5,576
edits
Changes
From SME Server
Jump to navigationJump to search→Upload_tmp_dir
}
}
}
}
====Apache Authentication====
In the example above, all sme users can authenticate to the web folder /opt/foo, for an application with no matter in security, it is normal but in certain case it could be dangerous.
* All users of SME Server
The original template in /etc/e-smith/templates/etc/httpd/conf/httpd.conf/92foo
{
$OUT .= " AuthName \"$name\"\n";
$OUT .= " AuthType Basic\n";
$OUT .= " AuthExternal pwauth\n";
$OUT .= " require valid-user\n";
$OUT .= " Satisfy $satisfy\n";
}
* one user or several users
Now you need to modify the 92foo template with this new lines
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/92foo
{
$OUT .= " AuthName \"$name\"\n";
$OUT .= " AuthType Basic\n";
$OUT .= " AuthExternal pwauth\n";
$OUT .= " require user admin pierre paul\n";
$OUT .= " Satisfy $satisfy\n";
}
*one group or several groups with some specific users
You have to download a plugin of pwauth to authenticate unix group in SME Server 8 : http://code.google.com/p/pwauth/
wget http://pwauth.googlecode.com/files/pwauth-2.3.10.tar.gz
tar xvzf pwauth-2.3.10.tar.gz
cp pwauth-2.3.10/unixgroup /usr/lib/httpd/modules/
chown root:www /usr/lib/httpd/modules/unixgroup
chmod 750 /usr/lib/httpd/modules/unixgroup
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
{
$OUT .= " AddExternalGroup ugroup /usr/lib/httpd/modules/unixgroup\n";
$OUT .= " SetExternalGroupMethod ugroup environment\n";
}
Now you need to modify the 92foo template with this new lines
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/92foo
{
$OUT .= " AuthName \"$name\"\n";
$OUT .= " AuthType Basic\n";
$OUT .= " AuthExternal pwauth\n";
$OUT .= " GroupExternal ugroup\n";
$OUT .= " AuthzUserAuthoritative off\n";
$OUT .= " require user admin pierre paul\n";
$OUT .= " require group virt \n";
$OUT .= " Satisfy $satisfy\n";
}
====Upload_tmp_dir====
====Upload_tmp_dir====
