[gollem] New User...
Jacques Beaudoin
jacques-beaudoin at cspi.qc.ca
Sun Apr 15 18:27:05 UTC 2007
Hi Anant,
> How do we enable sharing, Is it using Permissions on Backends?
Yes
(I think Gollem knows nothing about file sharing on backends)
> I want to clarify few more things. Currently, I am using file as
> backend. All files are written with ownership as apache:apache. Is
> this the reason, every user has permission to read/delete/edit etc.
Yes
> If I use SQL backend, whether this issue is addressed automatically?
Automatically... i don't think so
I don't use SQL backend to store file,
i use proftpd to store files on unix... and maby thats what you whant...
For me, all files are store as 5500:5500 users on unix
(It could be apache:apache)
Bare with me this is what I do.... it's home made......
..... and maby you can adapt this for you
I have on terabyte of ftp space.
My imap server is dbmail and dbmail is mysql base.
I run proftpd compile with mysql and clamav.
One thing about proftpd it that it can be many virtual ftp server.
Users don't and can't share there personnals unix directory
pointed by the "PERSONNELS ftp server"
because they are chroot by proftpd
Users have full read/write acces to there "group" unix directory
pointed by "ECOLES/SERVICES ftp server"
and are chroot to that group directory
Users have read only acces to the "School Board" unix directory
pointed by "CSPI ftp server"
and are chroot to that directory
Users have read only acces to the "tutorials" directory in my
"TUTORIELS ftp server"
and are chroot to that directory
My users have full acces to the "in transit" files in my
"EN TRANSIT ftp server"
and are chroot to that directory
etc.. etc... for ftp servers
I have virus scaning because proftpd is compile to use clamav.
I have mysql authentication to my dbmail imap server because
proftp is compile to use mysql.
I could have quota for each users if I compile proftpd
to use mysql quotas..... but after thinkink....
i only have "ONE QUOTA",
I don't whant "ALL MY USERS" to use "ALL MY TERABYTE"
If and when my ftp space gets to 75% i will write a script
to send automatic email-notice via cron
to the "BIG FTP USERS" to "CLEAN UP OR ELSE"
THIS IS MY PROFTPD.CONF FILE
============================
ServerType standalone
MaxInstances 30
UseReverseDNS off
IdentLookups off
<Global>
DefaultRoot ~
Umask 022
User nobody
Group nogroup
ServerIdent off
DeferWelcome on
AllowStoreRestart on
AllowOverwrite on
SQLAuthTypes Plaintext Crypt
SQLAuthenticate users*
SQLConnectInfo dbmail at localhost xxxx xxxxx
SQLHomedirOnDemand on
SQLMinID 500
RootLogin off
RequireValidShell off
</Global>
#
# FTP: PERSONNELS
# This ftp server is use to store users personnal files
#
<VirtualHost 10.220.12.121>
DefaultServer on
ServerName "10.220.12.121"
ServerAdmin jacques-beaudoin at cspi.qc.ca
Port 21
ClamAV on
ClamLocalSocket /var/run/clamav/clamd
MaxStoreFileSize 50 Mb
SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
concat('5500'), CONCAT('/proftpd/',userid), concat('/sbin/nologin')
FROM dbmail_users WHERE userid = '%U'"
SQLUserInfo custom:/info1
</VirtualHost>
#
# FTP: ECOLES/SERVICE
# This ftp server is use to store users group files
#
<VirtualHost 10.220.12.122>
ServerName "10.220.12.122"
ServerAdmin jacques-beaudoin at cspi.qc.ca
Port 21
ClamAV on
ClamLocalSocket /var/run/clamav/clamd
MaxStoreFileSize 50 Mb
SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
concat('5500'), CONCAT('/proftpd/',ftpdir), concat('/sbin/nologin')
FROM dbmail_users WHERE userid = '%U' AND ftpdir != '%U'"
SQLUserInfo custom:/info1
</VirtualHost>
#
# FTP: CSPI
# This ftp server is use to store School Board read only files
#
<VirtualHost 10.220.12.123>
ServerName "10.220.12.123"
ServerAdmin jacques-beaudoin at cspi.qc.ca
Port 21
ClamAV on
ClamLocalSocket /var/run/clamav/clamd
MaxStoreFileSize 50 Mb
SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
concat('5500'), CONCAT('/proftpd/repertoire-la-cspi'),
concat('/sbin/nologin') FROM dbmail_users WHERE userid = '%U'"
SQLUserInfo custom:/info1
<Limit WRITE>
AllowUser jacques-beaudoin
AllowUser micheline-robert
# AllowGroup ftpgroup
DenyAll
</Limit>
</VirtualHost>
#
# FTP: TUTORIELS
# This ftp server is use to store School Board tutotials read only files
#
<VirtualHost 10.220.12.124>
ServerName "10.220.12.124"
ServerAdmin jacques-beaudoin at cspi.qc.ca
Port 21
ClamAV on
ClamLocalSocket /var/run/clamav/clamd
MaxStoreFileSize 50 Mb
SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
concat('5500'), CONCAT('/proftpd/repertoire-tutoriels'),
concat('/sbin/nologin') FROM dbmail_users WHERE userid = '%U'"
SQLUserInfo custom:/info1
<Limit WRITE>
AllowUser jacques-beaudoin
AllowUser france-brochu
AllowUser francois-rivest
# AllowGroup ftpgroup
DenyAll
</Limit>
</VirtualHost>
#
# FTP: EN TRANSIT
# This ftp server is use to store School Board in transit files
# This ftp is to let horde users echange "NON CONFIDENTIAL" files
# Files in this ftp server are automaticaly deleted via a cron job
# after 30 minutes
#
<VirtualHost 10.220.12.125>
ServerName "10.220.12.125"
ServerAdmin jacques-beaudoin at cspi.qc.ca
Port 21
ClamAV on
ClamLocalSocket /var/run/clamav/clamd
MaxStoreFileSize 200 Mb
SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
concat('5500'), CONCAT('/proftpd/repertoire-en-transit'),
concat('/sbin/nologin') FROM dbmail_users WHERE userid = '%U'"
SQLUserInfo custom:/info1
</VirtualHost>
THIS IS MY GOLLEM,PHP FILE
==========================
<?php
/**
* $Horde: gollem/config/backends.php.dist,v 1.41.2.6 2006/02/22
06:48:37 slusarz Exp $
*
* This file is where you specify what backends people using your
* installation of Gollem can log in to. There are a number of properties
* that you can set for each backend:
*
* name: This is the plaintext name that you want displayed if you are using
* the drop down server list.
*
* driver: The VFS (Virtual File System) driver to use to connect.
* Valid options:
* 'file' -- Work with a local file system.
* 'ftp' -- Connect to a FTP server.
* 'sql' -- Connect to VFS filesystem stored in SQL database.
*
* preferred: This is only useful if you want to use the same backend.php
* file for different machines: if the hostname of the Gollem
* machine is identical to one of those in the preferred list,
* then the corresponding option in the select box will include
* SELECTED, i.e. it is selected by default. Otherwise the
* first entry in the list is selected.
*
* hordeauth: If this parameter is present and true, then Gollem will attempt
* to use the user's existing credentials (the username/password
* they used to log in to Horde) to log in to this source. If this
* parameter is 'full', the username will be used unmodified;
* otherwise, everything after and including the first @ in the
* username will be stripped before attempting authentication.
*
* params: A parameters array containing any additional information that the
* VFS driver needs.
*
* loginparams: A list of parameters that can be changed by the user on the
* login screen. The key is the parameter name that can be
* changed, the value is the text that will be displayed next to
* the entry box on the login screen.
*
* root: The directory that will be the "top" or "root" directory, being the
* topmost directory where users can change to. This is in addition to
* a vfsroot parameter set in the params array.
*
* home: The directory that will be used as home directory for the user.
* This parameter will overrule a home parameter in the params array.
* If empty, this will default to the active working directory
* immediately after logging into the VFS backend (i.e. for ftp,
* this will most likely be ~user, for SQL based VFS backends,
* this will probably be the root directory).
*
* createhome: If this parameter is set to true, and the home directory does
* not exist, attempt to create the home directory on login.
*
* permissions: The default permissions to set for newly created folders
* and files. This parameter will only take affect if the VFS
* backend supports file permissions. If empty, the permissions
* will be set by default by the VFS backend.
*
* filter: If set, all files that match the regex will be hidden in the
* folder view. The regex must be in pcre syntax (See
* http://www.php.net/pcre).
*
* quota: If set, turn on VFS quota checking for the backend if it supports
* it. The entry must be in the following format:
* size [metric]
* metric = B (bytes), KB (kilobytes), MB (megabytes), GB (gigabytes)
* If no metric is given, bytes are assumed.
* Examples: "2 MB", "2048 B", "1.5 GB"
* If false or not set, quota support is disabled.
*
* ** For quotas to work, you must be using a version of Horde **
* ** that contains VFS quota support. **
*
* clipboard: If set, allows the user to cut/copy/paste files. Since not all
* VFS backends have support for the necessary commands, and there
* is no way to auto-detect which backends do have support, this
* option must be manually set. True enables clipboard support,
* false (the default) disables support. In the examples below,
* clipboard has been enabled in all VFS backends that have
* cut/copy/paste support since the initial release of Horde 3.0.
* For all other backends, you will have to manually check and
* see if your current VFS version/backend supports the necessary
* commands.
*
* attributes: The list of attributes that the driver supports. Available
* attributes:
* 'download'
* 'group'
* 'modified'
* 'name'
* 'owner'
* 'permission'
* 'size'
* 'type'
*/
$backends['PERSONNELS'] = array(
'name' => 'PERSONNELS', # CSPI
'driver' => 'ftp',
'preferred' => '',
'hordeauth' => true, # CSPI
'params' => array(
'hostspec' => '10.220.12.121', # CSPI The hostname/IP Address
of the FTP server
'port' => 21, # The port number of the FTP server
'pasv' => false, # Use passive mode?
'timeout' => 90, # Set timeout (in seconds)
for the FTP server.
// If true and the POSIX extension is available the driver will map
// the user and group IDs returned from the FTP server with the local
// IDs from the local password file. This is useful only if the FTP
// server is running on localhost or if the local user/group
// IDs are identical to the remote FTP server.
// 'maplocalids' => true
),
'loginparams' => array(
// Allow the user to change the FTP server
// 'hostspec' => 'Hostname',
// Allow the user to change the FTP port
// 'port' => 'Port'
),
// 'root' => '',
// 'home' => '',
// 'createhome' => false,
'permissions' => '', # 750 CSPI
// 'filter' => '^regex$',
'quota' => false,
'clipboard' => false, # CSPI
// 'attributes' => array('type', 'name', 'download', 'modified',
'size', 'permission', 'owner', 'group')
'attributes' => array('name', 'download', 'modified', 'size') # CSPI
);
$backends['ECOLE'] = array(
'name' => 'ÉCOLE/SERVICE', # CSPI
'driver' => 'ftp',
'preferred' => '',
'hordeauth' => true, # CSPI
'params' => array(
'hostspec' => '10.220.12.122', # CSPI The hostname/IP
Address of the FTP server
'port' => 21, # The port number of
the FTP server
'pasv' => false, # Use passive mode?
'timeout' => 90, # Set timeout (in
seconds) for the FTP server.
// If true and the POSIX extension is available the driver will map
// the user and group IDs returned from the FTP server with the local
// IDs from the local password file. This is useful only if the FTP
// server is running on localhost or if the local user/group
// IDs are identical to the remote FTP server.
// 'maplocalids' => true
),
'loginparams' => array(
// Allow the user to change the FTP server
// 'hostspec' => 'Hostname',
// Allow the user to change the FTP port
// 'port' => 'Port'
),
// 'root' => '',
// 'home' => '',
// 'createhome' => false,
'permissions' => '', # 750 CSPI
// 'filter' => '^regex$',
'quota' => false,
'clipboard' => false, # CSPI
// 'attributes' => array('type', 'name', 'download', 'modified',
'size', 'permission', 'owner', 'group')
'attributes' => array('name', 'download', 'modified', 'size') # CSPI
);
$backends['CSPI'] = array(
'name' => 'CSPI', # CSPI
'driver' => 'ftp',
'preferred' => '',
'hordeauth' => true, # CSPI
'params' => array(
'hostspec' => '10.220.12.123', # CSPI The hostname/IP Address
of the FTP server
'port' => 21, # The port number of the FTP server
'pasv' => false, # Use passive mode?
'timeout' => 90, # Set timeout (in seconds)
for the FTP server.
// If true and the POSIX extension is available the driver will map
// the user and group IDs returned from the FTP server with the local
// IDs from the local password file. This is useful only if the FTP
// server is running on localhost or if the local user/group
// IDs are identical to the remote FTP server.
// 'maplocalids' => true
),
'loginparams' => array(
// Allow the user to change the FTP server
// 'hostspec' => 'Hostname',
// Allow the user to change the FTP port
// 'port' => 'Port'
),
// 'root' => '',
// 'home' => '',
// 'createhome' => false,
'permissions' => '', # 750 CSPI
// 'filter' => '^regex$',
'quota' => false,
'clipboard' => false, # CSPI
// 'attributes' => array('type', 'name', 'download', 'modified',
'size', 'permission', 'owner', 'group')
'attributes' => array('name', 'download', 'modified', 'size') # CSPI
);
$backends['TUTORIELS'] = array(
'name' => 'TUTORIELS', # CSPI
'driver' => 'ftp',
'preferred' => '',
'hordeauth' => true, # CSPI
'params' => array(
'hostspec' => '10.220.12.124', # CSPI The hostname/IP Address
of the FTP server
'port' => 21, # The port number of the FTP server
'pasv' => false, # Use passive mode?
'timeout' => 90, # Set timeout (in seconds)
for the FTP server.
// If true and the POSIX extension is available the driver will map
// the user and group IDs returned from the FTP server with the local
// IDs from the local password file. This is useful only if the FTP
// server is running on localhost or if the local user/group
// IDs are identical to the remote FTP server.
// 'maplocalids' => true
),
'loginparams' => array(
// Allow the user to change the FTP server
// 'hostspec' => 'Hostname',
// Allow the user to change the FTP port
// 'port' => 'Port'
),
// 'root' => '',
// 'home' => '',
// 'createhome' => false,
'permissions' => '', # 750 CSPI
// 'filter' => '^regex$',
'quota' => false,
'clipboard' => false, # CSPI
// 'attributes' => array('type', 'name', 'download', 'modified',
'size', 'permission', 'owner', 'group')
'attributes' => array('name', 'download', 'modified', 'size') # CSPI
);
$backends['TRANSIT'] = array(
'name' => 'EN TRANSIT', # CSPI
'driver' => 'ftp',
'preferred' => '',
'hordeauth' => true, # CSPI
'params' => array(
'hostspec' => '10.220.12.125', # CSPI The hostname/IP Address
of the FTP server
'port' => 21, # The port number of the FTP server
'pasv' => false, # Use passive mode?
'timeout' => 90, # Set timeout (in seconds)
for the FTP server.
// If true and the POSIX extension is available the driver will map
// the user and group IDs returned from the FTP server with the local
// IDs from the local password file. This is useful only if the FTP
// server is running on localhost or if the local user/group
// IDs are identical to the remote FTP server.
// 'maplocalids' => true
),
'loginparams' => array(
// Allow the user to change the FTP server
// 'hostspec' => 'Hostname',
// Allow the user to change the FTP port
// 'port' => 'Port'
),
// 'root' => '',
// 'home' => '',
// 'createhome' => false,
'permissions' => '', # 750 CSPI
// 'filter' => '^regex$',
'quota' => false,
'clipboard' => false, # CSPI
// 'attributes' => array('type', 'name', 'download', 'modified',
'size', 'permission', 'owner', 'group')
'attributes' => array('name', 'download', 'modified', 'size') # CSPI
);
----------------------------------------------------
Ce message a été acheminé par le Webmail de la CSPI.
More information about the gollem
mailing list