GermanCat
Posts: 8
Joined: Sun Dec 30, 2012 11:58 pm

Raspberry web server

Tue Jan 01, 2013 7:11 pm

Hi everyone,

I just tried to set up a basic web server following this tutorial https://www.youtube.com/watch?v=WgcNBjIJNYs at 5:24

The only problem is during the last part, when typing the command :

Code: Select all

usermod -d /var/www pi
I get the following response : "user 'pi' does not exist".



Any help ?

Thanks in advance.

randrade
Posts: 79
Joined: Thu Dec 27, 2012 8:42 pm
Contact: Website

Re: Raspberry web server

Tue Jan 01, 2013 7:19 pm

You might want to not do that and instead just install lighttpd. This will give you a web server (no PHP, but I can give you very easy instructions if you want PHP)

If you choose to do this, do the following:

sudo apt-get update && sudo apt-get install lighttpd && sudo apt-get clean && sudo chmod 777 /var/www

You can then place your files in /var/www .

GermanCat
Posts: 8
Joined: Sun Dec 30, 2012 11:58 pm

Re: Raspberry web server

Tue Jan 01, 2013 7:28 pm

randrade wrote:You might want to not do that and instead just install lighttpd. This will give you a web server (no PHP, but I can give you very easy instructions if you want PHP)

If you choose to do this, do the following:

sudo apt-get update && sudo apt-get install lighttpd && sudo apt-get clean && sudo chmod 777 /var/www

You can then place your files in /var/www .

Thanks for the quick reponse.
I'll try what you said.

GermanCat
Posts: 8
Joined: Sun Dec 30, 2012 11:58 pm

Re: Raspberry web server

Tue Jan 01, 2013 9:10 pm

randrade wrote:You might want to not do that and instead just install lighttpd. This will give you a web server (no PHP, but I can give you very easy instructions if you want PHP)

If you choose to do this, do the following:

sudo apt-get update && sudo apt-get install lighttpd && sudo apt-get clean && sudo chmod 777 /var/www

You can then place your files in /var/www .

Quick newbie question :

I've successfully installed lighttpd onto the pi using the code you posted, however, what do I do regarding the ftp ? can I directly connect using filezilla ?

User avatar
.not
Posts: 17
Joined: Wed Aug 01, 2012 8:33 pm
Location: /dev/at
Contact: Website

Re: Raspberry web server

Tue Jan 01, 2013 9:12 pm

randrade wrote:sudo apt-get update && sudo apt-get install lighttpd && sudo apt-get clean && sudo chmod 777 /var/www
This hurts so much. You don't set the rights of data to 777 without having a very, very, very good reason to do so.

I'd suggest reading about the basics of the GNU/Linux operating system. If you don't want to do that please read at least the manpage of a command before calling it, done this way:

Code: Select all

man $name_of_the_program
You'll ruin your system faster than you could possibly imagine by just entering stuff without understanding it.

Concerning your FTP question, GermanCat: Yes, you can now connect via Filezilla directly, but: The FTP-server provided by the OpenSSH-server does not use the "classic" FTP. Instead it uses SFTP, a more secure version. So the port used is 22 not 21 and the "prefix" is "sftp" instead of "ftp", but Filezilla should normally determine that for itself without your help.
| Debian, FreeBSD | Raspberry Pi, Model B, 512MB RAM |

randrade
Posts: 79
Joined: Thu Dec 27, 2012 8:42 pm
Contact: Website

Re: Raspberry web server

Tue Jan 01, 2013 9:19 pm

.not wrote:
randrade wrote:sudo apt-get update && sudo apt-get install lighttpd && sudo apt-get clean && sudo chmod 777 /var/www
This hurts so much. You don't set the rights of data to 777 without having a very, very, very good reason to do so.

I'd suggest reading about the basics of the GNU/Linux operating system. If you don't want to do that please read at least the manpage of a command before calling it, done this way:

Code: Select all

man $name_of_the_program
You'll ruin your system faster than you could possibly imagine by just entering stuff without understanding it.
I know what chmod does and I know what 777 permissions mean. I set it this way so that I could easily copy php scripts from my laptop to the Pi via ssh, since /var/www is created by default with only root permissions.

User avatar
.not
Posts: 17
Joined: Wed Aug 01, 2012 8:33 pm
Location: /dev/at
Contact: Website

Re: Raspberry web server

Tue Jan 01, 2013 9:26 pm

I was not sending this into your direction, it was meant for GermanCat.
| Debian, FreeBSD | Raspberry Pi, Model B, 512MB RAM |

GermanCat
Posts: 8
Joined: Sun Dec 30, 2012 11:58 pm

Re: Raspberry web server

Tue Jan 01, 2013 9:32 pm

.not wrote:
randrade wrote:sudo apt-get update && sudo apt-get install lighttpd && sudo apt-get clean && sudo chmod 777 /var/www
This hurts so much. You don't set the rights of data to 777 without having a very, very, very good reason to do so.

I'd suggest reading about the basics of the GNU/Linux operating system. If you don't want to do that please read at least the manpage of a command before calling it, done this way:

Code: Select all

man $name_of_the_program
You'll ruin your system faster than you could possibly imagine by just entering stuff without understanding it.

Concerning your FTP question, GermanCat: Yes, you can now connect via Filezilla directly, but: The FTP-server provided by the OpenSSH-server does not use the "classic" FTP. Instead it uses SFTP, a more secure version. So the port used is 22 not 21 and the "prefix" is "sftp" instead of "ftp", but Filezilla should normally determine that for itself without your help.


Thank your for your quick and helpful answer.
The only thing which somehow bothers me now is that I followed the previously posted code and I did type the " chmod 777 /var/www" part in it.

How does it mess with my system ?

User avatar
.not
Posts: 17
Joined: Wed Aug 01, 2012 8:33 pm
Location: /dev/at
Contact: Website

Re: Raspberry web server

Tue Jan 01, 2013 10:08 pm

The command chmod (which comes from "change mode") command is used to set access rights or execution flags for files / directories. There are three types of rights - for the owner, for the group of the owner and for all other people. The rights are mostly noted in a numerical way - the number 4 symbolizes read-rights, 2 stands for write-rights and 1 grants execution rights. So with setting the rights of this directory to 777 you granted everyone full rights so he or she can do whatever she wants in this particular folder. And that's a security risk and in general bad practice.

(Because you're likely sitting at home behind a router it's not that dangerous - but even then you should not do it.)
| Debian, FreeBSD | Raspberry Pi, Model B, 512MB RAM |

technion
Posts: 238
Joined: Sun Dec 02, 2012 9:49 am

Re: Raspberry web server

Wed Jan 02, 2013 12:30 am

The problem with recommending a terrible security practice on the basis of "it's not that bad, we have x y z mitigation" is that such advice becomes 'normal' and suddenly people are building ecommerce sites based on 'best practice'.

Look at all the SQL injection vulnerabilities out there in major applications. They don't necessarily exist because people decided to take a shortcut. They exist because someone wrote a "beginner's PHP" guide which was "for learning purposes only and you don't have to worry about an attacker on a hello world script" which progressed to "guide to build a simple shopping cart in PHP" - many of which exist with such vulnerabilities. This progresses to "I built an online shop using my years of programming experience".

So to really answer this issue..
* Your web directory is owned by root and chmod 755
* You want to transfer files from your laptop

How are you doing so.. as the 'pi' user? So..
chgrp pi /var/www
chmod 775 /var/www

The folder is now 'pi' writable, without being 'world' writable. It took two lines. It's really not much of a shortcut to make it world writeable.

piatoakside
Posts: 4
Joined: Wed Jan 02, 2013 11:23 am

Re: Raspberry web server

Wed Jan 02, 2013 11:30 am

I've had a pi web server running 24/7 for some weeks now. Here's a page giving the steps I went through to set it up

http://www.davidandkay.me.uk/piserver.html

User avatar
yv1hx
Posts: 372
Joined: Sat Jul 21, 2012 10:09 pm
Location: Zulia, Venezuela
Contact: Website

Re: Raspberry web server

Sat Jan 26, 2013 3:50 pm

randrade wrote:You might want to not do that and instead just install lighttpd. This will give you a web server (no PHP, but I can give you very easy instructions if you want PHP)

If you choose to do this, do the following:

sudo apt-get update && sudo apt-get install lighttpd && sudo apt-get clean && sudo chmod 777 /var/www

You can then place your files in /var/www .
technion wrote:The problem with recommending a terrible security practice ...sinp....

....snip...
So to really answer this issue..
* Your web directory is owned by root and chmod 755
* You want to transfer files from your laptop

How are you doing so.. as the 'pi' user? So..
chgrp pi /var/www
chmod 775 /var/www

The folder is now 'pi' writable, without being 'world' writable. It took two lines. It's really not much of a shortcut to make it world writeable.
Worked for me right out the box, including of course the security measure suggested by technion, thanks to all.
Marco-Luis
Telecom Specialist (Now Available for Hire!)

http://www.meteoven.org
http://yv1hx.ddns.net
http://twitter.com/yv1hx

piatoakside
Posts: 4
Joined: Wed Jan 02, 2013 11:23 am

Re: Raspberry web server

Sat Jan 26, 2013 8:52 pm

That's great, Marco Luis. But is 'technion's point actually relevant here? I thought he was commenting on another posting. In my procedures I don't ftp from my laptop as 'pi', but as <newuser> an account with no sudo access which owns the 'web' folder and nothing else. That 'web' folder has '744' settings, and changing to '775' doesn't seem right to me.

technion
Posts: 238
Joined: Sun Dec 02, 2012 9:49 am

Re: Raspberry web server

Sun Jan 27, 2013 2:19 am

piatoakside wrote:That's great, Marco Luis. But is 'technion's point actually relevant here? I thought he was commenting on another posting. In my procedures I don't ftp from my laptop as 'pi', but as <newuser> an account with no sudo access which owns the 'web' folder and nothing else. That 'web' folder has '744' settings, and changing to '775' doesn't seem right to me.
The important point is that it's not world-writable, either way is really ok:
Folder is owned by your user, and chmod 744
Folder is owned by a group you are a member of, and chmod 774
To enable directory listings you may need a 5 anywhere you put a 4 in the above

In terms of 775 not seeming right, if there are other members of your group that should not have write access to the web server, you are completely right. If you are the only member of your group (as is the default for the pi user and group) then 775 = 755.

I think we can all agree what we don't want is 777 :)

piatoakside
Posts: 4
Joined: Wed Jan 02, 2013 11:23 am

Re: Raspberry web server

Sun Jan 27, 2013 12:55 pm

Thanks Technion. Fully agreed - of course. And having reread my 'instructions', I realise that I had forgotten to include the necessary chmod there. Stupid of me! I've modified Step 9 to include this. (Sticking to '744', though as you say there are other options.)

Return to “Networking and servers”