Re: [users@httpd] and Satisfy in for mod_dav

[Igor Cicimov]

Hi Chris,


On Tue, Sep 17, 2013 at 4:40 AM, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> All,
>
> I'm having trouble getting  and Satisfy to work within a .
>
> I'm using Apache httpd 2.2.22 on Debian Wheezy.
>
> Now, "Satisfy" is not documented to work under  elements, but
> also  is not documented to work under , and seems to
> work without a problem. I was wondering if it's just an accident that
>  works under , but that Satisfy can't, or the
> documentation is inaccurate, or if I simply can't do what I want to do.
>
> I am trying to protect a part of my filesystem that is accessible via
> WebDAV. I'm using mod_dav along with mod_auth_ldap and I'd like to be
> able to do this:
>
> 
>   
> Satisfy Any
> Require ldap-group cn=some-read-only-group
> Require ldap-group cn=some-read-only-other-group
>   
>   
> Satisfy Any
> Require ldap-group cn=some-read-write-group
>   
> 
>
>
> The closest thing I'm able to get working is this:
>
> 
>   
> Require ldap-group cn=some-read-only-group
>   
>  
> Require ldap-group cn=some-read-write-group
>   
> 
>
> It looks like I have to use  instead of  because
>  does not protect directories being handled by mod_dav. Can
> someone confirm that?
>

I have a similar setting to this so I think your assumption is correct:


  AuthType Basic
  AuthName "Secure Area"
  AuthBasicProvider ldap
  AuthLDAPURL  "ldap://localhost:4389/ou=users,o=company?uid";
  AuthLDAPBindDN uid=admin,ou=users,o=access
  AuthLDAPBindPassword password
  
Require ldap-group cn=Admin, ou=groups, o=company
  
  
 Order Allow,Deny
 Deny from all
  



  
Require ldap-group cn=user1, ou=groups, o=company
Require ldap-group cn=user2, ou=groups, o=company
  
  
Require ldap-group cn=user2, ou=groups, o=company
Require ldap-group cn=user3, ou=groups, o=company
  
  
Order Allow,Deny
Deny from all
  



> Whenever I use "Satisfy Any" anywhere, it appears to apply to a
> much-wider set of files than is specified in  or .
>
> Is there a way to do complicated permissions along with WebDAV?
>
> I'd appreciate any suggestions anyone might have.
>
> While I'm at it, I'd like to know whether path-ordering in httpd.conf
> will have any bearing on how the permissions are applied. Ideally, I'd
> like to be able to set permissions on a top-level directory, then
> override those permissions on a sub-directory -- not necessarily either
> widening or narrowing the permissions... I might want to do a little of
> both.
>

Yes, you are correct. I would also protect the top directory and then open
some directories for public access using "Satisfy Any", something like this:


AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user


# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all



>
> -chris
>
> I think there is a new stuff in 2.4, something like

AuthType None
Require all granted

to remove the protection on the subdirectory but have never tried it my
self.

Cheers,
Igor

Re: [users@httpd] seg fault when using mod_dbd

[dnt]

Found the error:
res and row must be initialized with NULL, otherwise
no memory will be allocated in the called functions.

> - Original Message -
> From: dnt
> Sent: 09/18/13 01:02 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] seg fault when using mod_dbd
> 
> Hi,
> 
> I want to use mod_dbd with MySQL on a system with CentOS 6.4 (x86_64).
> I can execute a select statement, but getting a row fails. Finally I get a 
> segmentation fault.
> Attached is a simple test module which leads to the error.
> The log output until apr_dbd_get_row is as expected.
> Line 57 writes the last line into the log before I get the seg fault.
> 
> If I disable random access in the call of apr_dbd_select the seg fault 
> already happens in line 56 when calling apr_dbd_get_row.
> 
> Do you have an idea whats wrong?
> 
> Installed are the current packages of CentOS 6.4
> httpd-2.2.15
> apr-util-1.3.9
> apr-util-mysql-1.3.9
> mysql-5.1.69
> 
> Thanks in advance
> Dominic


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Issues building apache httpd-2.4.6-1.x86_64 on SUSE Linux Enterprise Server 11 (x86_64) - Kindly help

[Balaji Katika]

HI Jens,

Thanks for the quick response. And your email has helped me I could
find a build for the required version of apache (246). I've downloaded it
and able to install it on my setup. I need to validate it and check it with
my legal/management team for any compliance related information.

Thanks again :-)


Regards
Balaji Katika


On Wed, Sep 18, 2013 at 12:22 PM, Jens-U. Mozdzen  wrote:

> Hi Balaji,
>
> Zitat von Balaji Katika :
>
>  Hi all,
>>
>> I have downloaded httpd-2.4.6.tar.bz2 from
>> http://httpd.apache.org/**download.cgi#apache24onto
>>  my SuSE Linux Enterprise
>> Server 11 (64-bit) machine (11.2) and trying to build an rpm through it as
>> per the instructions mentioned at
>> http://httpd.apache.org/docs/**2.4/platform/rpm.html
>>
>> I have resolved the missing -devel packages (several reported earlier like
>> pcre,libuuid-devel etc.,). However, I couldn't found the source for the
>> below dependencies.
>>
>>
>> *  Is there any readily available rpm for the specific version (or the
>> compliant) of SuSE Linux 11.2 ?
>>
>
> please make that "SLES11SP2" - "SuSE Linux 11.2" will typically be
> interpreted as "openSUSE 11.2" :/
>
> There's a build on software.opensuse.org for SP1 and SP3 - the SP1
> version should work: https://build.opensuse.org/**
> package/show?project=home%**3Acsbuild%3ADBA&package=dba-**apache-246
>
>
>  *  Can someone point me to any apache specific repository for SuSE Linux ?
>>
>
> I again take it as "SuSE Linux Enterprise Server", AKA "SLES" - and that
> platform was created for *stability*, so your best bet will be some user
> build like the one I referenced above. You're leaving the supported
> platform when using such an update, but as "support" is the main reason for
> the enterprise versions of Linux, that is no widely-used path.
>
>
>  *  Any relevant information shall be appreciated ?
>>
>
> Indeed ;)
>
>
>
>> The repos's mentioned at
>> http://en.opensuse.org/**Additional_package_**repositories#Apachedoesn't
>>  seem
>> to be pointing to a valid URL.
>>
>
> What makes you think so? I just checked two of them, and they take me
> directly to each repository.
>
>
>  blr-3rd-2-dhcp330:~/apache # rpmbuild -ts httpd-2.4.6.tar.bz2
>> error: Failed build dependencies:
>> apr-devel >= 1.4.0 is needed by httpd-2.4.6-1.x86_64
>> apr-util-devel >= 1.4.0 is needed by httpd-2.4.6-1.x86_64
>> openldap-devel is needed by httpd-2.4.6-1.x86_64
>> distcache-devel is needed by httpd-2.4.6-1.x86_64
>>
>> My zypper is currently referring to the repository
>> http://download.opensuse.org/**distribution/11.4/repo/oss/**suse
>>
>
> That's an openSUSE 11.4 repository - not SLES11SP2. As you can see on the
> page you mention above, no SLES11 repository (for none of the SPs) is
> given... only SLE(S|D)10, which won't help you either :(
>
> Regards,
> Jens
>
> PS: You might want to ask that question over at forums.suse.com, too
> (SLES forums, Updates sub-forum) - that's where the SLES folks hang out.
>
>
> --**--**-
> To unsubscribe, e-mail: 
> users-unsubscribe@httpd.**apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

[users@httpd] seg fault when using mod_dbd

[dnt]

Hi,

I want to use mod_dbd with MySQL on a system with CentOS 6.4 (x86_64).
I can execute a select statement, but getting a row fails. Finally I get a 
segmentation fault.
Attached is a simple test module which leads to the error.
The log output until apr_dbd_get_row is as expected.
Line 57 writes the last line into the log before I get the seg fault.

If I disable random access in the call of apr_dbd_select the seg fault already 
happens in line 56 when calling apr_dbd_get_row.

Do you have an idea whats wrong?

Installed are the current packages of CentOS 6.4
httpd-2.2.15
apr-util-1.3.9
apr-util-mysql-1.3.9
mysql-5.1.69

Thanks in advance
Dominic
#include 
#include 
#include 

#include 
#include 
#include 
#include 

module AP_MODULE_DECLARE_DATA test_module;

static ap_dbd_t *(*test_dbd_acquire_fn)(request_rec *) = NULL;

static int test_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
{
	if (test_dbd_acquire_fn == NULL) {
		test_dbd_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
		if (test_dbd_acquire_fn == NULL) {
			ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
			 "You must load mod_dbd to enable mod_test");
			return HTTP_INTERNAL_SERVER_ERROR;
		}
	}

	return OK;
}

static apr_status_t test_handler(request_rec *r)
{
	if (strcmp(r->handler, "test"))
		return DECLINED;

	ap_dbd_t *dbd = test_dbd_acquire_fn(r);
	if (dbd == NULL) {
		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Failed to acquire database connection");
		return HTTP_INTERNAL_SERVER_ERROR;
	}

	char* sql = "select 1 from information_schema.tables limit 5";
	apr_dbd_results_t *res;
	int errnum = apr_dbd_select(dbd->driver, r->pool, dbd->handle, &res, sql, 1);
	if (errnum) {
		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Failed to select: %s", apr_dbd_error(dbd->driver, dbd->handle, errnum));
		return HTTP_INTERNAL_SERVER_ERROR;
	}
	
	int rows = apr_dbd_num_tuples(dbd->driver, res);
	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, "%d rows selected", rows);
	int cols = apr_dbd_num_cols(dbd->driver, res);
	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, "%d cols selected", cols);
	
	apr_dbd_row_t *row;
	if (apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Failed to get row");
		return HTTP_INTERNAL_SERVER_ERROR;
	}
	
	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, "row fetched");
	
	return OK;
}

static void register_hooks(apr_pool_t *p)
{
	ap_hook_post_config(test_post_config, NULL, NULL, APR_HOOK_MIDDLE);
	ap_hook_handler(test_handler, NULL, NULL, APR_HOOK_FIRST);
}

module AP_MODULE_DECLARE_DATA test_module = {
	STANDARD20_MODULE_STUFF,
	NULL,
	NULL,
	NULL,
	NULL,
	NULL,
	register_hooks,
};


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Issues building apache httpd-2.4.6-1.x86_64 on SUSE Linux Enterprise Server 11 (x86_64) - Kindly help

[Rainer M. Canavan]

On Sep 18, 2013, at 07:53 , Balaji Katika  wrote:

> 
> blr-3rd-2-dhcp330:~/apache # rpmbuild -ts httpd-2.4.6.tar.bz2 
> error: Failed build dependencies:
> apr-devel >= 1.4.0 is needed by httpd-2.4.6-1.x86_64
> apr-util-devel >= 1.4.0 is needed by httpd-2.4.6-1.x86_64
> openldap-devel is needed by httpd-2.4.6-1.x86_64
> distcache-devel is needed by httpd-2.4.6-1.x86_64
> 


I've tried building httpd-2.4.6 on CentOS 6 last week, and I had similar
issues. You'll need to build apr, apr-util and distcache RPMs before 
attempting to  build httpd. Apparently openldap is supplied with CentOS, 
so I didn't encounter any problems with that. Find 

The Instructions here at

http://hezachary.wordpress.com/2013/08/09/install-apache-2-4-6-in-centos-6/

should mostly apply to SuSE as well. I have no idea where you should turn to 
find an openldap package, although I suspect that it should be called 
openldap2-devel, and you may have change this in the httpd.spec as well.


rainer

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org