I'm trying to get up and running on Trac quickly for a pending migration. Could someone tell me how to add new users to Trac. As I understand it trac authenticates against apache, which uses a password file. I know how to use htpasswd but I don't know where the password file is. Am I going down the wrong road here?
Somewhere in your Apache configuration (like mod_python.conf) you'll have a line that specifies where the authentication file is:
AuthUserFile /var/lib/trac/your_auth_file
While you're in looking at that file, look for the base Trac directory. It may be specified as:
PythonOption TracEnv /var/lib/trac/yourProject
Once you've used htpasswd to add them to that file, you'll want to add them to Trac, so you'll need to run trac-admin:
trac-admin /var/lib/trac/yourProject
You can then issue a help command to learn how to add users to trac, etc.
Turns out all I needed to do was use htpasswd in the folder where my track site was. And then I was able to use the admin tool in track to give that user permission in track.
Related
I set up a local Trac wiki using a conda env, where I installed all dependencies, except the system packages, which I installed in the system:
trac-admin . initenv
I entered the required infos like project name there.
Then I run the Trac standalone server.
tracd --port 8000 .
inside the directory, where I set up the wiki.
Since this is supposed to be a wiki, which I use locally myself and not for any multiuser setup, I don't need any authentication functionality. How can I deactivate any authentication or need for login for Trac?
I know that I don't have permissions, because I used the quick search field for a page, which could not exist and when the wiki showed no results, it didn't offer a create page button of any kind. According to the StartPage, this means I don't have permissions.
I couldn't find any enable/disable setting for this in the ./conf/trac.ini to do this. It would also be acceptable to find an easy way to create a user, as which I login to Trac, but all the guides from Trac documentation assume prior knowledge of some kind of configuration files and they don't explain those exactly. For example here. Where does that configuration file even go and what kind of syntax does this use? Not really helpful.
You are correct that you need to modify the permissions (authorization). The permissions are stored in the database rather than trac.ini. You need to grant permission using trac-admin utility. See TracPermissions.
trac-admin $env permission add anonymous WIKI_CREATE WIKI_MODIFY WIKI_DELETE WIKI_RENAME
For help, execute:
trac-admin $env permission help
If you wish to setup authentication, see TracStandalone: UsingAuthentication.
For part of my assignment, I had to create two local directories in my Apache htdocs path and password protect them so that only one user can access them. I did this using htaccess. However, this was apparently the wrong answer because they wanted authentication using windows user login user/pwd.
I don't understand how i can do this. How can i create a folder that is only accessible by the user with the same name?
Thanks for any advice. I do not need a solution, just some information on where to start looking. Everything I find seems to require htaccess. Unless i am thinking of this wrong and there is a module i can use with htaccess to make this work.
Thanks for the help.
I am not sure what your prof is looking for but you can probably do this by working with the windows folder sharing and permission options
Setting folder Share permissions
Seems like the current svn repo is locked. When I do svn up svn just stays there as if its hanged or something and no option from there except to kill it. Would help looking at the logs to see what's going on.
So where does SVN store it's logs and how to find where their location is configured?
Update 1: Found from the answer to a similar question that the logs are at /var/log/httpd but only root has access to that folder.
Is there an alternative to update the location of logs to go to a more accessible location?
If I have permission to use svn should hopefully have access to svn logs or atleast via .htaccess redirect for my folder to somewhere else.
Thanks.
I think you may find it at /var/log/httpd
Is there an alternative to update the location of logs to go to a more
accessible location?
No I dont think you can do that. You can perhaps create a seperate log file.
Check this:-
By activating an “operational logging” feature, you can ask
mod_dav_svn to create a separate log file describing what sort of
high-level operations your clients are performing.
I am trying to set up the access control for my personal website on synology NAS. Right now I am using DS212J. I found the following article teaching how to use "htaccess" on apache to achieve that.
http://www.synology.com/support/faq_show.php?lang=enu&q_id=347
But I encountered 2 problem:
1) I don't have the command "htpasswd" after ssh to my DS212J.
2) After I manually create those files, I got the username and password prompting up on the website. However, the password in "admin.pw" and "normal.pw" doesn't work when I type in. I am not sure whether it is because I didn't use command "htpasswd".
What am I missing here?
Thanks.
The htpasswd executable is at /usr/syno/apache/bin/htpasswd. As that directory is not on the PATH, you have to explicitly use the whole path to use it:
Apache doesn't keep passwords in plain text, it uses a hash of them so that even if someone gets access to the password file they won't be able to log in. That's why you must use htpasswd to create the file.
For anyone who comes across this, I couldn't get that synology support tutorial to work either. I am running DSM 5.1-5022 Update 4 on my own domain with ssl. Here's how it got it working:
Follow the steps in the following wiki: Synology Wiki
In the control panel, go to "Web Services" and disable SPDY for secure connections. (Gleaned from this article.)
Good luck.
I'm running apache and my php site uploads images to the server. should apache upload dir have 777 permissions or belong to www-data user? How would this affect backing things up?
I think read + write permission is enough. read for backup, write for upload. It seems that no one ever need to execute anything.
And you should only grant permissions to who really need them. For example, grant write permission to www-data. And if you use another-user to do back up, only grant read permission to another-user.
You'd better avoid using 777
That depends on what you need from it. You should always use the most restrictive permissions that will let you do what you need.
Read the man page for chmod(1) to learn what the various permission bits mean. And maybe provide some more detail about your situation, so someone can provide a specific answer for you.
First and foremost the apache server needs to run as a non-privileged user. Second the upload directory should only need 600 as the permission (rw) iirc. This will allow the user that is running apache to write to that directory. The practical attack against a web server is to trick it into writing to a directory and having it execute the code that is placed there.