Koozali.org: home of the SME Server

Obsolete Releases => SME 7.x Contribs => Topic started by: Agent86 on January 17, 2007, 06:10:16 PM

Title: Gollem
Post by: Agent86 on January 17, 2007, 06:10:16 PM

I've installed the RPM's that were posted for Gollem(file manager)

I've noticed that I can browse to other users folders but can't access them that is good.

But I can also browse to the Root and the ibays and that is not too good really ?

Is this suppose to work this way?

I would like the users to only be able to see their own home folder, and any other folder they are assigned to by the group access, or only folders that I want to share in the file manager, which I've not edited the Gollem yet to allow the sharing part, but I'm considering it

Please advise
Thanks
Steve

Title: Re: Gollem
Post by: mrjhb3 on January 18, 2007, 02:34:47 PM

Quote from: "Agent86"

I've installed the RPM's that were posted for Gollem(file manager)

I've noticed that I can browse to other users folders but can't access them that is good.

But I can also browse to the Root and the ibays and that is not too good really ?

Is this suppose to work this way?

I would like the users to only be able to see their own home folder, and any other folder they are assigned to by the group access, or only folders that I want to share in the file manager, which I've not edited the Gollem yet to allow the sharing part, but I'm considering it

Please advise
Thanks
Steve

You are correct, if you can find a way to mask that, then please let me know.  I am currently using dungog's smeserver-remoteuseraccess rpm, which automatically chroot's each user to their home directory.  Using this, then the users can only work in that directory.  

This rpm will be updated soon as the base install is now going to include a Chrootdir db value you can set globally as well as dungog's ability to set per user.

John

Title: Gollem
Post by: Agent86 on January 19, 2007, 02:29:29 AM

Thanks For the update, I was just making sure that it was not just me.

It's good to know

With this contrib smeserver-remoteuseraccess rpm, will this also limit the users in Gollem from accessing the Root and ibays ?

Secondly what about the group access to the ibay that have been assigned will those users still have access to those ibays ?

Thirdly (sorry) will those group users that have access to some of the ibay, be able to see other areas in Gollem file manager that they should not be able to see normally ?

And Forth is this the correct current rpm to install on 7.1 ?
smeserver-remoteuseraccess-1.2-10.noarch.rpm
there is also a 1.2-8 I was not sure which to install ?

Please advise and thanks

Title: Re: Gollem
Post by: mrjhb3 on January 19, 2007, 04:17:26 AM

Quote from: "Agent86"

Thanks For the update, I was just making sure that it was not just me.

It's good to know

With this contrib smeserver-remoteuseraccess rpm, will this also limit the users in Gollem from accessing the Root and ibays ?

Secondly what about the group access to the ibay that have been assigned will those users still have access to those ibays ?

Thirdly (sorry) will those group users that have access to some of the ibay, be able to see other areas in Gollem file manager that they should not be able to see normally ?

And Forth is this the correct current rpm to install on 7.1 ?
smeserver-remoteuseraccess-1.2-10.noarch.rpm
there is also a 1.2-8 I was not sure which to install ?

Please advise and thanks

First - Actually, I lied.  I can't duplicate what you are seeing.  When I use Gollem, without smeserver-remoteuseraccess, my users end up in their home directory.  They can't see anything else.

Second - If you want users to be able to see the ibay's, then you will need to set a different home directive in gollem/config/backends.php.  You can only set one path.

Third - If users don't have rights, they can't access the files.  They may be able to see some things (I.E. other users home directories, but they can't access them.)

Four - use the .10, it is the one that was updated last and that is what I am using.

I am re-loading my test server again to see if I can duplicate what you have seen.  If so, I'll post back.

John

Title: Re: Gollem
Post by: Agent86 on January 19, 2007, 02:33:34 PM

Quote from: "mrjhb3"

First - Actually, I lied.  I can't duplicate what you are seeing.  When I use Gollem, without smeserver-remoteuseraccess, my users end up in their home directory.  They can't see anything else.

Second - If you want users to be able to see the ibay's, then you will need to set a different home directive in gollem/config/backends.php.  You can only set one path.

Third - If users don't have rights, they can't access the files.  They may be able to see some things (I.E. other users home directories, but they can't access them.)

Four - use the .10, it is the one that was updated last and that is what I am using.

I am re-loading my test server again to see if I can duplicate what you have seen.  If so, I'll post back.

John

So let me start with the first subject again.

When I login to webmail I start by seeing only my home directory.
But I can clickn on users in the path that says Root/users/home
If I click users then I can see the users folders, but cannot access them this is great.
But if I click on Root I can see all the server folders and files including ibays etc. And thats for all users even if they are not part of the group that has access to that ibay.
Basically all users can see the ibays, and server-resourses which only has a one folder in it called regedit, looks like some type of windoze file, but anyhow.
The main concern is that the users appear to have access to the ibays read only, or group access perhaps this is something to do with the way I have the ibays setup, I'll review this topic further
And post my findings


And this without installing the contrib remoteaccess rpm

Title: Re: Gollem
Post by: mrjhb3 on January 20, 2007, 03:18:22 AM

Quote from: "Agent86"

Quote from: "mrjhb3"

First - Actually, I lied.  I can't duplicate what you are seeing.  When I use Gollem, without smeserver-remoteuseraccess, my users end up in their home directory.  They can't see anything else.

Second - If you want users to be able to see the ibay's, then you will need to set a different home directive in gollem/config/backends.php.  You can only set one path.

Third - If users don't have rights, they can't access the files.  They may be able to see some things (I.E. other users home directories, but they can't access them.)

Four - use the .10, it is the one that was updated last and that is what I am using.

I am re-loading my test server again to see if I can duplicate what you have seen.  If so, I'll post back.

John

So let me start with the first subject again.

When I login to webmail I start by seeing only my home directory.
But I can clickn on users in the path that says Root/users/home
If I click users then I can see the users folders, but cannot access them this is great.
But if I click on Root I can see all the server folders and files including ibays etc. And thats for all users even if they are not part of the group that has access to that ibay.
Basically all users can see the ibays, and server-resourses which only has a one folder in it called regedit, looks like some type of windoze file, but anyhow.
The main concern is that the users appear to have access to the ibays read only, or group access perhaps this is something to do with the way I have the ibays setup, I'll review this topic further
And post my findings


And this without installing the contrib remoteaccess rpm

Yes, everything you state is correct.  The only way around this is to chroot the users to their home directory.

Title: Thanks
Post by: Agent86 on January 20, 2007, 04:16:31 AM

Great Thanks

I'll install it rpm and test it out some more

Title: Re: Gollem
Post by: Agent86 on January 20, 2007, 11:04:36 PM

Quote from: "mrjhb3"

You are correct, if you can find a way to mask that, then please let me know.  I am currently using dungog's smeserver-remoteuseraccess rpm, which automatically chroot's each user to their home directory.  Using this, then the users can only work in that directory.  

This rpm will be updated soon as the base install is now going to include a Chrootdir db value you can set globally as well as dungog's ability to set per user.

John

I've installed the smeserver-remoteuseraccess.rpm
And during installation I get this:

Use of uninitialized value in substitution (s///) at /usr/lib/perl5/site_perl/es
mith/FormMagick.pm line 237, <LEXIN> line 46.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/vendor_perl/5.8
.5/i386-linux-thread-multi/XML/Parser/Expat.pm line 474.
Use of uninitialized value in print at /usr/lib/perl5/site_perl/CGI/FormMagick/S
etup.pm line 179.
Use of uninitialized value in substitution (s///) at /usr/lib/perl5/site_perl/es
mith/FormMagick.pm line 237, <LEXIN> line 107.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/vendor_perl/5.8
.5/i386-linux-thread-multi/XML/Parser/Expat.pm line 474.
Use of uninitialized value in print at /usr/lib/perl5/site_perl/CGI/FormMagick/S
etup.pm line 179.
Use of uninitialized value in substitution (s///) at /usr/lib/perl5/site_perl/es
mith/FormMagick.pm line 237, <LEXIN> line 167.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/vendor_perl/5.8
.5/i386-linux-thread-multi/XML/Parser/Expat.pm line 474.
Use of uninitialized value in print at /usr/lib/perl5/site_perl/CGI/FormMagick/S
etup.pm line 179.
Use of uninitialized value in substitution (s///) at /usr/lib/perl5/site_perl/es
mith/FormMagick.pm line 237, <LEXIN> line 227.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/vendor_perl/5.8
.5/i386-linux-thread-multi/XML/Parser/Expat.pm line 474.
Use of uninitialized value in print at /usr/lib/perl5/site_perl/CGI/FormMagick/S
etup.pm line 179.
Use of uninitialized value in substitution (s///) at /usr/lib/perl5/site_perl/esmith/FormMagick.pm line 237, <LEXIN> line 288.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi/XML/Parser/Expat.pm line 474.
Use of uninitialized value in print at /usr/lib/perl5/site_perl/CGI/FormMagick/Setup.pm line 179.
Use of uninitialized value in substitution (s///) at /usr/lib/perl5/site_perl/esmith/FormMagick.pm line 237, <LEXIN> line 349.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi/XML/Parser/Expat.pm line 474.
Use of uninitialized value in print at /usr/lib/perl5/site_perl/CGI/FormMagick/Setup.pm line 179.
Use of uninitialized value in substitution (s///) at /usr/lib/perl5/site_perl/esmith/FormMagick.pm line 237, <LEXIN> line 410.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi/XML/Parser/Expat.pm line 474.
Use of uninitialized value in print at /usr/lib/perl5/site_perl/CGI/FormMagick/Setup.pm line 179.
smeserver trap post-install: smeserver-remoteuseraccess

Installed: smeserver-remoteuseraccess.noarch 0:1.2-10
Complete!
==============================================================
I just want to make sure nothing it wrong it does complete, but I do not understand these messages

Please advise
Thanks
Steve

Title: Gollem
Post by: mrjhb3 on January 20, 2007, 11:23:05 PM

Yes, currently that is normal or non Formmagick panels.  Please check the bug tracker as well.  This has been identified there.

John

Title: Thanks
Post by: Agent86 on January 21, 2007, 03:06:06 AM

Thanks