

A hacker's journey: from cook to chef (3) - dclara

A small trick<p>As a developer, I&#x27;m hands-on Unix, but not very familiar with the Linux administration work. Yesterday, I was stuck at a major problem to activate the original instance of the Apache web server for the WordPress blog site. I cannot edit the httpd.conf file, although I have stopped all the other instances and made myself have root privilege to write to this file. As usual, I searched online and found people discussing some simple catches, such as caused by mistakes without root privilege, or the hosting site does not allow to edit, etc. I waited for a long time to chat with the hosting tech support and got response that it&#x27;s going beyond the support area with the VPS customized environment.<p>Fortunately after hours of frustration, I worked out the simple answer with the root cause that I was  trapped by myself due to my previous setting. I guess this is something those chef administrators do not want to share. But I&#x27;d like to share the bits and pieces with the detailed knowledge and tricks any startup company may bump into. There is a simple answer for that. How many people have the answer on the top your head now? I&#x27;m curious to see. Please let me know if you want to have the answer, send email to danmark.clara -at - yahoo.com.<p>Here are the links for previous two days:<p>https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=6670362<p>https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=6680208
======
dclara
For the people who are curious: the answer is here.

Since I granted sudoers privilege for a couple of accounts, I wanted to make
sure httpd.conf would not be changed by anybody. If there are multiple users
having the root privilege, it's a best practice to have separate HTTPD
instances rather than make changes directly on top of the original instance.
Otherwise, it's not easy to recover from fail over.

The command to lock: #chattr +i httpd.conf

The command to unlock: #chattr -i httpd.conf

