Many sites wish to move their content and virtual host structure from an existing WebTen (or WebStar) site to an iTools Mac OS X Server configuration. Contained here is the distilled experience of several successful conversions. Hopefully these experiences will be useful to those traveling the same path in the future.
In general the process of moving to an iTools Mac OS X Server configuration is straightforward and generally a matter of making the old structure available within the correct directories on a new system. However, due to the differences between Mac OS 8/9 and Mac OS X the process is not as simple as it first may appear. Some of the considerations are important in that WebTen has modified traditional UNIX handling (e.g. character case and end of line handling) to be more useful in a Macintosh environment and those modifications are not present in Mac OS X.
This document assumes an operational WebTen installation and a new iTools installation. For details on WebTen or iTools, refer to the respective User Guides.
Some sites may opt to run their existing Web content (WebSites) folders from a Mac OS 8/9 native HFS mounted volume under MacOS X Server. Alternatively, they may choose to copy their existing HFS web content to a Mac OS X Server native UFS file system. These are some issues to be aware of:
If HTML 'TEXT' files are to be edited under UNIX command line editors under Mac OS X Server, they too should be converted to 'BINA'.
For proper operation under iTools/FTP, content should have owner/group 'www/ftpguest' and should be group writable, for example:
chown www.ftpguest *.html chmod 664 *.html
For Perl scripts or other CGI:
chmod 755 *.pl
This will allow ftpguest group members (iTools users) to upload content changes via FTP.
Using FTP to move files into the iTools web content tree is also effective in working around (2) and (3). The WU-FTP server under iTools will force the correct ownership and mode when copied to folders under the /Local/Library/WebServer root directory.
User FTP home paths that were set up under WebTen (in content folders relative to WebSites) should already exist under iTools, i.e.create the virtual host using the iTools Admin Server with a Document Root folder corresponding (relative to WebSites) to the user's home folder to be be imported.
The Apache user and group database should be 'exported' using the Admin Server under WebTen, corrected for line breaks, and moved to the 'tenon' folder under Mac OS X Server. However, before 'importing' the group database, change the group name "WebTenAdmin" to "iToolsAdmin" by hand editing the export file.
Apple CGI's and W*API plug-ins from MacOS will not operate under iTools/Mac OS X Server Server. Their functionality must be replaced by other CGI's, Apache modules, etc. A number of vendors that have built new plugin versions for Mac OS X Server. Contact your plugin vendor for more information.
WebTen shell, perl or other script-based CGIs should be directly transportable to iTools installations where they should be stored in the /Local/Library/WebServer/CGI-Executables directory.
Native code (compiled "C" code under MachTen) CGI's must be recompiled under MacMac OS X Server.
URL's that make use of the Macintosh "direct argument" nomenclature must be converted to the more universal "query string" style. Following is an example of a WebCatalog URL under WebTen and iTools:
Under WebTen:
http://www.fac.org/Search.tmpl$Search?db=catalog.txt&eqskudata=123
Under iTools:
http://www.fac.org/Search.tmpl?Command=Search&db=catalog.txt&eqskudata=123
Absolute paths hardcoded in CGI's must be converted using the following guide:
/usr/local/etc/httpd -> /Local/Library/WebServer /usr/local/etc/httpd/cgi-bin -> /Local/Library/WebServer/CGI-Executables
File accesses by Mac OS X Server to a Mac HFS volume are case insensitive. Apache access controls that require authentication challenges ("Realm based access control") must account for URL accesses to HFS content using upper or lower case. This is done by using regular expressions in the <Directory> or <Files> directives in the apache.conf file:
<Directory~"/MacHD/WebSites/www.fac.org/[Ff][Aa][Cc]-[Aa][Dd][Mm][Ii][Nn]"> AuthName "FACAdmin" require group FAC-Admin </Directory>
This directive will challenge accesses to the URI's containing:
http://www.fac.org/FAC-ADMIN
OR
http://www.fac.org/fac-admin
or any combination of upper/lower casing in the word "Fac-Admin".
The Admin Server may be used to create a template <Directory> or <Files> container with the realm protection. Then hand edit the apache.conf file to turn the directive into a regular expression (note the addition of the '~" character after 'Directory' to denote the following string as a regex).
If realm protection is to be placed on any web content residing outside of the "/Local/Library/WebServer/WebSites" tree under iTools, the following <Directory> </Directory> container must be added to the apache.conf file (changing "/full/path/to/webcontent" to the actual full file path:
<Directory "/full/path/to/webcontent"> AllowOverride None # Setup Basic Authorization database AuthType Basic # User/Password databases AuthDBMUserFile /Local/Library/WebServer/tenon/etc/users # Realm/User database AuthDBMGroupFile /Local/Library/WebServer/tenon/etc/groups AuthDBMFormatNCSA On AuthDBMAuthoritative On </Directory>
Always flush the squid cache after hand editing realm protected directives in apache.conf.
Host based access controls placed on HFS based web content need to be similarly protected for the casing security hole; but in addition, case insensitive access controls must be placed in the tenon/etc/squid.conf file. For example, to support WebCatalog, iTools restricts access to all URL's containing ".db" (except in the query string):
In apache.conf:
<Location ~ "/.*\.db($|.*\?)"> deny from all </Location>
In squid.conf:
acl all_db urlpath_regex/.*\.db($|.*\?) http_access deny all_db all
Wholescale movement of virtual hosts configured in WebTen's tenon/apache/conf/httpd.conf file may be clipped and moved to the iTools Configuration/apache.conf file; however the Document root paths must be corrected and other minor changes must be made. An example of the same <VirtualHost> container under WebTen and iTools:
Under WebTen:
<VirtualHost 209.17.253.75:81> ServerName www.fac.org DocumentRoot /usr/local/etc/httpd/WebSites/www.fac.org Options Indexes FollowSymLinks IncludesNoExec </VirtualHost>
Under iTools:
<VirtualHost 209.17.253.75:81> ServerName www.fac.org DocumentRoot /Local/Library/WebServer/WebSites/www.fac.org <Directory /Local/Library/WebServer/WebSites/www.fac.org> Options Indexes FollowSymLinks IncludesNoExec </Directory> NameVirtualHost 209.17.253.75 </VirtualHost>
Note the 'NameVirtualHost' directive with an IP address that matches the address in the <VirtualHost> directive.
In addition, for each IP based virtual host, the following lines must be added to the tenon/libexec/iTools.sh file (the IP address must correspond to the address in the <VirtualHost> container.:
/sbin/ifconfig en0 alias 209.17.253.75 /sbin/route add 209.17.253.75 localhost
All '.db' files and the 'named.conf' file may be moved directly from the tenon/etc/named folder under WebTen to the /etc/named folder under iTools, following the line termination guidelines described in sub-section(1) of HfS or UFS Content.
WebTen WEBmail database files should not require modification and may be moved directly between the tenon/WebMail folder to /Local/Library/WebServer/web_mailunder iTools.
Page last updated 12/27/1999
http://www.tenon.com/support/itools/papers/itools-transition.html