20201109查看mediawiki的LOG來debug

出自金門農工維基III
跳至導覽 跳至搜尋

用date指令查看給定時區的時間

[root@localhost ~]# timedatectl list-timezones
:
Asia/Taipei
Asia/Tashkent
Asia/Tbilisi
Asia/Tehran
:

[root@localhost ~]# TZ='Asia/Taipei' date
Wed 11 Nov 2020 04:20:56 PM CST

[root@localhost ~]# date
Wed 11 Nov 2020 03:21:12 AM EST

[root@localhost ~]# date -u

圖檔上傳失敗訊息

無法開啟 "mwstore://local-backend/local-public/e/e1/嘸蝦米字根表.gif" 的鎖定檔案。請確保您的上傳目錄配置正確,且您的網頁伺服器具有寫入該目錄的權限。參見https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:$wgUploadDirectory 獲取更多信息。 

# chown admin.admin images

chown apache.apache images

# ps aux|grep httpd
root     3175492  0.1  0.2  33728 11368 ?        Ss   00:00   0:00 /usr/sbin/httpd -DFOREGROUND
apache   3175493  0.0  0.1  45132  6656 ?        S    00:00   0:00 /usr/sbin/httpd -DFOREGROUND
apache   3175494  0.0  0.2 1692780 9112 ?        Sl   00:00   0:00 /usr/sbin/httpd -DFOREGROUND
apache   3175495  0.0  0.2 1561644 8232 ?        Sl   00:00   0:00 /usr/sbin/httpd -DFOREGROUND
apache   3175496  0.0  0.2 1561644 8248 ?        Sl   00:00   0:00 /usr/sbin/httpd -DFOREGROUND
apache   3176328  0.0  0.2 1561584 8232 ?        Sl   00:00   0:00 /usr/sbin/httpd -DFOREGROUND
root     3177637  0.0  0.0 216084   656 pts/0    S+   00:01   0:00 grep --color=auto httpd


$wgTmpDirectory = "/tmp";


# ls /var/log -t
messages                   sssd                      spooler-20201108          messages-20201025         secure-20201018        maillog-20201018
secure                     spooler                   messages-20201101         dnf.librepo.log-20201025  boot.log               spooler-20201018
lastlog                    maillog                   btmp                      hawkey.log-20201025       boot.log-20201014      private
wtmp                       php-fpm                   dnf.librepo.log-20201101  secure-20201025           sangfor_watchdog.log   tallylog
dnf.log                    messages-20201108         hawkey.log-20201101       maillog-20201025          sangfor_vm_proxyd.log  README
dnf.librepo.log            httpd                     dnf.log.1                 spooler-20201025          sfping.log             samba
hawkey.log                 dnf.librepo.log-20201108  secure-20201101           mariadb                   firewalld              chrony
dnf.rpm.log                hawkey.log-20201108       btmp-20201101             messages-20201018         audit
sangfor_module_update.log  secure-20201108           maillog-20201101          dnf.librepo.log-20201018  journal
sangfor                    maillog-20201108          spooler-20201101          hawkey.log-20201018       anaconda

20201111查看/var/log/php-fpm/www-error.log並修改/var/www/html/uploads資料夾的權限讓影像檔可以上傳

查看/var/log/httpd/access_log

[root@localhost kmvswiki2]# ls /var/log/httpd -t
access_log  error_log-20201108   error_log-20201101   error_log-20201025   error_log-20201018
error_log   access_log-20201108  access_log-20201101  access_log-20201025  access_log-20201018

[root@localhost kmvswiki2]# cat /var/log/httpd/access_log
:
163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "POST /kmvswiki2/api.php HTTP/1.1" 200 88 "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "POST /kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=submit HTTP/1.1" 302 - "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "GET /kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug HTTP/1.1" 200 20304 "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
221.225.114.106 - - [08/Nov/2020:20:57:52 -0500] "GET /phpmyAdmin/ HTTP/1.1" 404 196 "-" "-"
[root@localhost kmvswiki2]#

查看/var/log/httpd/error_log

[root@localhost kmvswiki2]# cat /var/log/httpd/error_log
:

[Sun Nov 08 19:51:29.875119 2020] [autoindex:error] [pid 1874604:tid 1874666] [client 101.251.242.238:36919] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message

;[http2:warn] [pid 1196989:tid 1196989] AH02951: mod_ssl does not seem to be enabled

修改httpd.conf 及 php.ini


# vi /etc/httpd/conf/httpd.conf

# cat /etc/httpd/conf/httpd.conf|grep index.php
    DirectoryIndex index.html index.php
:
ServerName lfwiki.kmvs.km.edu.tw:80


# systemctl restart httpd

# ps ax|grep httpd
1183559 ?        Ss     0:00 /usr/sbin/httpd -DFOREGROUND
1183561 ?        S      0:00 /usr/sbin/httpd -DFOREGROUND
1183562 ?        Sl     0:00 /usr/sbin/httpd -DFOREGROUND
1183563 ?        Sl     0:00 /usr/sbin/httpd -DFOREGROUND
1183564 ?        Sl     0:00 /usr/sbin/httpd -DFOREGROUND
1184331 pts/0    S+     0:00 grep --color=auto httpd




# cat /etc/php.ini|grep open_basedir
; open_basedir, if set, limits all file operations to the defined directory
open_basedir = /var/www/html/kmvswiki2/images/:/var/www/html/uploads/:/tmp/
; Note: if open_basedir is set, the cache is disabled
[root@localhost ~]#

[root@localhost ~]# stat /var/www/html/uploads/
  File: /var/www/html/uploads/
  Size: 57              Blocks: 0          IO Block: 4096   directory
Device: fd00h/64768d    Inode: 11578759    Links: 2
Access: (0755/drwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Context: unconfined_u:object_r:httpd_sys_rw_content_t:s0
Access: 2020-11-10 22:34:30.326348884 -0500
Modify: 2020-10-27 00:59:57.339026081 -0400
Change: 2020-10-27 01:38:35.541541889 -0400
 Birth: -
[root@localhost ~]# stat /tmp/
  File: /tmp/
  Size: 180             Blocks: 0          IO Block: 4096   directory
Device: 1fh/31d Inode: 20408       Links: 9
Access: (1777/drwxrwxrwt)  Uid: (    0/    root)   Gid: (    0/    root)
Context: system_u:object_r:tmp_t:s0
Access: 2020-11-05 03:10:05.959282800 -0500
Modify: 2020-11-11 03:35:03.898004510 -0500
Change: 2020-11-11 03:35:03.898004510 -0500
 Birth: -
[root@localhost ~]#


# cat /etc/php.ini |grep file_uploads
file_uploads = On
max_file_uploads = 20




# tree test
test
├── 1.txt
└── b
    └── 1.php

1 directory, 2 files


# cat test/b/1.php
<?php
     echo file_get_contents("../1.txt");
?>


#  systemctl restart httpd

# php 1.php
PHP Warning:  file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2

Warning: file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2
PHP Warning:  file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2

Warning: file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2


[root@localhost html]# cd test/b
[root@localhost b]# vi 2.php
[root@localhost b]# cat 2.php
<?php
    system("rm -rf ../1.txt");
?>
[root@localhost b]# php 2.php
[root@localhost b]# ls ..
b
[root@localhost b]#
取自「http://lfwiki.kmvs.km.edu.tw/kia/index.php?title=20201109查看mediawiki的LOG來debug&oldid=282