Another reason to put it into the conf file instead of as an option to the
rundig script in the cron job is that a command line option (i.e. the
password) will appear in a 'ps' listing to anyone else on the system.
Passwords on command lines are generally frowned upon for this reason.
As a side note, we get around this problem by allowing passwordless access
to the restricted portions of our web server to the IP address of the
system on which the indexing runs. No need to embed any passwords at all
that way.
Bill Knox
Lead Operating Systems Programmer/Analyst
The MITRE Corporation
On Sat, 3 Apr 2004, Tony Crockford wrote:
> Date: Sat, 03 Apr 2004 11:55:00 +0100
> From: Tony Crockford <[EMAIL PROTECTED]>
> To: Terry Allen <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: [htdig] Indexing a password protected site
>
> At 11:44 on Saturday, 03 Apr 2004, Terry Allen wrote:
>
> >>
> >>
> >> what you need to do is add an attribute to htdig when you run it.
> >>
> >> (are you using rundig? - if so you'll need to edit that)
> >>
> >> you need to launch htdig like this:
> >>
> >> htdig -u user:password
> >>
> >> (subsitute user:password for real values and don't forget the colon
> >> between them )
> >>
> >>
> >> that way when it is challenged for user and password details htdig will
> >> supply them.
> >>
> >> more info about how you are running htdig would help.
> >>
> >> hth anyway
> >>
> >> Tony
> >
> > Hi again,
> > Thanks Tony - I think that will do the trick - I am using rundig -c at
> > the moment via a crontab - so I guess there, I would need to modify the
> > line which currently reads:
> >
> > /Library/Tenon/Htdig/bin/rundig -c
> > /Library/Tenon/Htdig/conf/solutions.itavservices.com.conf
> >
> > to instead read:
> > /path/to/rundig -c -u username:password
> > /path/to/Htdig/conf/domain.com.conf
> >
> > Would that be a fair assessment?
>
>
> It would likely be better to simply add this line to the relevant .conf
> file (assuming it is only used for htdig):
>
> authorization: user:password
>
> just add it at the bottom of the conf file, substituting user:password as
> before.
>
>
> alternatively if you are going to edit your cron do:
>
> rundig -u user:password -c /path/to/Htdig/conf/domain.com.conf
>
> rather than your suggestion above - the conf file must follow the -c and
> the user:password pair must follow the -u (AFAIK)
>
>
> hth
>
> Tony
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: IBM Linux Tutorials
> Free Linux tutorial presented by Daniel Robbins, President and CEO of
> GenToo technologies. Learn everything from fundamentals to system
> administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
> _______________________________________________
> ht://Dig general mailing list: <[EMAIL PROTECTED]>
> ht://Dig FAQ: http://htdig.sourceforge.net/FAQ.html
> List information (subscribe/unsubscribe, etc.)
> https://lists.sourceforge.net/lists/listinfo/htdig-general
>
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
ht://Dig general mailing list: <[EMAIL PROTECTED]>
ht://Dig FAQ: http://htdig.sourceforge.net/FAQ.html
List information (subscribe/unsubscribe, etc.)
https://lists.sourceforge.net/lists/listinfo/htdig-general
