Changes

Jump to navigation Jump to search

SME Server:Documentation:Developers Manual:Chapter15 (view source)

Revision as of 13:51, 25 April 2008

24 bytes added ,  13:51, 25 April 2008
m
Adjusting header(s)
Line 7: Line 7:  
----
 
----
   −
=Advanced customization principles=
+
==Advanced customization principles==
    
<div class="SECT1">
 
<div class="SECT1">
   −
==Leveraging the provisioning system for users, groups, and i-bays==
+
===Leveraging the provisioning system for users, groups, and i-bays===
    
One of the themes in the SME Server is that concepts such as users, groups, and shared information (information bays) are <span class="emphasis">''simplified''</span> and <span class="emphasis">''reused''</span> in the user interface. SME Server users are email users, filesharing users, web users and users for any other sofware installed on the system.
 
One of the themes in the SME Server is that concepts such as users, groups, and shared information (information bays) are <span class="emphasis">''simplified''</span> and <span class="emphasis">''reused''</span> in the user interface. SME Server users are email users, filesharing users, web users and users for any other sofware installed on the system.
Line 68: Line 68:  
----
 
----
   −
==Programmatically creating users, groups, and i-bays==
+
===Programmatically creating users, groups, and i-bays===
    
You can create users, groups, and i-bays by creating database defaults, or through code. Refer to the useraccounts, groups and ibays panels for examples of how to create these items. You can also create accounts with simple shell scripts.
 
You can create users, groups, and i-bays by creating database defaults, or through code. Refer to the useraccounts, groups and ibays panels for examples of how to create these items. You can also create accounts with simple shell scripts.
Line 129: Line 129:  
----
 
----
   −
==Reserving accounts to avoid conflicts with user, group, or i-bay names==
+
===Reserving accounts to avoid conflicts with user, group, or i-bay names===
    
If your application creates a new directory within your web site e.g. <tt class="FILENAME">http://www.example.com/magicstuff/</tt>, you should make sure the name isn't <span class="emphasis">''also''</span> used for an information bay, since that would create a conflict. Simply reserve the name by creating a <span class="emphasis">''url''</span>account. This can be done by creating a defaults file:
 
If your application creates a new directory within your web site e.g. <tt class="FILENAME">http://www.example.com/magicstuff/</tt>, you should make sure the name isn't <span class="emphasis">''also''</span> used for an information bay, since that would create a conflict. Simply reserve the name by creating a <span class="emphasis">''url''</span>account. This can be done by creating a defaults file:
Line 149: Line 149:  
----
 
----
   −
==Adding new account properties==
+
===Adding new account properties===
    
Just as you can spontaneously introduce new configuration settings you can spontaneously introduce new properties as well.
 
Just as you can spontaneously introduce new configuration settings you can spontaneously introduce new properties as well.
Line 356: Line 356:  
----
 
----
   −
==Data backup==
+
===Data backup===
    
The SME Server supports two methods for data backup. For light-usage sites, end users can use their web browser to select a <span class="emphasis">''backup to desktop''</span> option; this creates a compressed file of the configuration databases and all user data on the server, and uploads it to the user's desktop via their web browser.
 
The SME Server supports two methods for data backup. For light-usage sites, end users can use their web browser to select a <span class="emphasis">''backup to desktop''</span> option; this creates a compressed file of the configuration databases and all user data on the server, and uploads it to the user's desktop via their web browser.
Line 377: Line 377:  
----
 
----
   −
==Using the MySQL database==
+
===Using the MySQL database===
    
The SME Server provides a standard method for performing MySQL database initialization and migration. This is done by creating files in the <tt class="FILENAME">/etc/e-smith/sql/init/</tt> directory. These files are run automatically when MySQL is started, and deleted if they run successfully.
 
The SME Server provides a standard method for performing MySQL database initialization and migration. This is done by creating files in the <tt class="FILENAME">/etc/e-smith/sql/init/</tt> directory. These files are run automatically when MySQL is started, and deleted if they run successfully.
Line 486: Line 486:  
----
 
----
   −
==Sending email messages==
+
===Sending email messages===
    
If your application needs to send an email message, it should use the SMTP protocol and send the message through the local SMTP server (connect to localhost, port 25).
 
If your application needs to send an email message, it should use the SMTP protocol and send the message through the local SMTP server (connect to localhost, port 25).
Line 495: Line 495:  
----
 
----
   −
==Managing the firewall==
+
===Managing the firewall===
    
The SME Server approach provides better security than a typical firewall, because the SME Server is managed automatically. Conventional firewalls have complex user interfaces, and require a system administrator to choose policies (e.g. which services should be permitted, which ports should be forwarded, etc.) The SME Server firewall has no user interface. It automatically generates the best ruleset that is consistent with the server settings, and is automatically regenerated whenever the server settings are changed.
 
The SME Server approach provides better security than a typical firewall, because the SME Server is managed automatically. Conventional firewalls have complex user interfaces, and require a system administrator to choose policies (e.g. which services should be permitted, which ports should be forwarded, etc.) The SME Server firewall has no user interface. It automatically generates the best ruleset that is consistent with the server settings, and is automatically regenerated whenever the server settings are changed.
Line 502: Line 502:  
----
 
----
   −
===Creating firewall pinholes for your application===
+
====Creating firewall pinholes for your application====
    
Let us say that your service needs to provide a public service on TCP/IP port 4321, which is normally blocked by the firewall rules. All that you need to do is define this to the SME Server
 
Let us say that your service needs to provide a public service on TCP/IP port 4321, which is normally blocked by the firewall rules. All that you need to do is define this to the SME Server
Line 541: Line 541:  
----
 
----
   −
===Restricting services to specific external hosts: AllowHosts and DenyHosts===
+
====Restricting services to specific external hosts: AllowHosts and DenyHosts====
    
As well as being set to public and private, it is possible to allow or deny remote machines access to a particular service. Let's make the service <var class="LITERAL">public</var> once more, but limit access to one host and one subnet:
 
As well as being set to public and private, it is possible to allow or deny remote machines access to a particular service. Let's make the service <var class="LITERAL">public</var> once more, but limit access to one host and one subnet:
Line 585: Line 585:  
----
 
----
   −
==Starting up programs automatically upon system boot==
+
===Starting up programs automatically upon system boot===
    
If your package implements a server or daemon, you will probably want it to be started automatically when the system boots.
 
If your package implements a server or daemon, you will probably want it to be started automatically when the system boots.
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/9412"

Navigation menu