Changes

Jump to navigation Jump to search
5,930 bytes added ,  20:50, 2 April 2021
m
Unnilennium moved page DAV to Mod dav
Line 1: Line 1: −
== mod_dav for SME Server ==
+
{{Languages}}
 +
{{Level|Easy}}
   −
=== Maintainer ===
+
===Maintainer===
 
[mailto:smeserver-contribs@snetram.nl Jonathan Martens]
 
[mailto:smeserver-contribs@snetram.nl Jonathan Martens]
   −
=== Description ===
+
===Version===
This contrib provides mod_dav for SME Server, it has been written to make sure it is installed as it is required by my Subversion contrib.
+
{{#smeversion: smeserver-mod_dav }}
   −
=== Installation ===
+
===Description===
This contrib can be found in the [http://mirror.contribs.org/smeserver/releases/7/smedev/i386/repodata/ SME Dev] repository. To install this contrib get shell access as root user and issue the following command:
+
This contrib provides mod_dav for SME Server, it has been written to make sure it is installed as it is required by my Subversion contrib, but it can be used independently to add DAV to i-bays as well, this way you can, for instance, use it to store your [http://en.wikipedia.org/wiki/ICal iCal] web calendar files, using the [http://www.webdav.org/ WebDAV] protocol.
yum install smeserver-mod_dav --enablerepo=smedev
     −
=== Additional information ===
+
===Installation===
This contrib only loads mod_dav for the httpd daemon and does not provide other configuration templates or a server-manager panel.
+
Install the contrib:
 +
yum install smeserver-mod_dav --enablerepo=smecontribs
    +
===Configuration===
 +
DAV access is disabled for all ibays by default.
 +
 +
DAV enforcement in ibays, will force PHP and CGI to be disabled, even if the property is enable. You can manually set a property to reenable this. When DAV is enabled for an ibat https will be force, whatever is the setting for SSL for that ibay. The use of DAV include the use of httpd-auth and you do not want your password to travael unprotected over the network, even in your own LAN.
 +
Finally starting SME10, DAV will respect the usual setting of an ibay in term of local and remote access (including the ibay dedicated password), except you will have the choice to use the ibay password or the one of an user member of the group owning the ibay. Also, the read/write setting per group will be respected. Remember that those are just login rights, and webserver is running as www. So files must have permissions to also allow the www user to retrieve your file.
 +
 +
====Enable/disable DAV access for an ibay====
 +
To enable DAV access to an ibay use the following commands:
 +
db accounts setprop ibay-name ModDav enabled
 +
signal-event ibay-modify ibay-name
 +
 +
To disable DAV access to an ibay use the following commands:
 +
db accounts setprop ibay-name ModDav disabled
 +
signal-event ibay-modify ibay-name
 +
 +
====ETag http response header (FileETag) settings====
 +
According to [[bugzilla:4482]] there seems to be a problem when using Sunbird calendar sharing in DAV enabled ibays. To fix this you can define the FileETag setting to a value of none using the following command:
 +
db accounts setprop ibay-name ModDav-FileETag none
 +
More information on possible FileETag options can be found in the [http://httpd.apache.org/docs/2.0/mod/core.html#fileetag Apache documentation].
 +
 +
==== Disabled PHP and CGI on WebDAV ibays ====
 +
Starting SME10, by default we disable execution of php and CGI on an ibay where webdav is enabled. This is a security measure. If you are certain and want to have both php or CGI and DAV enabled then you have to do :
 +
db accounts setprop ibay-name ModDavSecureEXEC  disabled
 +
signal-event ibay-modify ibay-name
 +
 +
==== Directory index disabled ====
 +
On SME 10 because of a bug on httpd 2.4, you can not have this directive enabled or most of client will fail connecting. By default we hence have it disabled to allow connection. IF you want to display directory index anyway, then do :
 +
db accounts setprop ibay-name ModDavNoDirectoryIndex  enabled
 +
signal-event ibay-modify ibay-name
 +
 +
==== Allow anonymous access without password ====
 +
Starting SME10, we organized the webdav behaviour most like ftp / samba. It will follow the remote access and group write read permission. For the read by "Everyone" by default it will be  the member of the group shared that will be used, if you rather a read only without password access on the ibay you will have to set this to enabled. PAy attention that if you use a mode where ibay password is asked (either on lan, or remote) then the password directive will override this setting and you will need to use the ibay name and ibay password for the "anonymous" access (i.e. without a real user) .
 +
db accounts setprop ibay-name ModDavAnonymousRead  enabled
 +
signal-event ibay-modify ibay-name
 +
Hide PHP files
 +
 +
When php handler is disabled, you can see the source code of php as anonymous user or anonymous like, this is a security threat. By default we have deny access and listing to php files, if you need to keep that access then do (only available when ModDavSecureEXEC is enabled) :
 +
db accounts setprop ibay-name ModDavHidePHP  disabled
 +
signal-event ibay-modify ibay-name
 +
<br />
 +
 +
===Usage===
 +
 +
====Accessing a DAV enabled ibay====
 +
DAV-enabled Ibays can be accessed in any of several ways. Note that starting SME10, https is mandatory to access to your DAV.
 +
 +
=====through Windows My Network Places=====
 +
 +
#Open "My Network Places"
 +
#Select "Add a network place"
 +
#Choose "Next"
 +
#Choose "Another network location"
 +
#Enter the address to your DAV enabled ibay, for instance <nowiki>http://server/data</nowiki> or <nowiki>https://server/data</nowiki>
 +
 +
=====through Internet Explorer=====
 +
According to [http://forums.contribs.org/index.php?topic=33157.msg142168#msg142168 this post] you can allow Windows/Internet Explorer users to open your DAV-enabled Ibays in Explorer for read-write access directly from your website by using code similar to the lines below.
 +
 +
As a (normal) link:
 +
 +
<a href="&lt;nowiki&gt;http://localhost/data/&lt;/nowiki&gt;">Link to folder</a>
 +
 +
As a webfolder:
 +
 +
<a href="" folder="&lt;nowiki&gt;http://localhost/data/&lt;/nowiki&gt;">Link to data folder</a>
 +
 +
===Known issues===
 +
=====httpd-2.4 bug with mod_dir=====
 +
you have to disable  see https://bz.apache.org/bugzilla/show_bug.cgi?id=54914
 +
We hence have enforced that in the contrib for ibay but you might get the same issue if you use mod DAV for a contrib
 +
 +
===== Fedora complain about lack of compatibility to mount dav =====
 +
If you see this error : "/sbin/mount.davfs: mounting failed; the server does not support WebDAV"
 +
you need to do the following, then it will work
 +
sudo echo "ignore_dav_header 1" >> /etc/davfs2/davfs2.conf
 +
 +
===== character encoding =====
 +
Pay attention to the character encoding used by you operating system, having different OS connecting to the same DAV could create issues with encoding. Also you are responsible to use characters authorized by your different operating system or they will not be able to display the files or folders.
 +
 +
===Bugs===
 +
Please raise bugs under the SME-Contribs section in {{BugzillaFileBug|product=|component=|title=bugzilla}}and select the smeserver-mod_dav component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-mod_dav|title=this link}}.
 +
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-mod_dav|noresultsmessage="No open bugs found."}}
 +
 +
===Changelog===
 +
Only released version in smecontrib are listed here.
 +
 +
{{#smechangelog: smeserver-mod_dav}}
 
----
 
----
   
[[Category: Contrib]]
 
[[Category: Contrib]]
[[Category: DAV]]
+
[[Category: Administration:File and Directory Access]]
Super Admin, Wiki & Docs Team, Bureaucrats, Interface administrators, Administrators
3,254

edits

Navigation menu