To run Mooshak basically you need:

Depending on the packages already installed on your Linux box, you may need to install other packages such as a C compiler, the make tool and Apache must be configured to run CGIs under safeexec protection.

Mooshak is maintained on machines with Mandrakelinux 10.1, using Apache 2.2.* and Tcl 8.5 and Mozilla firefox 8.*. It is (occasionally) tested is other platforms and browsers. Here are some hints on how to install these requirements on a few distros.

Go to top

CentOS 8

Be sure to have tclsh, a C compiler and make installed
sudo yum install tclsh
sudo yum install gcc
sudo yum install make
sudo yum install httpd
Configure userdir to support CGIs. Edit file /etc/httpd/conf.d/userdir.conf and comment (with a trailing "#") the line
  # UserDir disabled
and uncomment (remove trailing "#") the line
   UserDir public_html
You have also to uncomment the configuration of public_html directory and include the following configuration inside <IfModule mod_userdir.c>
    <Directory /home/*/public_html/cgi-bin>
        Options +ExecCGI -Includes -Indexes
        SetHandler cgi-script
	Order allow,deny
	Allow from all
    </Directory>
Restart Apache with these changes
sudo systemctl reload httpd

Go to top

Ubuntu 11.04 Natty

First of all, refresh apt's cache and upgrade it
sudo apt-get update 
sudo apt-get upgrade
Be sure to have a C compiler and make installed
sudo apt-get install gcc
sudo apt-get install make
Install Tcl, Apache with suexec
sudo apt-get install tcl
sudo apt-get install apache2
sudo apt-get install apache2-suexec
Enable the userdir and usexec modules in Apache
cd /etc/apache2/mods-enabled
sudo ln -s ../mods-available/userdir.conf
sudo ln -s ../mods-available/userdir.load
sudo ln -s ../mods-available/suexec.load
Configure userdir to support CGIs. Edit file /etc/apache2/mods-enabled/userdir.conf and include the following configuration inside <IfModule mod_userdir.c>
    <Directory /home/*/public_html/cgi-bin>
        Options +ExecCGI -Includes -Indexes
        SetHandler cgi-script
	Order allow,deny
	Allow from all
    </Directory>
Restart Apache with these changes
sudo apache2ctl graceful

Go to top

Debian 4.0

First of all, you must be root to execute these installations steps
su
Refresh apt's cache and upgrade it
apt-get update 
apt-get upgrade
Be sure to have a C compiler and make installed
apt-get install gcc
apt-get install make
Install Tcl, Apache
apt-get install tcl8.4
apt-get install apache2
Enable the userdir and usexec modules in Apache
cd /etc/apache2/mods-enabled
ln -s ../mods-available/userdir.conf
ln -s ../mods-available/userdir.load
ln -s ../mods-available/suexec.load
Configure userdir to support CGIs. Edit file /etc/apache2/mods-enabled/userdir.conf and include the following configuration inside <IfModule mod_userdir.c>
    <Directory /home/*/public_html/cgi-bin>
        Options +ExecCGI -Includes -Indexes
        SetHandler cgi-script
	Order allow,deny
	Allow from all
    </Directory>
Restart Apache with these changes
apache2ctl graceful

Go to top

Ubuntu 8.10

First of all, refresh apt's cache and upgrade it
sudo aptitude update 
sudo aptitude upgrade
Be sure to have a C compiler and make installed
sudo aptitude install gcc
sudo aptitude install make
Install Tcl, Apache with suexec
sudo aptitude install tcl
sudo aptitude install apache2
sudo aptitude install apache2-suexec
Enable the userdir and usexec modules in Apache
cd /etc/apache2/mods-enabled
sudo ln -s ../mods-available/userdir.conf
sudo ln -s ../mods-available/userdir.load
sudo ln -s ../mods-available/suexec.load
Configure userdir to support CGIs. Edit file /etc/apache2/mods-enabled/userdir.conf and include the following configuration inside <IfModule mod_userdir.c>
    <Directory /home/*/public_html/cgi-bin>
        Options +ExecCGI -Includes -Indexes
        SetHandler cgi-script
	Order allow,deny
	Allow from all
    </Directory>
Restart Apache with these changes
sudo apache2ctl graceful

Go to top

Debian 4.0

First of all, you must be root to execute these installations steps
su
Refresh apt's cache and upgrade it
aptitude update 
aptitude upgrade
Be sure to have a C compiler and make installed
aptitude install gcc
aptitude install make
Install Tcl, Apache
aptitude install tcl8.4
aptitude install apache2
Enable the userdir and usexec modules in Apache
cd /etc/apache2/mods-enabled
ln -s ../mods-available/userdir.conf
ln -s ../mods-available/userdir.load
ln -s ../mods-available/suexec.load
Configure userdir to support CGIs. Edit file /etc/apache2/mods-enabled/userdir.conf and include the following configuration inside <IfModule mod_userdir.c>
    <Directory /home/*/public_html/cgi-bin>
        Options +ExecCGI -Includes -Indexes
        SetHandler cgi-script
	Order allow,deny
	Allow from all
    </Directory>
Restart Apache with these changes
apache2ctl graceful

Hint: Install also fail2ban to block brut-force ssh and http(s) atacks to the Mooshak.

Go to top

Fedora 10

First of all, you must be root to execute these installations steps
su
Be sure to have a C compiler, Make and Tcl installed
yum install gcc
yum install make
yum install tcl
Edit file /etc/httpd/conf/httpd.conf and comment (with a trailing "#") the line
  # UserDir disabled
and uncomment (remove trailing "#") the line
   UserDir public_html
You have also to uncomment the configuration of public_html directory
    <Directory /home/*/public_html>
        AllowOverride FileInfo AuthConfig Limit
        Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
        <Limit GET POST OPTIONS>
            Order allow,deny
            Allow from all
        </Limit>
        <LimitExcept GET POST OPTIONS>
            Order deny,allow
            Deny from all
        </LimitExcept>
    </Directory>
And to insert a configuration for cgi-bin directories
    <Directory /home/*/public_html/cgi-bin>
        Options +ExecCGI -Includes -Indexes
        SetHandler cgi-script
	Order allow,deny
	Allow from all
    </Directory>
Restart Apache with these changes
apache2ctl graceful
You may need to disable SELinux or configure a security policy to run Mooshak (recommended). To simply disable SELinux execute
system-config-selinux
Using the GUI, activate the default tab (Status) and set
  • System default enforcing mode: Disabled
  • Current enforcing mode: Permissive

Go to top