[gollem] New User...
Anant Athavale
asa at isac.gov.in
Mon Apr 16 01:53:01 UTC 2007
Dear Jacques:
Thanks a lot. With all inputs, I should be able to setup my requirements.
Thanks again.
Regards,
anant.
Quoting Jacques Beaudoin <jacques-beaudoin at cspi.qc.ca>:
> Hi Anant,
>
>> How do we enable sharing, Is it using Permissions on Backends?
> Yes
> (I think Gollem knows nothing about file sharing on backends)
>
>> I want to clarify few more things. Currently, I am using file as
>> backend. All files are written with ownership as apache:apache. Is
>> this the reason, every user has permission to read/delete/edit etc.
> Yes
>
>> If I use SQL backend, whether this issue is addressed automatically?
> Automatically... i don't think so
>
> I don't use SQL backend to store file,
> i use proftpd to store files on unix... and maby thats what you whant...
>
> For me, all files are store as 5500:5500 users on unix
> (It could be apache:apache)
>
> Bare with me this is what I do.... it's home made......
> ..... and maby you can adapt this for you
>
> I have on terabyte of ftp space.
>
> My imap server is dbmail and dbmail is mysql base.
>
> I run proftpd compile with mysql and clamav.
>
> One thing about proftpd it that it can be many virtual ftp server.
>
> Users don't and can't share there personnals unix directory
> pointed by the "PERSONNELS ftp server"
> because they are chroot by proftpd
>
> Users have full read/write acces to there "group" unix directory
> pointed by "ECOLES/SERVICES ftp server"
> and are chroot to that group directory
>
> Users have read only acces to the "School Board" unix directory
> pointed by "CSPI ftp server"
> and are chroot to that directory
>
> Users have read only acces to the "tutorials" directory in my
> "TUTORIELS ftp server"
> and are chroot to that directory
>
> My users have full acces to the "in transit" files in my
> "EN TRANSIT ftp server"
> and are chroot to that directory
>
> etc.. etc... for ftp servers
>
> I have virus scaning because proftpd is compile to use clamav.
> I have mysql authentication to my dbmail imap server because
> proftp is compile to use mysql.
>
> I could have quota for each users if I compile proftpd
> to use mysql quotas..... but after thinkink....
> i only have "ONE QUOTA",
> I don't whant "ALL MY USERS" to use "ALL MY TERABYTE"
>
> If and when my ftp space gets to 75% i will write a script
> to send automatic email-notice via cron
> to the "BIG FTP USERS" to "CLEAN UP OR ELSE"
>
> THIS IS MY PROFTPD.CONF FILE
> ============================
> ServerType standalone
> MaxInstances 30
> UseReverseDNS off
> IdentLookups off
>
> <Global>
> DefaultRoot ~
> Umask 022
> User nobody
> Group nogroup
> ServerIdent off
> DeferWelcome on
> AllowStoreRestart on
> AllowOverwrite on
> SQLAuthTypes Plaintext Crypt
> SQLAuthenticate users*
> SQLConnectInfo dbmail at localhost xxxx xxxxx
> SQLHomedirOnDemand on
> SQLMinID 500
> RootLogin off
> RequireValidShell off
> </Global>
>
> #
> # FTP: PERSONNELS
> # This ftp server is use to store users personnal files
> #
> <VirtualHost 10.220.12.121>
> DefaultServer on
> ServerName "10.220.12.121"
> ServerAdmin jacques-beaudoin at cspi.qc.ca
> Port 21
> ClamAV on
> ClamLocalSocket /var/run/clamav/clamd
> MaxStoreFileSize 50 Mb
> SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
> concat('5500'), CONCAT('/proftpd/',userid), concat('/sbin/nologin')
> FROM dbmail_users WHERE userid = '%U'"
> SQLUserInfo custom:/info1
> </VirtualHost>
>
> #
> # FTP: ECOLES/SERVICE
> # This ftp server is use to store users group files
> #
> <VirtualHost 10.220.12.122>
> ServerName "10.220.12.122"
> ServerAdmin jacques-beaudoin at cspi.qc.ca
> Port 21
> ClamAV on
> ClamLocalSocket /var/run/clamav/clamd
> MaxStoreFileSize 50 Mb
> SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
> concat('5500'), CONCAT('/proftpd/',ftpdir), concat('/sbin/nologin')
> FROM dbmail_users WHERE userid = '%U' AND ftpdir != '%U'"
> SQLUserInfo custom:/info1
> </VirtualHost>
>
> #
> # FTP: CSPI
> # This ftp server is use to store School Board read only files
> #
> <VirtualHost 10.220.12.123>
> ServerName "10.220.12.123"
> ServerAdmin jacques-beaudoin at cspi.qc.ca
> Port 21
> ClamAV on
> ClamLocalSocket /var/run/clamav/clamd
> MaxStoreFileSize 50 Mb
> SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
> concat('5500'), CONCAT('/proftpd/repertoire-la-cspi'),
> concat('/sbin/nologin') FROM dbmail_users WHERE userid = '%U'"
> SQLUserInfo custom:/info1
> <Limit WRITE>
> AllowUser jacques-beaudoin
> AllowUser micheline-robert
> # AllowGroup ftpgroup
> DenyAll
> </Limit>
> </VirtualHost>
>
> #
> # FTP: TUTORIELS
> # This ftp server is use to store School Board tutotials read only files
> #
> <VirtualHost 10.220.12.124>
> ServerName "10.220.12.124"
> ServerAdmin jacques-beaudoin at cspi.qc.ca
> Port 21
> ClamAV on
> ClamLocalSocket /var/run/clamav/clamd
> MaxStoreFileSize 50 Mb
> SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
> concat('5500'), CONCAT('/proftpd/repertoire-tutoriels'),
> concat('/sbin/nologin') FROM dbmail_users WHERE userid = '%U'"
> SQLUserInfo custom:/info1
> <Limit WRITE>
> AllowUser jacques-beaudoin
> AllowUser france-brochu
> AllowUser francois-rivest
> # AllowGroup ftpgroup
> DenyAll
> </Limit>
> </VirtualHost>
>
> #
> # FTP: EN TRANSIT
> # This ftp server is use to store School Board in transit files
> # This ftp is to let horde users echange "NON CONFIDENTIAL" files
> # Files in this ftp server are automaticaly deleted via a cron job
> # after 30 minutes
> #
> <VirtualHost 10.220.12.125>
> ServerName "10.220.12.125"
> ServerAdmin jacques-beaudoin at cspi.qc.ca
> Port 21
> ClamAV on
> ClamLocalSocket /var/run/clamav/clamd
> MaxStoreFileSize 200 Mb
> SQLNamedQuery info1 SELECT "userid, passwd, concat('5500'),
> concat('5500'), CONCAT('/proftpd/repertoire-en-transit'),
> concat('/sbin/nologin') FROM dbmail_users WHERE userid = '%U'"
> SQLUserInfo custom:/info1
> </VirtualHost>
>
>
>
> THIS IS MY GOLLEM,PHP FILE
> ==========================
>
> <?php
> /**
> * $Horde: gollem/config/backends.php.dist,v 1.41.2.6 2006/02/22
> 06:48:37 slusarz Exp $
> *
> * This file is where you specify what backends people using your
> * installation of Gollem can log in to. There are a number of properties
> * that you can set for each backend:
> *
> * name: This is the plaintext name that you want displayed if you are using
> * the drop down server list.
> *
> * driver: The VFS (Virtual File System) driver to use to connect.
> * Valid options:
> * 'file' -- Work with a local file system.
> * 'ftp' -- Connect to a FTP server.
> * 'sql' -- Connect to VFS filesystem stored in SQL database.
> *
> * preferred: This is only useful if you want to use the same backend.php
> * file for different machines: if the hostname of the Gollem
> * machine is identical to one of those in the preferred list,
> * then the corresponding option in the select box will include
> * SELECTED, i.e. it is selected by default. Otherwise the
> * first entry in the list is selected.
> *
> * hordeauth: If this parameter is present and true, then Gollem will attempt
> * to use the user's existing credentials (the username/password
> * they used to log in to Horde) to log in to this source. If this
> * parameter is 'full', the username will be used unmodified;
> * otherwise, everything after and including the first @ in the
> * username will be stripped before attempting authentication.
> *
> * params: A parameters array containing any additional information that the
> * VFS driver needs.
> *
> * loginparams: A list of parameters that can be changed by the user on the
> * login screen. The key is the parameter name that can be
> * changed, the value is the text that will be displayed next to
> * the entry box on the login screen.
> *
> * root: The directory that will be the "top" or "root" directory, being the
> * topmost directory where users can change to. This is in addition to
> * a vfsroot parameter set in the params array.
> *
> * home: The directory that will be used as home directory for the user.
> * This parameter will overrule a home parameter in the params array.
> * If empty, this will default to the active working directory
> * immediately after logging into the VFS backend (i.e. for ftp,
> * this will most likely be ~user, for SQL based VFS backends,
> * this will probably be the root directory).
> *
> * createhome: If this parameter is set to true, and the home directory does
> * not exist, attempt to create the home directory on login.
> *
> * permissions: The default permissions to set for newly created folders
> * and files. This parameter will only take affect if the VFS
> * backend supports file permissions. If empty, the permissions
> * will be set by default by the VFS backend.
> *
> * filter: If set, all files that match the regex will be hidden in the
> * folder view. The regex must be in pcre syntax (See
> * http://www.php.net/pcre).
> *
> * quota: If set, turn on VFS quota checking for the backend if it supports
> * it. The entry must be in the following format:
> * size [metric]
> * metric = B (bytes), KB (kilobytes), MB (megabytes), GB (gigabytes)
> * If no metric is given, bytes are assumed.
> * Examples: "2 MB", "2048 B", "1.5 GB"
> * If false or not set, quota support is disabled.
> *
> * ** For quotas to work, you must be using a version of Horde **
> * ** that contains VFS quota support. **
> *
> * clipboard: If set, allows the user to cut/copy/paste files. Since not all
> * VFS backends have support for the necessary commands, and there
> * is no way to auto-detect which backends do have support, this
> * option must be manually set. True enables clipboard support,
> * false (the default) disables support. In the examples below,
> * clipboard has been enabled in all VFS backends that have
> * cut/copy/paste support since the initial release of Horde 3.0.
> * For all other backends, you will have to manually check and
> * see if your current VFS version/backend supports the necessary
> * commands.
> *
> * attributes: The list of attributes that the driver supports. Available
> * attributes:
> * 'download'
> * 'group'
> * 'modified'
> * 'name'
> * 'owner'
> * 'permission'
> * 'size'
> * 'type'
> */
>
> $backends['PERSONNELS'] = array(
> 'name' => 'PERSONNELS', # CSPI
> 'driver' => 'ftp',
> 'preferred' => '',
> 'hordeauth' => true, # CSPI
> 'params' => array(
> 'hostspec' => '10.220.12.121', # CSPI The hostname/IP Address of
> the FTP server
> 'port' => 21, # The port number of the FTP server
> 'pasv' => false, # Use passive mode?
> 'timeout' => 90, # Set timeout (in seconds)
> for the FTP server.
> // If true and the POSIX extension is available the driver will map
> // the user and group IDs returned from the FTP server with the local
> // IDs from the local password file. This is useful only if the FTP
> // server is running on localhost or if the local user/group
> // IDs are identical to the remote FTP server.
> // 'maplocalids' => true
> ),
> 'loginparams' => array(
> // Allow the user to change the FTP server
> // 'hostspec' => 'Hostname',
> // Allow the user to change the FTP port
> // 'port' => 'Port'
> ),
> // 'root' => '',
> // 'home' => '',
> // 'createhome' => false,
> 'permissions' => '', # 750 CSPI
> // 'filter' => '^regex$',
> 'quota' => false,
> 'clipboard' => false, # CSPI
> // 'attributes' => array('type', 'name', 'download', 'modified',
> 'size', 'permission', 'owner', 'group')
> 'attributes' => array('name', 'download', 'modified', 'size') # CSPI
> );
>
> $backends['ECOLE'] = array(
> 'name' => 'ÉCOLE/SERVICE', # CSPI
> 'driver' => 'ftp',
> 'preferred' => '',
> 'hordeauth' => true, # CSPI
> 'params' => array(
> 'hostspec' => '10.220.12.122', # CSPI The hostname/IP Address
> of the FTP server
> 'port' => 21, # The port number of the
> FTP server
> 'pasv' => false, # Use passive mode?
> 'timeout' => 90, # Set timeout (in
> seconds) for the FTP server.
> // If true and the POSIX extension is available the driver will map
> // the user and group IDs returned from the FTP server with the local
> // IDs from the local password file. This is useful only if the FTP
> // server is running on localhost or if the local user/group
> // IDs are identical to the remote FTP server.
> // 'maplocalids' => true
> ),
> 'loginparams' => array(
> // Allow the user to change the FTP server
> // 'hostspec' => 'Hostname',
> // Allow the user to change the FTP port
> // 'port' => 'Port'
> ),
> // 'root' => '',
> // 'home' => '',
> // 'createhome' => false,
> 'permissions' => '', # 750 CSPI
> // 'filter' => '^regex$',
> 'quota' => false,
> 'clipboard' => false, # CSPI
> // 'attributes' => array('type', 'name', 'download', 'modified',
> 'size', 'permission', 'owner', 'group')
> 'attributes' => array('name', 'download', 'modified', 'size') # CSPI
> );
>
> $backends['CSPI'] = array(
> 'name' => 'CSPI', # CSPI
> 'driver' => 'ftp',
> 'preferred' => '',
> 'hordeauth' => true, # CSPI
> 'params' => array(
> 'hostspec' => '10.220.12.123', # CSPI The hostname/IP Address of
> the FTP server
> 'port' => 21, # The port number of the FTP server
> 'pasv' => false, # Use passive mode?
> 'timeout' => 90, # Set timeout (in seconds)
> for the FTP server.
> // If true and the POSIX extension is available the driver will map
> // the user and group IDs returned from the FTP server with the local
> // IDs from the local password file. This is useful only if the FTP
> // server is running on localhost or if the local user/group
> // IDs are identical to the remote FTP server.
> // 'maplocalids' => true
> ),
> 'loginparams' => array(
> // Allow the user to change the FTP server
> // 'hostspec' => 'Hostname',
> // Allow the user to change the FTP port
> // 'port' => 'Port'
> ),
> // 'root' => '',
> // 'home' => '',
> // 'createhome' => false,
> 'permissions' => '', # 750 CSPI
> // 'filter' => '^regex$',
> 'quota' => false,
> 'clipboard' => false, # CSPI
> // 'attributes' => array('type', 'name', 'download', 'modified',
> 'size', 'permission', 'owner', 'group')
> 'attributes' => array('name', 'download', 'modified', 'size') # CSPI
> );
>
> $backends['TUTORIELS'] = array(
> 'name' => 'TUTORIELS', # CSPI
> 'driver' => 'ftp',
> 'preferred' => '',
> 'hordeauth' => true, # CSPI
> 'params' => array(
> 'hostspec' => '10.220.12.124', # CSPI The hostname/IP Address of
> the FTP server
> 'port' => 21, # The port number of the FTP server
> 'pasv' => false, # Use passive mode?
> 'timeout' => 90, # Set timeout (in seconds)
> for the FTP server.
> // If true and the POSIX extension is available the driver will map
> // the user and group IDs returned from the FTP server with the local
> // IDs from the local password file. This is useful only if the FTP
> // server is running on localhost or if the local user/group
> // IDs are identical to the remote FTP server.
> // 'maplocalids' => true
> ),
> 'loginparams' => array(
> // Allow the user to change the FTP server
> // 'hostspec' => 'Hostname',
> // Allow the user to change the FTP port
> // 'port' => 'Port'
> ),
> // 'root' => '',
> // 'home' => '',
> // 'createhome' => false,
> 'permissions' => '', # 750 CSPI
> // 'filter' => '^regex$',
> 'quota' => false,
> 'clipboard' => false, # CSPI
> // 'attributes' => array('type', 'name', 'download', 'modified',
> 'size', 'permission', 'owner', 'group')
> 'attributes' => array('name', 'download', 'modified', 'size') # CSPI
> );
>
> $backends['TRANSIT'] = array(
> 'name' => 'EN TRANSIT', # CSPI
> 'driver' => 'ftp',
> 'preferred' => '',
> 'hordeauth' => true, # CSPI
> 'params' => array(
> 'hostspec' => '10.220.12.125', # CSPI The hostname/IP Address of
> the FTP server
> 'port' => 21, # The port number of the FTP server
> 'pasv' => false, # Use passive mode?
> 'timeout' => 90, # Set timeout (in seconds)
> for the FTP server.
> // If true and the POSIX extension is available the driver will map
> // the user and group IDs returned from the FTP server with the local
> // IDs from the local password file. This is useful only if the FTP
> // server is running on localhost or if the local user/group
> // IDs are identical to the remote FTP server.
> // 'maplocalids' => true
> ),
> 'loginparams' => array(
> // Allow the user to change the FTP server
> // 'hostspec' => 'Hostname',
> // Allow the user to change the FTP port
> // 'port' => 'Port'
> ),
> // 'root' => '',
> // 'home' => '',
> // 'createhome' => false,
> 'permissions' => '', # 750 CSPI
> // 'filter' => '^regex$',
> 'quota' => false,
> 'clipboard' => false, # CSPI
> // 'attributes' => array('type', 'name', 'download', 'modified',
> 'size', 'permission', 'owner', 'group')
> 'attributes' => array('name', 'download', 'modified', 'size') # CSPI
> );
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ----------------------------------------------------
> Ce message a été acheminé par le Webmail de la CSPI.
Regards,
Anant Athavale.
More information about the gollem
mailing list