Topic: Sarg

[hawk]

Hi guys

Does any one know how to remove admin password when opening the sarg report on the manager. For example i want a particular user using the user-manager to be able to view the sarg reports but i don't want them to have the admin password.

Many thanks
John.

[dadoudidon]

I don't know how to remove the logging request for sarg but you can grant access to specifics users to the server-manager panel. Admin can select what panels users can access.
You can use http://www.dungog.net/wiki/Usermanager#User_Manager and see if it can match your goal.

David

PS: have a look in /etc/sarg/sarg.conf
PPS: http://bugs.contribs.org/show_bug.cgi?id=2931

[janet]

hawk

See this howto. It obviously refers to the lprng print monitor and not to sarg, but the "issue" appears to be similar. You will need to determine which custom template to use etc.
http://wiki.contribs.org/Print_queue_monitor_user_access

The bug link provided in this thread refers to this "issue" also occurring with other apps
http://bugs.contribs.org/show_bug.cgi?id=2931

[chriscosta]

Hi Hawk,

Do the following:

mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
wget http://mail.tw.co.nz/contribs/90e-smithAccess20sarg
expand-template /etc/httpd/conf/httpd.conf
/etc/rc7.d/S86httpd-e-smith restart

The custom template "90e-smithAccess20sarg" is based on the one Mary mentioned. That should remove the password prompting when an ordinary user tries to access sarg from their user-manager.

[dadoudidon]

Hello chris!
Are you sure about that?

Code: [Select]

{
my $externalSSLAccess = '';
my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none';

$validFrom =~ s/,/ /g;
$validFrom =~ s:/255.255.255.255::g;

unless ($validFrom eq 'none')
{
$externalSSLAccess = $validFrom;
}

$OUT .= <<HERE;
#-----------------------------------------------------------------------------
# SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------

Alias /squid /var/www/sarg
<Directory /var/www/sarg>
AllowOverride None
Options +Indexes
order deny,allow
deny from all
allow from $localAccess $externalSSLAccess
AuthName "SME Server Manager"
AuthType Basic
AuthExternal pwauth
require valid-user
</Directory>

#-----------------------------------------------------------------------------
# End of SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------
HERE
}
[root@wai002sv httpd.conf]# cat 90e-smithAccess20sarg
{
my $externalSSLAccess = '';
my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none';

$validFrom =~ s/,/ /g;
$validFrom =~ s:/255.255.255.255::g;

unless ($validFrom eq 'none')
{
$externalSSLAccess = $validFrom;
}

$OUT .= <<HERE;
#-----------------------------------------------------------------------------
# SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------

Alias /squid /var/www/sarg
<Directory /var/www/sarg>
AllowOverride None
Options +Indexes
order deny,allow
deny from all
allow from $localAccess $externalSSLAccess
AuthName "SME Server Manager"
AuthType Basic
AuthExternal pwauth
require valid-user
</Directory>

#-----------------------------------------------------------------------------
# End of SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------
HERE
}
[root@wai002sv httpd.conf]# ls
88Isoqlog  90e-smithAccess20sarg  90e-smithAccess40LPRng  VirtualHosts
[root@wai002sv httpd.conf]# cat

[root@wai002sv httpd.conf]# cat 90e-smithAccess20sarg
{
my $externalSSLAccess = '';
my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none';

$validFrom =~ s/,/ /g;
$validFrom =~ s:/255.255.255.255::g;

unless ($validFrom eq 'none')
{
$externalSSLAccess = $validFrom;
}

$OUT .= <<HERE;
#-----------------------------------------------------------------------------
# SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------

Alias /squid /var/www/sarg
<Directory /var/www/sarg>
AllowOverride None
Options +Indexes
order deny,allow
deny from all
allow from $localAccess $externalSSLAccess
AuthName "SME Server Manager"
AuthType Basic
AuthExternal pwauth
require valid-user
</Directory>

#-----------------------------------------------------------------------------
# End of SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------
HERE
}


I think that this is enough:

Code: [Select]

{
my $externalSSLAccess = '';
my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none';

$validFrom =~ s/,/ /g;
$validFrom =~ s:/255.255.255.255::g;

unless ($validFrom eq 'none')
{
$externalSSLAccess = $validFrom;
}

$OUT .= <<HERE;
#-----------------------------------------------------------------------------
# SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------

Alias /squid /var/www/sarg
<Directory /var/www/sarg>
AllowOverride None
Options +Indexes
order deny,allow
deny from all
allow from $localAccess $externalSSLAccess
AuthName "SME Server Manager"
AuthType Basic
AuthExternal pwauth
require valid-user
</Directory>

#-----------------------------------------------------------------------------
# End of SARG generated squid access log reports web repository
#-----------------------------------------------------------------------------
HERE
}


David

[chriscosta]

You are absolutely right. I think I've copied and pasted more than I should
I have already fixed the file on my end so it should be fine now.
Sorry about that.

[dadoudidon]

no prob
thanks for your job
David

[hawk]

Hi Guys
Thanks for all the help and leads. I have tried all the suggested ideas, but sadly non of them have worked for me.
I have decided to leave the SME server as is and include an untangle server in parallel. Changed the gateway on the workstations.
This in actual fact has released a load off a very busy SME. The untangle gives me a lot more control / reporting / blocking internet traffic. The business owner is very happy.

All the workstations get internet through the untangle server, and all the other server equipment uses the SME as their gateway. So far all is working fine.

I know a big change just to allow someone access to the internet traffic reports, i prefer it that way rather than giving out the admin password. The untangle has been in for 2 days and already some staff are up for disciplinary hearings for internet violations.

thanks again

[janet]

hawk

I have tried all the suggested ideas, but sadly non of them have worked for me.

Probably because you did not implement them correctly.

The untangle has been in for 2 days and already some staff are up for disciplinary hearings for internet violations.

....and already if you look at http://bugs.contribs.org/show_bug.cgi?id=2931
a new sarg release is available that has a fix for your issue....