Doug gave me another web server problem to troubleshoot, I think he picked this based on what I know about it so far, apparently sharing all of the features of yesterday troubleshoot problem including the website, the same server having a very similar problem, right down to it running Apache. But this time I think he is probably throwing that information at me to cause me to assume Apache is the problem. I was pleased with myself for solving this problem in ten or fifteen minutes last night, came home, wrote about it in this blog and realized as I wrote, hey wait, he gave me a bunch of tips all throughout. So I told him that I was so pleased and then had a realization, so he is helping me less with this one even though he assured me that even in the interviews he conducts where he gives people this same problem, he often gives them little nudges by telling them to try going in another direction and stuff like that.
I went to the website with the IP address he gave me. Once again "Forbidden" in bold letters on the top of the page. I went to Terminal, and SSH-ed into the machine. I thought for literally one second and remembered all of the countless times when I had problems in Linux just to eventually do an update and upgrade and that would solve the problem. So I asked ChatGPT what the command was because I don't remember them off the top of my head, and it gave the commands for update and upgrade but then also gave the command for a full upgrade which upgrades the Kernel too, and I thought, what are the odds that solves the problem! So I did it, and entered:
sudo apt full-upgrade
It finished the upgrade and I rebooted. I am of the understanding that unlike Windows, Linux doesn't need to reboot after updates or in the case of Linux, updates and upgrades. But it was a Kernel upgrade so...
I SSH-ed back in and just to make sure, I checked to make sure Apache was running on port 8 for HTTP instead of NGINX. But Apache is running.
Last login: Wed Nov 6 03:47:28 2024 from 192.168.1.246
admin@skibidi-slicers:~$ sudo netstat -tuln | grep :80
[sudo] password for admin:
sudo: netstat: command not found
admin@skibidi-slicers:~$ sudo ss -tuln | grep :80
tcp LISTEN 0 511 *:80 *:*
admin@skibidi-slicers:~$ sudo lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
apache2 738 root 4u IPv6 21060 0t0 TCP *:http (LISTEN)
apache2 739 www-data 4u IPv6 21060 0t0 TCP *:http (LISTEN)
apache2 740 www-data 4u IPv6 21060 0t0 TCP *:http (LISTEN)
admin@skibidi-slicers:~$ sudo journalctl -f
Nov 06 04:01:40 skibidi-slicers systemd[1]: Starting Download data for packages that failed at package install time...
Nov 06 04:01:40 skibidi-slicers systemd[1]: update-notifier-download.service: Deactivated successfully.
Nov 06 04:01:40 skibidi-slicers systemd[1]: Finished Download data for packages that failed at package install time.
Nov 06 04:01:53 skibidi-slicers dbus-daemon[654]: [system] Activating via systemd: service name='org.freedesktop.timedate1' unit='dbus-org.freedesktop.timedate1.service' requested by ':1.12' (uid=0 pid=675 comm="/usr/lib/snapd/snapd " label="unconfined")
Nov 06 04:01:53 skibidi-slicers systemd[1]: Starting Time & Date Service...
Nov 06 04:01:53 skibidi-slicers dbus-daemon[654]: [system] Successfully activated service 'org.freedesktop.timedate1'
Nov 06 04:01:53 skibidi-slicers systemd[1]: Started Time & Date Service.
Nov 06 04:02:23 skibidi-slicers systemd[1]: systemd-timedated.service: Deactivated successfully.
Nov 06 04:02:28 skibidi-slicers sudo[1347]: admin : TTY=pts/0 ; PWD=/home/admin ; USER=root ; COMMAND=/usr/bin/journalctl -f
Nov 06 04:02:28 skibidi-slicers sudo[1347]: pam_unix(sudo:session): session opened for user root(uid=0) by admin(uid=1002)
So I ran sudo netstat -tuln | grep :80 but netstat isn't installed. I ran sudo ss -tuln | grep :80
● apache2.service - The Apache HTTP ServerLoaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)Active: active (running) since Wed 2024-11-06 03:56:49 UTC; 10min agoDocs: https://httpd.apache.org/docs/2.4/Process: 651 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)Main PID: 738 (apache2)Tasks: 55 (limit: 4563)Memory: 7.7MCPU: 182msCGroup: /system.slice/apache2.service├─738 /usr/sbin/apache2 -k start├─739 /usr/sbin/apache2 -k start└─740 /usr/sbin/apache2 -k startNov 06 03:56:49 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...Nov 06 03:56:49 skibidi-slicers apachectl[688]: AH00558: apache2: Could not reliably determine the server's fully quali>Nov 06 03:56:49 skibidi-slicers systemd[1]: Started The Apache HTTP Server.
# This is the main Apache server configuration file. It contains the# configuration directives that give the server its instructions.# See http://httpd.apache.org/docs/2.4/ for detailed information about# the directives and /usr/share/doc/apache2/README.Debian about Debian specific# hints.### Summary of how the Apache 2 configuration works in Debian:# The Apache 2 web server configuration in Debian is quite different to# upstream's suggested way to configure the web server. This is because Debian's# default Apache2 installation attempts to make adding and removing modules,# virtual hosts, and extra configuration directives as flexible as possible, in# order to make automating the changes and administering the server as easy as# possible.# It is split into several files forming the configuration hierarchy outlined# below, all located in the /etc/apache2/ directory:## /etc/apache2/# |-- apache2.conf# | `-- ports.conf# |-- mods-enabled# | |-- *.load# | `-- *.conf# |-- conf-enabled# | `-- *.conf# `-- sites-enabled# `-- *.conf### * apache2.conf is the main configuration file (this file). It puts the pieces# together by including all remaining configuration files when starting up the# web server.## * ports.conf is always included from the main configuration file. It is# supposed to determine listening ports for incoming connections which can be# customized anytime.## * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/# directories contain particular configuration snippets which manage modules,# global configuration fragments, or virtual host configurations,# respectively.## They are activated by symlinking available configuration files from their# respective *-available/ counterparts. These should be managed by using our# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See# their respective man pages for detailed information.## * The binary is called apache2. Due to the use of environment variables, in# the default configuration, apache2 needs to be started/stopped with# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not# work with the default configuration.# Global configuration### ServerRoot: The top of the directory tree under which the server's# configuration, error, and log files are kept.## NOTE! If you intend to place this on an NFS (or otherwise network)# mounted filesystem then please read the Mutex documentation (available# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);# you will save yourself a lot of trouble.## Do NOT add a slash at the end of the directory path.##ServerRoot "/etc/apache2"## The accept serialization lock file MUST BE STORED ON A LOCAL DISK.##Mutex file:${APACHE_LOCK_DIR} default## The directory where shm and other runtime files will be stored.#DefaultRuntimeDir ${APACHE_RUN_DIR}## PidFile: The file in which the server should record its process# identification number when it starts.# This needs to be set in /etc/apache2/envvars#PidFile ${APACHE_PID_FILE}## Timeout: The number of seconds before receives and sends time out.#Timeout 300## KeepAlive: Whether or not to allow persistent connections (more than# one request per connection). Set to "Off" to deactivate.#KeepAlive On## MaxKeepAliveRequests: The maximum number of requests to allow# during a persistent connection. Set to 0 to allow an unlimited amount.# We recommend you leave this number high, for maximum performance.#MaxKeepAliveRequests 100## KeepAliveTimeout: Number of seconds to wait for the next request from the# same client on the same connection.#KeepAliveTimeout 5# These need to be set in /etc/apache2/envvarsUser ${APACHE_RUN_USER}Group ${APACHE_RUN_GROUP}## HostnameLookups: Log the names of clients or just their IP addresses# e.g., www.apache.org (on) or 204.62.129.132 (off).# The default is off because it'd be overall better for the net if people# had to knowingly turn this feature on, since enabling it means that# each client request will result in AT LEAST one lookup request to the# nameserver.#HostnameLookups Off# ErrorLog: The location of the error log file.# If you do not specify an ErrorLog directive within a <VirtualHost># container, error messages relating to that virtual host will be# logged here. If you *do* define an error logfile for a <VirtualHost># container, that host's errors will be logged there and not here.#ErrorLog ${APACHE_LOG_DIR}/error.log## LogLevel: Control the severity of messages logged to the error_log.# Available values: trace8, ..., trace1, debug, info, notice, warn,# error, crit, alert, emerg.# It is also possible to configure the log level for particular modules, e.g.# "LogLevel info ssl:warn"#LogLevel warn# Include module configuration:IncludeOptional mods-enabled/*.loadIncludeOptional mods-enabled/*.conf# Include list of ports to listen onInclude ports.conf# Sets the default security model of the Apache2 HTTPD server. It does# not allow access to the root filesystem outside of /usr/share and /var/www.# The former is used by web applications packaged in Debian,# the latter may be used for local directories served by the web server. If# your system is serving content from a sub-directory in /srv you must allow# access here, or in any related virtual host.<Directory />Options FollowSymLinksAllowOverride NoneRequire all denied</Directory><Directory /usr/share>AllowOverride NoneRequire all granted</Directory><Directory /var/www/>Options Indexes FollowSymLinksAllowOverride NoneRequire all granted</Directory>#<Directory /srv/># Options Indexes FollowSymLinks# AllowOverride None# Require all granted#</Directory># AccessFileName: The name of the file to look for in each directory# for additional configuration directives. See also the AllowOverride# directive.#AccessFileName .htaccess## The following lines prevent .htaccess and .htpasswd files from being# viewed by Web clients.#<FilesMatch "^\.ht">Require all denied</FilesMatch>## The following directives define some format nicknames for use with# a CustomLog directive.## These deviate from the Common Log Format definitions in that they use %O# (the actual bytes sent including headers) instead of %b (the size of the# requested file), because the latter makes it impossible to detect partial# requests.## Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.# Use mod_remoteip instead.#LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combinedLogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combinedLogFormat "%h %l %u %t \"%r\" %>s %O" commonLogFormat "%{Referer}i -> %U" refererLogFormat "%{User-agent}i" agent# Include of directories ignores editors' and dpkg's backup files,# see README.Debian for details.# Include generic snippets of statementsIncludeOptional conf-enabled/*.conf# Include the virtual host configurations:IncludeOptional sites-enabled/*.conf# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
<VirtualHost *:80># The ServerName directive sets the request scheme, hostname and port that# the server uses to identify itself. This is used when creating# redirection URLs. In the context of virtual hosts, the ServerName# specifies what hostname must appear in the request's Host: header to# match this virtual host. For the default virtual host (this file) this# value is not decisive as it is used as a last resort host regardless.# However, you must set it for any further virtual host explicitly.#ServerName www.example.comServerAdmin webmaster@localhostDocumentRoot /var/www/html# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,# error, crit, alert, emerg.# It is also possible to configure the loglevel for particular# modules, e.g.#LogLevel info ssl:warnErrorLog ${APACHE_LOG_DIR}/error.logCustomLog ${APACHE_LOG_DIR}/access.log combined# For most configuration files from conf-available/, which are# enabled or disabled at a global level, it is possible to# include a line for only one particular virtual host. For example the# following line enables the CGI configuration for this host only# after it has been globally disabled with "a2disconf".#Include conf-available/serve-cgi-bin.conf</VirtualHost># vim: syntax=apache ts=4 sw=4 sts=4 sr noet
CGPT had me enter sudo chown -R www-data:www-data /var/www/html and sudo chmod -R 755 /var/www/html, which returned:
admin@skibidi-slicers:~$ [200~sudo chown -R www-data:www-data /var/www/html
WARNING:root:could not open file '/etc/apt/sources.list'
[200~sudo: command not found
admin@skibidi-slicers:~$ sudo chmod -R 755 /var/www/html
^[[201~admin@skibidi-slicers:~$
The Next Day
Okay so I started out the day by trying to restart apache:
sudo systemctl restart apache2
[sudo] password for admin:
It was running fine. I reloaded the website, the problem wasn't solved. This is when I remembered that the webpage was telling me that it was a permissions problem.
admin@skibidi-slicers:~$ sudo tail -f /var/log/apache2/error.log
I entered this to see a log of whatever problems apache might have had.
The Permission denied error says Apache doesn't have permission to access /var/www/html/index.html. This could be due to either file permissions or ownership issues.[Thu Nov 07 02:30:54.553525 2024] [mpm_event:notice] [pid 3112:tid 139808985114496] AH00489: Apache/2.4.52 (Ubuntu) configured -- resuming normal operations
[Thu Nov 07 02:30:54.553920 2024] [core:notice] [pid 3112:tid 139808985114496] AH00094: Command line: '/usr/sbin/apache2'
[Thu Nov 07 02:31:32.318710 2024] [core:error] [pid 3113:tid 139808903001664] (13)Permission denied: [client 192.168.1.246:8090] AH00132: file permissions deny server access: /var/www/html/index.html
[Thu Nov 07 02:31:33.378457 2024] [core:error] [pid 3113:tid 139808894608960] (13)Permission denied: [client 192.168.1.246:8090] AH00132: file permissions deny server access: /var/www/html/index.html
[Thu Nov 07 02:31:35.044419 2024] [core:error] [pid 3113:tid 139808886216256] (13)Permission denied: [client 192.168.1.246:8090] AH00132: file permissions deny server access: /var/www/html/index.html
^C
I entered CTL C to exit the log so I could enter another command.
Okay so ChatGPT suggested I enter "sudo chown www-data:www-data /var/www/html/index.html", which would have been a bad idea because this command changes the ownership of the file to the apache user. www.data is the name of everyone that could browse the site. So if people knew the vulnerability, they could delete the file or change it to whatever they want. This is really bad. Doug was over my shoulder and explained that if I did that in a job, I would get fired.
I used the file path from the Chown command to reach the file in question.
admin@skibidi-slicers:~$ cd /var
admin@skibidi-slicers:/var$ ls
backups cache crash lib local lock log mail opt run snap spool tmp www
Until this point I didn't realize that www was actually a directory, and thought it was actually referring to a hostname for the website.
admin@skibidi-slicers:/var$ ls -l
ls lists directory contents without doing so recursively, and ls -l or ll, which not all systems will recognize, will give you a long list. And what long list will show is permissions, then ownership, then the size of the file in bytes, then what date it was last edited and at what time, followed finally by the name of the file or folder the listing is for.
total 48
drwxr-xr-x 2 root root 4096 Nov 7 00:00 backups
drwxr-xr-x 16 root root 4096 Nov 5 02:06 cache
drwxrwxrwt 2 root root 4096 Aug 10 2023 crash
drwxr-xr-x 42 root root 4096 Nov 5 02:06 lib
drwxrwsr-x 2 root staff 4096 Apr 18 2022 local
lrwxrwxrwx 1 root root 9 Aug 10 2023 lock -> /run/lock
drwxrwxr-x 11 root syslog 4096 Nov 7 00:00 log
drwxrwsr-x 2 root mail 4096 Aug 10 2023 mail
drwxr-xr-x 2 root root 4096 Aug 10 2023 opt
lrwxrwxrwx 1 root root 4 Aug 10 2023 run -> /run
drwxr-xr-x 7 root root 4096 Oct 25 02:01 snap
drwxr-xr-x 4 root root 4096 Aug 10 2023 spool
drwxrwxrwt 8 root root 4096 Nov 7 02:30 tmp
drwxr-xr-x 3 root root 4096 Nov 5 02:01 www
So Doug had explained the way permissions and ownership works in Linux like six months ago and unless you do this with some frequency its just not a thing that you're going to remember. So permissions are divvied up by saying things in line like "dwrxrwxrwx" and then assigning numbers to this. So D stands for directory or if its a link it'll say L or if it's just a file and there's nothing special about the file then there will be a hyhen there and it'll look like "-rwxrwxrwx". And then R stands for read, W stands for write, and X stands for execute. And you repeat the RWX sequence three times because the first sequence is what permissions the owner has, the second is what permissions the group has, which the owner can be a member of but does not have to be, and then the third sequence is what permissions everyone else has. You definitely want to be careful with all of these but that one as much as the others. You don't want to give everyone permissions to read or write or execute your diary or or a plain text document of all your passwords or something. And then whatever the permissions are for each sequence, they will add up to a certain number of bits. So Read, if the answer is yes or true for the owner, group or everyone else will always be represented by the number 4, write permissions for all of them if yes or true will always be a 2 and execute permissions for all will always be a 1. So if you want to write a three digit number fr what all the permissions are for each sequence, you can simply put 753 for example and that would mean that the owner has all three, read, write and execute permissions or 4, 2 and 1, added up to be 7, and the 5 in 753 would be for the group and if it is a 5 than it can only add up to read and execute permissions. And then the 3 in 753 will always add up to just having write and execute permissions. No matter what combination you have, you have to either add up a 4, a 2 or a 1 and depending on which it is it will signify which permission and so the final number representation will tell you what permissions all three of the permissions were. If there is no permission, it will be signified by a simple hyphen.
In order to see the permissions of the website file, I needed to navigate to it.
admin@skibidi-slicers:/var$ ls
backups cache crash lib local lock log mail opt run snap spool tmp www
admin@skibidi-slicers:/var$ cd www
admin@skibidi-slicers:/var/www$ ls
html
admin@skibidi-slicers:/var/www$ cd html
admin@skibidi-slicers:/var/www/html$ ls
index.html
admin@skibidi-slicers:/var/www/html$ cat index.html
cat: index.html: Permission denied
Fortunately I didn't need to see the contents of the file, I just needed to see the permissions so apache could open it.
admin@skibidi-slicers:/var/www/html$ ls -l
total 4
-rw-r----- 1 root root 188 Nov 5 03:24 index.html
This line above is the only file we needed to know permissions for. So instead of running the chown command which changes the owner of a file, which as i described, could be pretty bad in this particular case (because we can agree that if I have two users on my personal computer and I want to change the permissions of my diary or a picture, using chown to change the owner from one user to another is not a bad thing), I instead asked ChatGPT to show me a command that would simply change the permissions so everyone can read it rather than changing the owner. And it gave me the following, which I entered.
admin@skibidi-slicers:/var/www/html$ sudo chmod a+r /var/www/html/index.html
I checked permissions. Before, it was the following:
-rw-r----- 1 root root 188 Nov 5 03:24 index.html
Now the above command made this change:
-rw-r--r-- 1 root root 188 Nov 5 03:24 index.html
So you see this means the owner and the permissions for the owner and the group were not changed, in the third octal notation for permissions for everyone else simply had the letter r, which also means 4, but that doesn't matter in this case because it was displaying the RWX letters instead of the numbers that represent them.
I checked the website by reloading the page. It displayed the following:
Welcome to our website!
This page means that everything is working as designed.
It's a very rudimentary website built strictly for the purposes of my troubleshooting this problem.
This has been Truncat3d 00000000111100010100110______________end of line
No comments:
Post a Comment