|
Used Components:
You will need the following components installed
at the end:
Core Components(tested version in brackets)
OS: Win / Linux (Linux RedHat 8.0 is prefered
in this Installation Guide)
PostgreSQL(7.2.2)
or MySQL or
Oracle (PostgreSQL
is prefered in this Installation Guide)
libdbi
(0.6.5-2)
Apache Webserver
2.x (2.0.45)
Open
Anonymity
Additional Components
Cygwin (for
PostgreSQL under Windows)
phpPgAdmin
(2.4.2) for a convenient access to the PostgreSQL
- DB (you could also use psql)
PHP
(4.3.2RC2) for the phpPgAdmin and the Test
Environment for Open Anonymity
Components for Untrusted Mode (means Captcha
Test)
The Gimp (only
for Captchas)
Gimp
Perl extension (1.211) (only for Captchas)
perl (5.8.0)
(only for Captchas)
Step by Step Installation Instructions:
1. PostgreSQL Installation: PostgreSQL
installation under Linux is very easy, as there
are all RPM's in most of the distributions. Simply
install the RPM's from the CD, if not done so
far. Maybe you will need to install the PostgreSQL
devel or src package, because it's not done in
the standard RedHat Installation. We will need
this package for libdbi later. If you want to
install from sources, check details at PostgreSQL.
Here are some details from my system, i have this
packages installed (checked with: rpm -q --filesbypkg
--all >/var/tmp/mypackages.txt, then grep for
postgres): postgresql, postgresql-server, postgresql-libs
2. libdbi Installation: As with PostgreSQL,
this installation is easy with rpm's. Don't try
to compile it from sources, besides you really
know what you are doing. It costs me half a day.
You will need libdbi-0.6.5-2.i386.rpm, libdbi-dbd-pgsql-0.6.5-2.i386.rpm
(For Mysql it is something similar with libdbi-dbd-mysql...)
and libdbi-devel-0.6.5-2.i386.rpm (replace it
with your prefered version)You will need all three
of them when you want to compile the apache module.
I guess you don't need the devel package when
you use Open Anonymity from .so file. Only for
interest, some important dirs of libdbi are /usr/include/dbi/
, /usr/lib/libdbi.so (and .la,.a), and /usr/lib/dbd/
. Maybe you should check this dirs for a working
installation.
3. Apache Installation: You will need one
of the 2.x versions, support for older versions
(1.3.x) is not available in Open Anonymity. You
have to download
the Sources(2.0.45 for example), and follow
the installation
instruction provided by apache. A good step
by step instruction could also be found at http://www10.brinkster.com/ssruprai/comphp.asp,
you can also use it later for PHP Installation
4. phpPgAdmin: It could be usefull to have
the phpPgAdmin installed, download and install
it from http://phppgadmin.sourceforge.net/.
5. PHP Installation: For the phpPgAdmin
you will need PHP installed. I have decided to
install it from sources, can't remember why. Maybe
there is no possibility at the moment to install
from rpm for apache 2.x. For a good installation
instruction go to http://www10.brinkster.com/ssruprai/comphp.asp.
6. The Gimp Installation: The Gimp is part
of the standard installation with RedHat 8.0,
so i will not describe (or i can't) how to install
it. But the Gimp
Homepage can tell you details. You will also
need the devel Package for gimp, later for the
Perl extensions fo gimp.
7. Perl: Download and install a newer version
of perl if needed. Check perl-Version with perl
-v , you will need Perl5.004 or higher, as recommended
for perl extensions for gimp
8. Perl Extensions for Gimp: Download the
sources(i used Gimp-1.211.tar.gz) from CPAN
and follow the installation instructions.
Setting up the System - Step by Step:
1. Start PostgreSQL: in the shell, make
a "su postgres", then start it with
"/usr/bin/postmaster -i -D/var/lib/pgsql/data/".
Change the path to something appropriate on your
system. The -i command is only needed for TCP/IP
connections. Try to connect with the phpPgAdmin,
if connection fails try to edit the pg_hba.conf
and the config.inc.php in the phpPgAdmin directory,
take a look at point 3 in this Guide.
Necessary parts are:
In pg_hba.conf (This is a very liberal configuration,
watch out for security leaks):
| # TYPE |
DATABASE |
USER |
IP-ADDRESS |
IP-MASK |
METHOD |
| local |
all |
all |
|
|
trust |
| host |
all |
all |
127.0.0.1 |
255.255.255.255 |
trust |
In config.inc.php(be sure the user/pass exist
for postgres, check it with psql, if not sure):
| $cfgServers[1]['local'] = |
false; |
| $cfgServers[1]['host'] = |
'localhost'; |
| $cfgServers[1]['port'] = |
'5432'; |
| $cfgServers[1]['adv_auth'] = |
false; |
| |
|
| $cfgServers[1]['user'] = |
'opan01'; |
| $cfgServers[1]['password'] = |
'opan01'; |
| $cfgServers[1]['only_db'] = |
''; |
2. Start Apache: Type in "apachectl
start"
3. Make a test - connect to Database: Try
to connect to the DB with phpPgAdmin. phpPgAdmin
should be located at the htdocs-dir of apache.
Connect to the URL http://your.host/phpPgAdmin/.
If connection fails, try to edit the pg_hba.conf
file of PostgreSQL.
4. Make DB and Table(s): Make a new DB
with name "openanonymity"(or whatever
you want, you can configure it in httpd.conf later),
recommended with phpPgAdmin. Take the DB
dump and make the table named "anonymizelist".
Edit the data as needed for your system. Insert
new values for directories and anonymize words
with phpPgAdmin, "dir" specifies the
relative path from the htdocs dir (e.g. http://your-host/opan/
would be "/opan/"), anonymize specifies
one word to anonymize in this directory. Make
a new User / Password for Open Anonymity.
5. Compile Open Anonymity Modules: Get
the sources from Open
Anonymity's Sourceforge Page or from Sources(maybe
out of date), for both modules. You should
have one file called "mod_opan_filter.c"
and one called "mod_opan_xml_producer.c".
Check the path to apxs if not available from everywhere
and cd to the Open Anonymity source directory.
type in the following (and stop apache before):
apxs -a -i -l dbi -c mod_opan_xml_producer.c
apxs -a -i -c mod_opan_filter.c
apxs is an apache application that will register
the modules for the usage with Apache Webserver.
It will add some lines to httpd.conf and will
copy the produces .so files into the apache lib-dir.
It will add
LoadModule opan_filter_module libexec/mod_opan_filter.so
LoadModule opan_xml_producer_module libexec/mod_opan_xml_producer.so
in the httpd.conf.
6. Make changes to httpd.conf: You should
add the following Lines at the end of httpd.conf
| <IfModule mod_opan_filter.c> |
| |
OpenAnonymitySearchPatternStart "<anonym>" |
Name of Tagto search in Response |
| |
OpenAnonymitySearchPatternStop "</anonym>" |
Closing Tag |
| |
OpenAnonymityXMLFileName "openanonymity.xml" |
Name of all Files located in the directories
that holds data for both Filters |
| |
OpenAnonymityTrustMethod on |
on ...Check for Cookies, dont trust the
Signature
off ... Trust the signature and only act for
Spiders as defined in OpenAnonymitySpiders.conf |
| |
Include /usr/local/etc/apache2/OpenAnonymitySpiders.conf |
The List with the Signatures of Spiders
(Get an example file) |
| </IfModule> |
|
|
| |
|
|
| <IfModule mod_opan_xml_producer.c> |
| |
SearchPatternStop "</anonym>" |
hmm, residual waste, isnt used, but somewhere
defined |
| |
XmlFileName "openanonymity.xml" |
see above(has to be the same than for Filter
Module) |
| |
DBConnect on |
make a DB connect for every request or not.
If set to off, you can edit the config.list-
Node in openanonymity.xml files manually. |
| |
DBLocalize "localhost" "openanonymity" |
Name of the host where the database is located,
and name of the database |
| |
LibDbiControl "pgsql" "/usr/lib/dbd/" |
Specify which DBMS is used, pgqsl is recommended
and tested, otherwise it would be mysql or
oracle. |
| |
DbAuthorization "opan01" "opan01" |
username and password to use for DB-connection |
| </IfModule> |
|
|
| |
|
|
| AddOutputFilter OPANXMLPRODUCER;OPANFILTER
html pdf php |
You should also add a line into httpd.conf to suppress
the delivery of the openanonymity.xml files. Add
<FilesMatch "\openanonymity.(xml)$">
deny from all
</FilesMatch>
7. Copy default openanonymity.xml files:
Get the openanonymity.xml.def file from Open
Anonymity's Sourceforge Page or from here,
rename it to openanonymity.xml and copy it into
all directories you want to anonymize(and you
have entries in the DB). This step shouldn't be
necessary in the future, for now it is the only
way to get OpenAnonymity working.
8. Start The Gimp: For the Turing Test with Captchas
you will have to run Gimp.If you don't have a
graphical Interface like KDE, you will have to
try Xvfb.
Unfortunately Gimp is a very complex environment
for this few functions, you will need to do a
few things. First, you will have to start Gimp
as the same user than apache runs. In my case
it was www. Check this in the httpd.conf. Make
a new user www (or appropriate), after that type
in "su www", start gimp by typing "gimp".
Then gimp starts, go to MenuItem Xtns, Perl, click
on server. Now the Gimp-Perl-Server should run,
so you can connect to it from the ez-gimpy perl
script.
9. Install Test Environment for Open Anonymity:
This is optional, because all functionality is
described here and you can start with your own
files and DB entries. When youo chose to get the
sources from Open
Anonymity's Sourceforge Page for the TestEnvironment,
you will have to ensure that there are correct
entries in the DB for the used directory structure.
But you can get a working (and changed) ez-gimpy
Perl Script, a Shell
Script for calling this perl script() and
the necessary ez-gimpy files(dictionary,
fonts, image-file).
Or get it as package
here.
You will have to modify the path' in ez-gimpy
Perl Script to something appropriate on your
system
$whitesmall_full_path="/usr/local/ez-gimpy/whitesmall.tif";
# path and name of the image-file
$dictionary_full_path="/usr/local/ez-gimpy/dictionary";
# path and name of the dictionary
$font_file_full_path="/usr/local/ez-gimpy/fonts";
# path and name of the fonts
$output_image_full_path="/usr/local/share/apache2/htdocs/opan/$fname.jpg";
# path and name of the image to create, $fname
is passed by the Shell
Script, leave this untouched.
The Shell
Script is called by php(captcha.php) with
a line like
$rtnval = shell_exec("cd /usr/local/ez-gimpy/;./OpanGimpy
sdf");
change the cd command to a path appropriate to
your system. "sdf" is the name of the
created image file (sdf.jpg).
Also watch out for absolute URL's in the scripts
(make a grep command for http://192.168.0.2).
I also get some problems with ez-gimpy, when the
path to the image to create was to long.
|
|
