Forum
hiawatha not logging
Peter carrell
11 May 2012, 14:48
Hiawatha version: 7.8.2
Operating System: freebsd 9.0 (i386)
Hi Hugo
I have Hiawatha working normal in serving http requests and php pages.
But I have these 3 questions for you (first one is a problem we have to solve):
1.
Hiawatha does not log anything. Log files are always empty. Even system.log ..
I do not know if this is normal or if i have made some mistake in files/dir permissions.
I have these log files for the default website:
And these log files for another 2 virtual hosts:
I have checked and all files and directories exist.
Moreover, I set on all log files/directories (also on hiawatha dir in /var/log/):
As Permission, 777 - As Owners, user=65534 group=65534
I restarted the webserver many times, during my tests.
I do not know what else to do, and still they remain empty.
I am sure there is something i am doing wrong, but what ?
2.
Could you please tell me:
A) when and what Hiawatha normally write on SystemLogfile ?
B) when and what Hiawatha normally write on GarbageLogfile ?
C) when and what Hiawatha normally write on ExploitLogfile ?
D) when and what Hiawatha normally write on AccessLogfile ?
E) when and what Hiawatha normally write on ErrorLogfile ?
F) do they will work even if LogfileMask and AccessList are not set in hiawatha.conf?
I think it would be better if you can add some info on this
in the manual pages or in some other section of this site,
because it is not covered at all.. it would help a lot of people
3.
What is 65534 ? It is a user ? It is a group ? It takes part of group "wheel" ?
when I install Hiawatha it installs himself with this userid but i can't find this
userid on my system. Also when running Hiawatha uses that userid.
I think it exist, otherwise Hiawatha will not work at all..
So please explain to me.. And btw, why just 65534 ??
Please help!
And Thank you very much for you reply..
Best Regards, Peter
Operating System: freebsd 9.0 (i386)
Hi Hugo
I have Hiawatha working normal in serving http requests and php pages.
But I have these 3 questions for you (first one is a problem we have to solve):
1.
Hiawatha does not log anything. Log files are always empty. Even system.log ..
I do not know if this is normal or if i have made some mistake in files/dir permissions.
I have these log files for the default website:
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
ExploitLogfile = /var/log/hiawatha/exploit.log
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log
And these log files for another 2 virtual hosts:
AccessLogfile = /var/log/hiawatha/dir1/access.log
ErrorLogfile = /var/log/hiawatha/dir1/error.log
AccessLogfile = /var/log/hiawatha/dir2/access.log
ErrorLogfile = /var/log/hiawatha/dir2/error.log
I have checked and all files and directories exist.
Moreover, I set on all log files/directories (also on hiawatha dir in /var/log/):
As Permission, 777 - As Owners, user=65534 group=65534
I restarted the webserver many times, during my tests.
I do not know what else to do, and still they remain empty.
I am sure there is something i am doing wrong, but what ?
2.
Could you please tell me:
A) when and what Hiawatha normally write on SystemLogfile ?
B) when and what Hiawatha normally write on GarbageLogfile ?
C) when and what Hiawatha normally write on ExploitLogfile ?
D) when and what Hiawatha normally write on AccessLogfile ?
E) when and what Hiawatha normally write on ErrorLogfile ?
F) do they will work even if LogfileMask and AccessList are not set in hiawatha.conf?
I think it would be better if you can add some info on this
in the manual pages or in some other section of this site,
because it is not covered at all.. it would help a lot of people
3.
What is 65534 ? It is a user ? It is a group ? It takes part of group "wheel" ?
when I install Hiawatha it installs himself with this userid but i can't find this
userid on my system. Also when running Hiawatha uses that userid.
I think it exist, otherwise Hiawatha will not work at all..
So please explain to me.. And btw, why just 65534 ??
Please help!
And Thank you very much for you reply..
Best Regards, Peter
Peter carrell
11 May 2012, 14:57
Also, this is my hiawatha.conf:
# GENERAL SETTINGS
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
ExploitLogfile = /var/log/hiawatha/exploit.log
BanOnDeniedBody = 86400
BanOnFlooding = 20/1:86400
BanOnGarbage = 86400
#BanOnInvalidURL = 1
BanOnMaxPerIP = 86400
BanOnMaxReqSize = 86400
BanOnSQLi = 2592000
BanOnTimeout = 86400
BanOnWrongPassword = 5:86400
CacheSize = 50
CacheMaxFilesize = 1024
CacheMinFilesize = 1
CGIextension = cgi
CGIhandler = /usr/local/bin/php-cgi:php
#CGIhandler = /usr/bin/perl:pl
#CGIhandler = /usr/bin/python:py
#CGIhandler = /usr/bin/ruby:rb
#CGIhandler = /usr/bin/ssi-cgi:shtml
ServerString = none
#ServerId = 65534:65534
#ServerRoot = /home/user/www/
ConnectionsPerIP = 10
ConnectionsTotal = 50
KickOnBan = yes
KillTimedoutCGI = yes
#LogfileMask =
LogFormat = extended
#MaxUrlLength = 500
MimetypeConfig = mimetype.conf
RebanDuringBan = yes
#ReconnectDelay = 0
#Throttle = audio/mpeg:30
WaitForCGI = yes
# SSL settings
#AllowedCiphers = RC4-SHA:RC4-MD5:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA
# BINDING SETTINGS
Binding {
Port = 80
EnableAlter = yes
EnableTRACE = no
MaxKeepAlive = 50
MaxUploadSize = 10
MaxRequestSize = 10240
TimeForRequest = 5,30
}
Hugo Leisink
11 May 2012, 15:05
1: it's probably because Hiawatha is not allowed to write to the earlier created logfiles. Make sure the ownership of those files is correct. Those files should be owned by the user that is used by the Hiawatha webserver.
2: SystemLogfile: general messages from the webserver
GarbageLogfile: recieved misformed requests that were rejected
ExploitLogfile: information about requests that contained possible exploits
AccessLogfile: log of headers from recieved requests
ErrorLogfile: errors that were generated during request handling
3: 65534 is the default user id that Hiawatha runs under. Change this to _www for FreeBSD. If you change this setting, also change to ownership of the logfiles.
2: SystemLogfile: general messages from the webserver
GarbageLogfile: recieved misformed requests that were rejected
ExploitLogfile: information about requests that contained possible exploits
AccessLogfile: log of headers from recieved requests
ErrorLogfile: errors that were generated during request handling
3: 65534 is the default user id that Hiawatha runs under. Change this to _www for FreeBSD. If you change this setting, also change to ownership of the logfiles.
Peter carrell
11 May 2012, 17:01
OK, thank you for your answer.
I understand about point 2 and 3. About point 1, I also think that is a permission problem.
Now:
Hiawatha is running as user 65534, as the normal installation.
I have all log files/directories of /var/log/hiawatha (and hiawatha dir itself) owned by user 65534 and group 65534.
Also all files and folders have 777 permission.
So why Hiawatha can't read and write logs ? Maybe the group I chose is wrong ?
edit: i do not have _www user on my system..
Thanks
I understand about point 2 and 3. About point 1, I also think that is a permission problem.
Now:
Hiawatha is running as user 65534, as the normal installation.
I have all log files/directories of /var/log/hiawatha (and hiawatha dir itself) owned by user 65534 and group 65534.
Also all files and folders have 777 permission.
So why Hiawatha can't read and write logs ? Maybe the group I chose is wrong ?
edit: i do not have _www user on my system..
Thanks
Peter carrell
11 May 2012, 17:12
Hugo, I have find something weird.
It is possible that Hiawatha has a bug inside ?
I mean, the version of Hiawatha I have has been ported in FreeBSD ports.
And now I was looking at the "top" command results and I found that the Hiawatha process
has as username the word " 65534". I mean there is a space before 65534 in the username!! -.-
maybe this can be the explanation of why since I have 777 permission and 65534 as owner set
on log files, i can't make Hiawatha write to these..... Or it is normal that blank space before the userid ?
This is my top screenshot:
PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND
1714 ******************* 16 48 0 122M 4996K sigwai 0:04 0.00% mysqld
1731 root 1 52 0 21040K 0K pause 0:02 0.00% <freshclam>
2501 65534 2 20 0 15000K 2872K nanslp 0:01 0.00% hiawatha
1209 root 1 20 0 12868K 1088K select 0:00 0.00% proftpd
2618 ******************* 1 20 0 15788K 3788K select 0:00 0.00% sshd
996 root 1 20 0 9612K 368K select 0:00 0.00% syslogd
2615 root 1 20 0 15788K 3504K sbwait 0:00 0.00% sshd
1765 root 1 20 0 9644K 464K nanslp 0:00 0.00% cron
1228 ******************* 1 52 0 9924K 0K wait 0:00 0.00% <sh>
2622 root 1 20 0 10948K 2168K pause 0:00 0.00% csh
2621 ******************* 1 20 0 10124K 1376K wait 0:00 0.00% su
2643 root 1 20 0 9944K 1536K RUN 0:00 0.00% top
1754 root 1 20 0 13064K 2372K select 0:00 0.00% sshd
2619 ******************* 1 20 0 9924K 1440K wait 0:00 0.00% sh
1864 root 1 52 0 9612K 676K ttyin 0:00 0.00% getty
1727 root 2 52 0 124M 48124K select 0:00 0.00% clamd
766 root 1 20 0 12128K 232K select 0:00 0.00% devd
174 root 1 52 0 9532K 0K pause 0:00 0.00% <adjkerntz>
It is possible that Hiawatha has a bug inside ?
I mean, the version of Hiawatha I have has been ported in FreeBSD ports.
And now I was looking at the "top" command results and I found that the Hiawatha process
has as username the word " 65534". I mean there is a space before 65534 in the username!! -.-
maybe this can be the explanation of why since I have 777 permission and 65534 as owner set
on log files, i can't make Hiawatha write to these..... Or it is normal that blank space before the userid ?
This is my top screenshot:
PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND
1714 ******************* 16 48 0 122M 4996K sigwai 0:04 0.00% mysqld
1731 root 1 52 0 21040K 0K pause 0:02 0.00% <freshclam>
2501 65534 2 20 0 15000K 2872K nanslp 0:01 0.00% hiawatha
1209 root 1 20 0 12868K 1088K select 0:00 0.00% proftpd
2618 ******************* 1 20 0 15788K 3788K select 0:00 0.00% sshd
996 root 1 20 0 9612K 368K select 0:00 0.00% syslogd
2615 root 1 20 0 15788K 3504K sbwait 0:00 0.00% sshd
1765 root 1 20 0 9644K 464K nanslp 0:00 0.00% cron
1228 ******************* 1 52 0 9924K 0K wait 0:00 0.00% <sh>
2622 root 1 20 0 10948K 2168K pause 0:00 0.00% csh
2621 ******************* 1 20 0 10124K 1376K wait 0:00 0.00% su
2643 root 1 20 0 9944K 1536K RUN 0:00 0.00% top
1754 root 1 20 0 13064K 2372K select 0:00 0.00% sshd
2619 ******************* 1 20 0 9924K 1440K wait 0:00 0.00% sh
1864 root 1 52 0 9612K 676K ttyin 0:00 0.00% getty
1727 root 2 52 0 124M 48124K select 0:00 0.00% clamd
766 root 1 20 0 12128K 232K select 0:00 0.00% devd
174 root 1 52 0 9532K 0K pause 0:00 0.00% <adjkerntz>
Peter carrell
11 May 2012, 17:16
well in what I wrote it is not clear that there is a space but there is..
I can not add a screenshot in .jpg right now... so, what you suggest ?
I can not add a screenshot in .jpg right now... so, what you suggest ?
Peter Carrell
11 May 2012, 17:31
Hugo i have checked again,
i have removed all files from /var/log/hiawatha.
Then i restarted Hiawatha and it creates log files again with userid 65534 and groupid 65534.
Is that correct ? Now I tried to access some php page from http and nothing is logged on those files.
How it is possible that Hiawatha can create new files but can not write over that ? even on system.log......
So, what I can do ??
i have removed all files from /var/log/hiawatha.
Then i restarted Hiawatha and it creates log files again with userid 65534 and groupid 65534.
Is that correct ? Now I tried to access some php page from http and nothing is logged on those files.
How it is possible that Hiawatha can create new files but can not write over that ? even on system.log......
So, what I can do ??
René
11 May 2012, 18:15
You can create an unpriviliged user:
and than give the unprivileged user 'www-data' write and read permissions with:
pw useradd www-data -s /bin/nologin
and than give the unprivileged user 'www-data' write and read permissions with:
chown -R www-data:www-data /var/log/hiawatha
Peter Carrell
12 May 2012, 13:41
ok i will try this, Thank you René...
But i also need to set this www-data/www-data userid/groupid in hiawatha.conf
or it is already built in Hiawatha default behaviours ?
thank you so much!
But i also need to set this www-data/www-data userid/groupid in hiawatha.conf
or it is already built in Hiawatha default behaviours ?
thank you so much!
René
12 May 2012, 16:59
Yes, you enable...
It's the logical outcome of what you did earlier.
#ServerId = www-data
It's the logical outcome of what you did earlier.
Peter Carrella
14 May 2012, 23:24
Hi, I did this:
I then accessed my websites and tried to generate some errors, however log files stay at 0 bytes,
even system.log which not show the start/stop datetime of the server (the last restard i did for example).
This is the permission scheme:
Any further ideas ? Thank you so much for your help!!
Regards, Peter.
1. pw useradd www-data -s /bin/nologin
2. chown -R www-data:www-data /var/log/hiawatha
3. enabled: "ServerId = www-data" in hiawatha.conf
4. Restarted Hiawatha
I then accessed my websites and tried to generate some errors, however log files stay at 0 bytes,
even system.log which not show the start/stop datetime of the server (the last restard i did for example).
This is the permission scheme:
-rw-r----- 1 www-data www-data 0B May 11 17:32 access.log
-rw-r----- 1 www-data www-data 0B May 11 17:32 error.log
-rw-r----- 1 www-data www-data 0B May 11 17:32 exploit.log
-rw-r----- 1 www-data www-data 0B May 11 17:32 garbage.log
drwxrwxrwx 2 www-data www-data 4B May 11 17:32 dir1
-rw-r----- 1 www-data www-data 0B May 11 17:32 system.log
drwxrwxrwx 2 www-data www-data 4B May 11 17:32 dir2
Any further ideas ? Thank you so much for your help!!
Regards, Peter.
René
15 May 2012, 01:09
I think Hugo explained it all. Ideas? Yes, just install Hiawatha in a jail. This way you can test what you want... and be careful with 'world' readable permissions. In my experience Hiawatha runs out of the box with some minor configuration adjustments.
Cheers
Cheers
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
