1 |
vip-ire |
1.1 |
diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares |
2 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-02-18 01:05:59.000000000 +0100 |
3 |
|
|
+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-02-18 01:18:49.000000000 +0100 |
4 |
|
|
@@ -6,29 +6,27 @@ |
5 |
|
|
use esmith::AccountsDB; |
6 |
|
|
my $adb = esmith::AccountsDB->open_ro(); |
7 |
|
|
$OUT = ""; |
8 |
|
|
- foreach my $share ($adb->get_all_by_prop(type => 'share')) |
9 |
|
|
- { |
10 |
|
|
- my %properties = $share->props; |
11 |
|
|
- my $key = $share->key; |
12 |
|
|
+ foreach my $share ($adb->get_all_by_prop(type => 'share')) { |
13 |
|
|
+ my %properties = $share->props; |
14 |
|
|
+ my $key = $share->key; |
15 |
|
|
|
16 |
|
|
my $allow; |
17 |
|
|
- my $pass; |
18 |
|
|
- my $satisfy; |
19 |
|
|
- my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0; |
20 |
|
|
- |
21 |
|
|
- # Find which users have read or write access |
22 |
|
|
- my @writers = ('admin'); |
23 |
|
|
- my @readers = (); |
24 |
|
|
- if ($properties{'WriteGroups'}) { |
25 |
|
|
- my @groups = split (/[;,]/, $properties{'WriteGroups'}); |
26 |
|
|
+ my $pass; |
27 |
|
|
+ my $satisfy; |
28 |
|
|
+ my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0; |
29 |
|
|
+ |
30 |
|
|
+ # Find which users have read or write access |
31 |
|
|
+ my @writers = ('admin'); |
32 |
|
|
+ my @readers = (); |
33 |
|
|
+ if ($properties{'WriteGroups'}) { |
34 |
|
|
+ my @groups = split (/[;,]/, $properties{'WriteGroups'}); |
35 |
|
|
|
36 |
|
|
foreach my $group (@groups) { |
37 |
|
|
my $members = $adb->get_prop($group, 'Members') || ""; |
38 |
|
|
- if (length($members) > 0) { |
39 |
|
|
- push @writers, split (/[;,]/, $members); |
40 |
|
|
- } |
41 |
|
|
+ if (length($members) > 0) { |
42 |
|
|
+ push @writers, split (/[;,]/, $members); |
43 |
|
|
+ } |
44 |
|
|
} |
45 |
|
|
- |
46 |
|
|
} |
47 |
|
|
if ($properties{'WriteUsers'}) { |
48 |
|
|
my @users = split (/[;,]/, $properties{'WriteUsers'}); |
49 |
|
|
@@ -39,11 +37,10 @@ |
50 |
|
|
|
51 |
|
|
foreach my $group (@groups) { |
52 |
|
|
my $members = $adb->get_prop($group, 'Members') || ""; |
53 |
|
|
- if (length($members) > 0) { |
54 |
|
|
- push @readers, split (/[;,]/, $members); |
55 |
|
|
- } |
56 |
|
|
+ if (length($members) > 0) { |
57 |
|
|
+ push @readers, split (/[;,]/, $members); |
58 |
|
|
+ } |
59 |
|
|
} |
60 |
|
|
- |
61 |
|
|
} |
62 |
|
|
if ($properties{'ReadUsers'}) { |
63 |
|
|
my @users = split (/[;,]/, $properties{'ReadUsers'}); |
64 |
|
|
@@ -63,80 +60,77 @@ |
65 |
|
|
my $readers = join(" ", @readers) || ''; |
66 |
|
|
my $writers = join(" ", @writers) || ''; |
67 |
|
|
|
68 |
|
|
- if ($properties{'httpAccess'}) |
69 |
|
|
- { |
70 |
|
|
- if ($properties{'httpAccess'} eq 'local') |
71 |
|
|
- { |
72 |
|
|
- $allow = "$localAccess $externalSSLAccess"; |
73 |
|
|
- $pass = 0; |
74 |
|
|
- $satisfy = 'all'; |
75 |
|
|
- $webdav = 0; |
76 |
|
|
- } |
77 |
|
|
- elsif ($properties{'httpAccess'} eq 'local-pw') |
78 |
|
|
- { |
79 |
|
|
- $allow = "$localAccess $externalSSLAccess"; |
80 |
|
|
- $pass = 1; |
81 |
|
|
- $satisfy = 'all'; |
82 |
|
|
- } |
83 |
|
|
- elsif ($properties{'httpAccess'} eq 'global') |
84 |
|
|
- { |
85 |
|
|
- $allow = 'all'; |
86 |
|
|
- $pass = 0; |
87 |
|
|
- $satisfy = 'all'; |
88 |
|
|
- $webdav = 0; |
89 |
|
|
- } |
90 |
|
|
- elsif ($properties{'httpAccess'} eq 'global-pw') |
91 |
|
|
- { |
92 |
|
|
- $allow = 'all'; |
93 |
|
|
- $pass = 1; |
94 |
|
|
- $satisfy = 'all'; |
95 |
|
|
- } |
96 |
|
|
- elsif ($properties{'httpAccess'} eq 'global-pw-remote') |
97 |
|
|
- { |
98 |
|
|
- $allow = "$localAccess $externalSSLAccess"; |
99 |
|
|
- $pass = 1; |
100 |
|
|
- $satisfy = 'any'; |
101 |
|
|
- $webdav = 0; |
102 |
|
|
- } |
103 |
|
|
- else{ |
104 |
|
|
- next; |
105 |
|
|
- } |
106 |
|
|
- } |
107 |
|
|
- |
108 |
|
|
- my $allowOverride = $properties{'AllowOverride'} || "None"; |
109 |
|
|
- my $followSymLinks = $properties{'FollowSymLinks'} || "disabled"; |
110 |
|
|
- my $indexes = $properties{'Indexes'} || "enabled"; |
111 |
|
|
- my $requireSSL = $properties{'RequireSSL'} || "enabled"; |
112 |
|
|
+ if ($properties{'httpAccess'}) { |
113 |
|
|
+ if ($properties{'httpAccess'} eq 'local') { |
114 |
|
|
+ $allow = "$localAccess $externalSSLAccess"; |
115 |
|
|
+ $pass = 0; |
116 |
|
|
+ $satisfy = 'all'; |
117 |
|
|
+ $webdav = 0; |
118 |
|
|
+ } |
119 |
|
|
+ elsif ($properties{'httpAccess'} eq 'local-pw') { |
120 |
|
|
+ $allow = "$localAccess $externalSSLAccess"; |
121 |
|
|
+ $pass = 1; |
122 |
|
|
+ $satisfy = 'all'; |
123 |
|
|
+ } |
124 |
|
|
+ elsif ($properties{'httpAccess'} eq 'global') { |
125 |
|
|
+ $allow = 'all'; |
126 |
|
|
+ $pass = 0; |
127 |
|
|
+ $satisfy = 'all'; |
128 |
|
|
+ $webdav = 0; |
129 |
|
|
+ } |
130 |
|
|
+ elsif ($properties{'httpAccess'} eq 'global-pw') { |
131 |
|
|
+ $allow = 'all'; |
132 |
|
|
+ $pass = 1; |
133 |
|
|
+ $satisfy = 'all'; |
134 |
|
|
+ } |
135 |
|
|
+ elsif ($properties{'httpAccess'} eq 'global-pw-remote') { |
136 |
|
|
+ $allow = "$localAccess $externalSSLAccess"; |
137 |
|
|
+ $pass = 1; |
138 |
|
|
+ $satisfy = 'any'; |
139 |
|
|
+ $webdav = 0; |
140 |
|
|
+ } |
141 |
|
|
+ else { |
142 |
|
|
+ next; |
143 |
|
|
+ } |
144 |
|
|
+ } |
145 |
|
|
+ |
146 |
|
|
+ my $allowOverride = $properties{'AllowOverride'} || "None"; |
147 |
|
|
+ my $followSymLinks = $properties{'FollowSymLinks'} || "disabled"; |
148 |
|
|
+ my $indexes = $properties{'Indexes'} || "enabled"; |
149 |
|
|
+ my $requireSSL = $properties{'RequireSSL'} || "enabled"; |
150 |
|
|
my $dynamicContent = $properties{'DynamicContent'} || "disabled"; |
151 |
|
|
|
152 |
|
|
- $OUT .= "\n"; |
153 |
|
|
- $OUT .= "#------------------------------------------------------------\n"; |
154 |
|
|
- $OUT .= "# $key shared folder ($properties{'Name'})\n"; |
155 |
|
|
- $OUT .= "#------------------------------------------------------------\n"; |
156 |
|
|
- |
157 |
|
|
- $OUT .= "\n"; |
158 |
|
|
- $OUT .= "<Directory /home/e-smith/files/shares/$key/files>\n"; |
159 |
|
|
- $OUT .= " Options None\n"; |
160 |
|
|
- $OUT .= " Options +Indexes\n" if ($indexes eq 'enabled'); |
161 |
|
|
- $OUT .= " Options +FollowSymLinks\n" if (($followSymLinks eq 'enabled') || ($allowOverride =~ /^all$/i)); |
162 |
|
|
- $OUT .= " SSLRequireSSL on\n" if ($requireSSL eq 'enabled'); |
163 |
|
|
+ $OUT .= "\n"; |
164 |
|
|
+ $OUT .= "#------------------------------------------------------------\n"; |
165 |
|
|
+ $OUT .= "# $key shared folder ($properties{'Name'})\n"; |
166 |
|
|
+ $OUT .= "#------------------------------------------------------------\n"; |
167 |
|
|
+ |
168 |
|
|
+ $OUT .= "\n"; |
169 |
|
|
+ $OUT .= "<Directory /home/e-smith/files/shares/$key/files>\n"; |
170 |
|
|
+ $OUT .= " Options None\n"; |
171 |
|
|
+ $OUT .= " Options +Indexes\n" if ($indexes eq 'enabled'); |
172 |
|
|
+ $OUT .= " Options +FollowSymLinks\n" |
173 |
|
|
+ if (($followSymLinks eq 'enabled') || ($allowOverride =~ /^all$/i)); |
174 |
|
|
+ $OUT .= " SSLRequireSSL on\n" if ($requireSSL eq 'enabled'); |
175 |
|
|
|
176 |
|
|
- if ($dynamicContent eq 'enabled') |
177 |
|
|
- { |
178 |
|
|
+ if ($dynamicContent eq 'enabled') { |
179 |
|
|
$OUT .= " Options +Includes\n"; |
180 |
|
|
- $OUT .= " AddType application/x-httpd-php .php .php3 .phtml\n"; |
181 |
|
|
+ $OUT .= " AddType application/x-httpd-php .php .php3 .phtml\n"; |
182 |
|
|
$OUT .= " AddType application/x-httpd-php-source .phps\n"; |
183 |
|
|
|
184 |
|
|
- my $basedir = $properties{PHPBaseDir} |
185 |
|
|
- || ("/home/e-smith/files/shares/$key/"); |
186 |
|
|
- $OUT .= " php_admin_value open_basedir $basedir\n"; |
187 |
|
|
- $OUT .= " php_admin_flag register_globals on\n" if (($properties{PHPRegisterGlobals} || 'disabled') eq 'enabled'); |
188 |
|
|
- $OUT .= " php_admin_flag allow_url_fopen on\n" if (($properties{PHPAllowUrlFopen} || 'disabled') eq 'enabled'); |
189 |
|
|
- $OUT .= " php_admin_value memory_limit $properties{PHPMemoryLimit}\n" if ($properties{PHPMemoryLimit}); |
190 |
|
|
- $OUT .= " php_admin_value max_execution_time $properties{PHPMaxExecutionTime}\n" if ($properties{PHPMaxExecutionTime}); |
191 |
|
|
- } |
192 |
|
|
- else |
193 |
|
|
- { |
194 |
|
|
+ my $basedir = $properties{PHPBaseDir} |
195 |
|
|
+ || ("/home/e-smith/files/shares/$key/"); |
196 |
|
|
+ $OUT .= " php_admin_value open_basedir $basedir\n"; |
197 |
|
|
+ $OUT .= " php_admin_flag register_globals on\n" |
198 |
|
|
+ if (($properties{PHPRegisterGlobals} || 'disabled') eq 'enabled'); |
199 |
|
|
+ $OUT .= " php_admin_flag allow_url_fopen on\n" |
200 |
|
|
+ if (($properties{PHPAllowUrlFopen} || 'disabled') eq 'enabled'); |
201 |
|
|
+ $OUT .= " php_admin_value memory_limit $properties{PHPMemoryLimit}\n" |
202 |
|
|
+ if ($properties{PHPMemoryLimit}); |
203 |
|
|
+ $OUT .= " php_admin_value max_execution_time $properties{PHPMaxExecutionTime}\n" |
204 |
|
|
+ if ($properties{PHPMaxExecutionTime}); |
205 |
|
|
+ } |
206 |
|
|
+ else { |
207 |
|
|
$OUT .= " DirectoryIndex index.shtml index.htm index.html\n"; |
208 |
|
|
$OUT .= " Options +IncludesNOEXEC\n"; |
209 |
|
|
$OUT .= " <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n"; |
210 |
|
|
@@ -145,22 +139,20 @@ |
211 |
|
|
$OUT .= " </FilesMatch>\n"; |
212 |
|
|
} |
213 |
|
|
|
214 |
|
|
- $OUT .= " AllowOverride $allowOverride\n"; |
215 |
|
|
- $OUT .= " order deny,allow\n"; |
216 |
|
|
- $OUT .= " deny from all\n"; |
217 |
|
|
- $OUT .= " allow from $allow\n"; |
218 |
|
|
- if ($pass) |
219 |
|
|
- { |
220 |
|
|
- $OUT .= " AuthName \"$properties{'Name'}\"\n"; |
221 |
|
|
- $OUT .= " AuthType Basic\n"; |
222 |
|
|
- $OUT .= " AuthExternal pwauth\n"; |
223 |
|
|
- $OUT .= " require user $readers\n" unless ($webdav); |
224 |
|
|
- $OUT .= " Satisfy $satisfy\n"; |
225 |
|
|
- } |
226 |
|
|
- # WebDav is enabled only when auth is required |
227 |
|
|
- if ($webdav) |
228 |
|
|
- { |
229 |
|
|
- $OUT .=<<"HERE"; |
230 |
|
|
+ $OUT .= " AllowOverride $allowOverride\n"; |
231 |
|
|
+ $OUT .= " order deny,allow\n"; |
232 |
|
|
+ $OUT .= " deny from all\n"; |
233 |
|
|
+ $OUT .= " allow from $allow\n"; |
234 |
|
|
+ if ($pass) { |
235 |
|
|
+ $OUT .= " AuthName \"$properties{'Name'}\"\n"; |
236 |
|
|
+ $OUT .= " AuthType Basic\n"; |
237 |
|
|
+ $OUT .= " AuthExternal pwauth\n"; |
238 |
|
|
+ $OUT .= " require user $readers\n" unless ($webdav); |
239 |
|
|
+ $OUT .= " Satisfy $satisfy\n"; |
240 |
|
|
+ } |
241 |
|
|
+ # WebDav is enabled only when auth is required |
242 |
|
|
+ if ($webdav) { |
243 |
|
|
+ $OUT .=<<"HERE"; |
244 |
|
|
|
245 |
|
|
Dav on |
246 |
|
|
<Limit GET PROPFIND OPTIONS LOCK UNLOCK> |
247 |
|
|
@@ -171,19 +163,19 @@ |
248 |
|
|
</LimitExcept> |
249 |
|
|
|
250 |
|
|
HERE |
251 |
|
|
- } |
252 |
|
|
- $OUT .= "</Directory>\n"; |
253 |
|
|
+ } |
254 |
|
|
+ $OUT .= "</Directory>\n"; |
255 |
|
|
if ($dynamicContent eq 'enabled'){ |
256 |
|
|
- $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n"; |
257 |
|
|
+ $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n"; |
258 |
|
|
$OUT .= " SetHandler cgi-script\n"; |
259 |
|
|
$OUT .= " Options ExecCGI\n"; |
260 |
|
|
$OUT .= "</DirectoryMatch>\n"; |
261 |
|
|
} |
262 |
|
|
- else{ |
263 |
|
|
- $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n"; |
264 |
|
|
+ else { |
265 |
|
|
+ $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n"; |
266 |
|
|
$OUT .= " order deny,allow\n"; |
267 |
|
|
$OUT .= " Deny from all\n"; |
268 |
|
|
$OUT .= "</DirectoryMatch>\n"; |
269 |
|
|
- } |
270 |
|
|
+ } |
271 |
|
|
} |
272 |
|
|
} |