Site Monitor is a security monitoring and reporting tool for osCommerce.
I’ve been working through an update that will allow version 2.9 to work with osCmax version 2.5
I documented it in the osCmax wiki Site Monitor page last night including all the changes that I made to the files.
It should appear as a project / contrib in the osCmax web site in the next few days.
You can download my latest version of Site Monitor 2.9 for osCmax from here as well.
Downloaded the svn of osCmax to do some dev work and the first install screen advised that session.use_trans_sid was enabled and should not be.
After some quick research that simply suggested I add a rule to .htaccess, I went looking at the php.ini and how to turn it off permanently.
[php]
# grep session /etc/e-smith/templates/etc/php.ini/*
returns
/etc/e-smith/templates/etc/php.ini/80ModuleSettings16Session:session.use_trans_sid = 1
[/php]
Which tells me to copy the offending template section to the templates-custom area, set it to 0, and recompile the template for php.ini
[php]
# cp /etc/e-smith/templates/etc/php.ini/80ModuleSettings16Session /etc/e-smith/templates-custom/etc/php.ini/
[/php]
I like using mcedit on my linux systems but you might prefer vi or something else.
[php]
#mcedit /etc/e-smith/templates-custom/etc/php.ini/80ModuleSettings16Session
[/php]
and change the setting for session.use_trans_sid from 1 to 0 and save the file.
Then rebuild the php.ini and restart apache.
[php]
# /sbin/e-smith/expand-template /etc/php.ini
# apachectl graceful
[/php]
Of course these notes pretty much apply to any SME Server template snippet to adjust the server settings permanently so that reboots don’t lose your changes.
Went to run an svn download on my current dev server this morning and could not find the subversion add-on.
Look at this for current details http://wiki.contribs.org/SME8.0_Contribs_QA#smeserver-subversion
I then checked this section http://wiki.contribs.org/SME8.0_Contribs_QA#Setup and created the sme7contribs repo. Yes copy and paste of the multi lines of db update commands does work.
[php]
yum install smeserver-subversion –enablerepo=sme7contribs
[/php]
I then got missing dependencies information and apparently these are meant to be manually setup, but how to find what to actually install?
subversion-1.4.6-0.2.el4.rfx.i386 from sme7contribs has depsolving problems
–> Missing Dependency: libapr-0.so.0 is needed by package subversion-1.4.6-0.2.el4.rfx.i386 (sme7contribs)
mod_dav_svn-1.4.6-0.2.el4.rfx.i386 from sme7contribs has depsolving problems
–> Missing Dependency: httpd-mmn = 20020903 is needed by package mod_dav_svn-1.4.6-0.2.el4.rfx.i386 (sme7contribs)
subversion-1.4.6-0.2.el4.rfx.i386 from sme7contribs has depsolving problems
–> Missing Dependency: libaprutil-0.so.0 is needed by package subversion-1.4.6-0.2.el4.rfx.i386 (sme7contribs)
Error: Missing Dependency: libaprutil-0.so.0 is needed by package subversion-1.4.6-0.2.el4.rfx.i386 (sme7contribs)
Error: Missing Dependency: libapr-0.so.0 is needed by package subversion-1.4.6-0.2.el4.rfx.i386 (sme7contribs)
Error: Missing Dependency: httpd-mmn = 20020903 is needed by package mod_dav_svn-1.4.6-0.2.el4.rfx.i386 (sme7contribs)
and of course the simple answer is to not quite follow the instructions!
Instead of trying to use specifically the sme7contribs repo, try using a wildcard like *
That command uses all the possible repositories and results in success
[php]
yum install smeserver-subversion –enablerepo=*
[/php]
[php]
Dependencies Resolved
===============================================================================
Package Arch Version Repository Size
===============================================================================
Installing:
smeserver-subversion noarch 1.4-46.el4.sme sme7contribs 74 k
Installing for dependencies:
mod_dav_svn i386 1.6.15-0.1.el5.rfx smecontribs 243 k
neon i386 0.25.5-10.el5_4.1 base 101 k
smeserver-mod_dav noarch 0.1-18.el4.sme sme7contribs 7.6 k
subversion i386 1.6.15-0.1.el5.rfx smecontribs 6.5 M
Transaction Summary
==============================================================================
Install 5 Package(s)
[/php]
As shown the supporting packages are spread over a number of repo’s and using the wildcard allows yum to find them all at the same time.
If you are reading this and you do all the above, I’d be interested to know if you get an issue with Windows network access to the server after the updates. I had the server rebooted etc and then could not browse or connect from my Windows 7 based notebook until after I had re-applied the Workgroup settings from the admin console of sme server. Seemed odd, as if one of the updates processed had impacted the workgroup / samba settings.
I was working through a trial install of oscMax v2.5beta3 and following the security setup instructions.
In doing so I found a number of changes that I wanted to make and the first one that I have completed is the Check Permissions add-on.
You can download Check_permissions_2.5
(Edit: this file was updated 20110312)
The references that you can use are included in the zip file README etc.
Also you may want to look at
The oscMax Security documentation which is what started me on this update
The oscMax link to version 1.3 of Check Permissions if you want to compare the code I added
The oscMax wiki page on Check Permissions that I added with the details regarding both the install of 1.3 or 2.5