ssl-on-redhat-8
[root@localhost kmvswiki2]# cat /var/log/httpd/error_log : [Sun Nov 08 19:51:29.875119 2020] [autoindex:error] [pid 1874604:tid 1874666] [client 101.251.242.238:36919] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message ;[http2:warn] [pid 1196989:tid 1196989] AH02951: mod_ssl does not seem to be enabled
修改httpd.conf 及 php.ini
# vi /etc/httpd/conf/httpd.conf # cat /etc/httpd/conf/httpd.conf|grep index.php DirectoryIndex index.html index.php : ServerName lfwiki.kmvs.km.edu.tw:80 # systemctl restart httpd # ps ax|grep httpd 1183559 ? Ss 0:00 /usr/sbin/httpd -DFOREGROUND 1183561 ? S 0:00 /usr/sbin/httpd -DFOREGROUND 1183562 ? Sl 0:00 /usr/sbin/httpd -DFOREGROUND 1183563 ? Sl 0:00 /usr/sbin/httpd -DFOREGROUND 1183564 ? Sl 0:00 /usr/sbin/httpd -DFOREGROUND 1184331 pts/0 S+ 0:00 grep --color=auto httpd # cat /etc/php.ini|grep open_basedir ; open_basedir, if set, limits all file operations to the defined directory open_basedir = /var/www/html/kmvswiki2/images/:/var/www/html/uploads/:/tmp/ ; Note: if open_basedir is set, the cache is disabled [root@localhost ~]# [root@localhost ~]# stat /var/www/html/uploads/ File: /var/www/html/uploads/ Size: 57 Blocks: 0 IO Block: 4096 directory Device: fd00h/64768d Inode: 11578759 Links: 2 Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Context: unconfined_u:object_r:httpd_sys_rw_content_t:s0 Access: 2020-11-10 22:34:30.326348884 -0500 Modify: 2020-10-27 00:59:57.339026081 -0400 Change: 2020-10-27 01:38:35.541541889 -0400 Birth: - [root@localhost ~]# stat /tmp/ File: /tmp/ Size: 180 Blocks: 0 IO Block: 4096 directory Device: 1fh/31d Inode: 20408 Links: 9 Access: (1777/drwxrwxrwt) Uid: ( 0/ root) Gid: ( 0/ root) Context: system_u:object_r:tmp_t:s0 Access: 2020-11-05 03:10:05.959282800 -0500 Modify: 2020-11-11 03:35:03.898004510 -0500 Change: 2020-11-11 03:35:03.898004510 -0500 Birth: - [root@localhost ~]# # cat /etc/php.ini |grep file_uploads file_uploads = On max_file_uploads = 20 # tree test test ├── 1.txt └── b └── 1.php 1 directory, 2 files # cat test/b/1.php <?php echo file_get_contents("../1.txt"); ?> # systemctl restart httpd # php 1.php PHP Warning: file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2 Warning: file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2 PHP Warning: file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2 Warning: file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2 [root@localhost html]# cd test/b [root@localhost b]# vi 2.php [root@localhost b]# cat 2.php <?php system("rm -rf ../1.txt"); ?> [root@localhost b]# php 2.php [root@localhost b]# ls .. b [root@localhost b]#