/[smecontribs]/rpms/smeserver-phpvirtualbox/contribs8/smeserver-phpvirtualbox-unix-group.patch
ViewVC logotype

Contents of /rpms/smeserver-phpvirtualbox/contribs8/smeserver-phpvirtualbox-unix-group.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Mon Dec 30 07:39:44 2013 UTC (10 years, 10 months ago) by unnilennium
Branch: MAIN
CVS Tags: smeserver-phpvirtualbox-4_3_0-10_el5_sme, smeserver-phpvirtualbox-4_3_0-9_el5_sme, smeserver-phpvirtualbox-4_3_0-9, HEAD
Initial import

1 diff -Nur smeserver-phpvirtualbox-4.3.0-old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth smeserver-phpvirtualbox-4.3.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
2 --- smeserver-phpvirtualbox-4.3.0-old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth 1970-01-01 01:00:00.000000000 +0100
3 +++ smeserver-phpvirtualbox-4.3.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth 2013-10-23 21:31:24.000000000 +0200
4 @@ -0,0 +1,5 @@
5 +{
6 + $OUT .= " AddExternalGroup ugroup /usr/lib/httpd/modules/unixgroup\n";
7 + $OUT .= " SetExternalGroupMethod ugroup environment\n";
8 +}
9 +
10 diff -Nur smeserver-phpvirtualbox-4.3.0-old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/92phpvirtualhost smeserver-phpvirtualbox-4.3.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/92phpvirtualhost
11 --- smeserver-phpvirtualbox-4.3.0-old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/92phpvirtualhost 2013-10-23 21:23:18.000000000 +0200
12 +++ smeserver-phpvirtualbox-4.3.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/92phpvirtualhost 2013-10-23 21:36:05.000000000 +0200
13 @@ -4,51 +4,9 @@
14 unless $status eq 'enabled';
15
16 $OUT = "";
17 - my $allow = 'all';
18 - my $pass = '0';
19 - my $satisfy = 'all';
20 - my $name = $phpvirtualbox{'Name'} || 'phpvirtualbox';
21 + my $satisfy = 'all';
22 + my $name = $phpvirtualbox{'Name'} || 'phpvirtualbox';
23
24 - for ('exit-if-none')
25 - {
26 - if ($phpvirtualbox{'PublicAccess'})
27 - {
28 - if ($phpvirtualbox{'PublicAccess'} eq 'none')
29 - {
30 - next;
31 - }
32 - elsif ($phpvirtualbox{'PublicAccess'} eq 'local')
33 - {
34 - $allow = $localAccess;
35 - $pass = 0;
36 - $satisfy = 'all';
37 - }
38 - elsif ($phpvirtualbox{'PublicAccess'} eq 'local-pw')
39 - {
40 - $allow = $localAccess;
41 - $pass = 1;
42 - $satisfy = 'all';
43 - }
44 - elsif ($phpvirtualbox{'PublicAccess'} eq 'global')
45 - {
46 - $allow = 'all';
47 - $pass = 0;
48 - $satisfy = 'all';
49 - }
50 - elsif ($phpvirtualbox{'PublicAccess'} eq 'global-pw')
51 - {
52 - $allow = 'all';
53 - $pass = 1;
54 - $satisfy = 'all';
55 - }
56 - elsif ($phpvirtualbox{'PublicAccess'} eq 'global-pw-remote')
57 - {
58 - $allow = $localAccess;
59 - $pass = 1;
60 - $satisfy = 'any';
61 - }
62 - }
63 -
64 $OUT .= "#------------------------------------------------------------\n";
65 $OUT .= "# phpvirtualbox - $name\n";
66 $OUT .= "#------------------------------------------------------------\n";
67 @@ -57,27 +15,30 @@
68 if ((exists $phpvirtualbox{'URL'}) && ($phpvirtualbox{'URL'} ne ''))
69 { $OUT .= "Alias /$phpvirtualbox{'URL'} /opt/phpvirtualbox\n"; }
70 }
71 -
72 + {
73 $OUT .= "Alias /phpvirtualbox /opt/phpvirtualbox\n";
74
75 $OUT .= "\n";
76 $OUT .= "<Directory /opt/phpvirtualbox>\n";
77 + $OUT .= " SSLRequireSSL\n";
78 $OUT .= " order deny,allow\n";
79 $OUT .= " deny from all\n";
80 - $OUT .= " allow from $allow\n";
81 + $OUT .= " allow from $localAccess\n";
82 $OUT .= " php_admin_value upload_tmp_dir /tmp\n";
83
84 - if ($pass)
85 - {
86 $OUT .= " AuthName \"$name\"\n";
87 $OUT .= " AuthType Basic\n";
88 $OUT .= " AuthExternal pwauth\n";
89 - $OUT .= " require valid-user\n";
90 + $OUT .= " GroupExternal ugroup\n";
91 + $OUT .= " AuthzUserAuthoritative off\n";
92 + $OUT .= " require user $phpvirtualbox{'User'}\n";
93 + $OUT .= " require group $phpvirtualbox{'Group'}\n";
94 $OUT .= " Satisfy $satisfy\n";
95 - }
96 +
97 $OUT .= " AddType application/x-httpd-php .php\n";
98 $OUT .= " php_admin_value open_basedir /opt/phpvirtualbox\n";
99 $OUT .= " php_admin_value eaccelerator.enable 1\n";
100 $OUT .= "</Directory>\n";
101 }
102 }
103 +
104 diff -Nur smeserver-phpvirtualbox-4.3.0-old/root/usr/lib/httpd/modules/unixgroup smeserver-phpvirtualbox-4.3.0/root/usr/lib/httpd/modules/unixgroup
105 --- smeserver-phpvirtualbox-4.3.0-old/root/usr/lib/httpd/modules/unixgroup 1970-01-01 01:00:00.000000000 +0100
106 +++ smeserver-phpvirtualbox-4.3.0/root/usr/lib/httpd/modules/unixgroup 2013-10-23 21:33:29.000000000 +0200
107 @@ -0,0 +1,69 @@
108 +#!/usr/bin/perl
109 +#
110 +# This is a group authenticator for use with mod_auth_external using the
111 +# "environment" argument passing method. If you are using mod_authnz_external,
112 +# then a much better choice is to use mod_authz_unixgroup for group checking.
113 +# It checks if the Unix user ID passed in the USER environment variable is in
114 +# any of Unix groups (names or numbers) listed in the GROUP environment
115 +# variable. It returns
116 +# 0 - if the user is in one of the groups
117 +# 1 - if the user is not in any of the groups
118 +# 2 - if the user does not exist.
119 +#
120 +# This isn't a very efficient way to do group checking. I hope to find time
121 +# to do something better someday.
122 +#
123 +# Typical Usage:
124 +# In httpd.conf declare an pwauth authenticator and a unixgroup authenticator:
125 +#
126 +# AddExternalAuth pwauth /path/to/pwauth
127 +# SetExternalAuthMethod pwauth pipe
128 +# AddExternalGroup unixgroup /path/to/unixgroup
129 +# SetExternalGroupMethod unixgroup environment
130 +#
131 +# In .htaccess file do something like
132 +#
133 +# AuthType Basic
134 +# AuthName SystemName
135 +# AuthExternal pwauth
136 +# GroupExternal unixgroup
137 +# require group customers admins staff
138 +#
139 +# Here "SystemName" is a string that will be included in the pop-up login
140 +# box, all Unix groupnames which are to be allowed to login are listed on the
141 +# "require group" command. If you are using this with mod_authnz_external,
142 +# you'll need to add the directive "AuthBasicProvider external", but if you are
143 +# using mod_authnz_external, you should be using mod_authz_unixgroup instead
144 +# of this.
145 +
146 +# Get primary GID number for the user
147 +$user= $ENV{USER};
148 +$gid= (getpwnam($user))[3];
149 +exit 2 if !defined $gid; # user does not exist - Reject
150 +
151 +# Loop through groups
152 +foreach $group (split ' ', $ENV{GROUP})
153 +{
154 + if ($group =~ /^\d+$/)
155 + {
156 + # Group given as GID number
157 + exit 0 if ($group == $gid);
158 + # Get list of members
159 + $members= (getgrgid($group))[3];
160 + }
161 + else
162 + {
163 + # Group given by name
164 + ($gname, $x, $ggid, $members)= getgrnam($group);
165 + next if !$gname; # skip non-existant group
166 + exit 0 if ($ggid == $gid);
167 + }
168 +
169 + # Check if user is in member list
170 + foreach $mem (split ' ',$members)
171 + {
172 + exit 0 if ($user eq $mem);
173 + }
174 +}
175 +
176 +exit 1;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed