Koozali.org: home of the SME Server

Obsolete Releases => SME 7.x Contribs => Topic started by: hawk on September 16, 2009, 05:10:20 PM

Title: Sarg
Post by: hawk on September 16, 2009, 05:10:20 PM: Hi guys

Does any one know how to remove admin password when opening the sarg report on the manager. For example i want a particular user using the user-manager to be able to view the sarg reports but i don't want them to have the admin password.

Many thanks
John.
Title: Re: Sarg
Post by: dadoudidon on September 16, 2009, 06:46:26 PM: I don't know how to remove the logging request for sarg but you can grant access to specifics users to the server-manager panel. Admin can select what panels users can access.
You can use http://www.dungog.net/wiki/Usermanager#User_Manager and see if it can match your goal.

David

PS: have a look in /etc/sarg/sarg.conf
PPS: http://bugs.contribs.org/show_bug.cgi?id=2931
Title: Re: Sarg
Post by: janet on September 17, 2009, 04:17:05 AM: hawk

See this howto. It obviously refers to the lprng print monitor and not to sarg, but the "issue" appears to be similar. You will need to determine which custom template to use etc.
http://wiki.contribs.org/Print_queue_monitor_user_access

The bug link provided in this thread refers to this "issue" also occurring with other apps
http://bugs.contribs.org/show_bug.cgi?id=2931
Title: Re: Sarg
Post by: chriscosta on September 17, 2009, 04:34:08 AM: Hi Hawk,

Do the following:

mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
wget http://mail.tw.co.nz/contribs/90e-smithAccess20sarg
expand-template /etc/httpd/conf/httpd.conf
/etc/rc7.d/S86httpd-e-smith restart

The custom template "90e-smithAccess20sarg" is based on the one Mary mentioned. That should remove the password prompting when an ordinary user tries to access sarg from their user-manager.
Title: Re: Sarg
Post by: dadoudidon on September 17, 2009, 09:25:59 AM: Hello chris!
Are you sure about that?
Code: [Select]
{ my $externalSSLAccess = ''; my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none'; $validFrom =~ s/,/ /g; $validFrom =~ s:/255.255.255.255::g; unless ($validFrom eq 'none') { $externalSSLAccess = $validFrom; } $OUT .= <<HERE; #----------------------------------------------------------------------------- # SARG generated squid access log reports web repository #----------------------------------------------------------------------------- Alias /squid /var/www/sarg <Directory /var/www/sarg> AllowOverride None Options +Indexes order deny,allow deny from all allow from $localAccess $externalSSLAccess AuthName "SME Server Manager" AuthType Basic AuthExternal pwauth require valid-user </Directory> #----------------------------------------------------------------------------- # End of SARG generated squid access log reports web repository #----------------------------------------------------------------------------- HERE } [root@wai002sv httpd.conf]# cat 90e-smithAccess20sarg { my $externalSSLAccess = ''; my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none'; $validFrom =~ s/,/ /g; $validFrom =~ s:/255.255.255.255::g; unless ($validFrom eq 'none') { $externalSSLAccess = $validFrom; } $OUT .= <<HERE; #----------------------------------------------------------------------------- # SARG generated squid access log reports web repository #----------------------------------------------------------------------------- Alias /squid /var/www/sarg <Directory /var/www/sarg> AllowOverride None Options +Indexes order deny,allow deny from all allow from $localAccess $externalSSLAccess AuthName "SME Server Manager" AuthType Basic AuthExternal pwauth require valid-user </Directory> #----------------------------------------------------------------------------- # End of SARG generated squid access log reports web repository #----------------------------------------------------------------------------- HERE } [root@wai002sv httpd.conf]# ls 88Isoqlog 90e-smithAccess20sarg 90e-smithAccess40LPRng VirtualHosts [root@wai002sv httpd.conf]# cat [root@wai002sv httpd.conf]# cat 90e-smithAccess20sarg { my $externalSSLAccess = ''; my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none'; $validFrom =~ s/,/ /g; $validFrom =~ s:/255.255.255.255::g; unless ($validFrom eq 'none') { $externalSSLAccess = $validFrom; } $OUT .= <<HERE; #----------------------------------------------------------------------------- # SARG generated squid access log reports web repository #----------------------------------------------------------------------------- Alias /squid /var/www/sarg <Directory /var/www/sarg> AllowOverride None Options +Indexes order deny,allow deny from all allow from $localAccess $externalSSLAccess AuthName "SME Server Manager" AuthType Basic AuthExternal pwauth require valid-user </Directory> #----------------------------------------------------------------------------- # End of SARG generated squid access log reports web repository #----------------------------------------------------------------------------- HERE }
I think that this is enough:
Code: [Select]
{ my $externalSSLAccess = ''; my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none'; $validFrom =~ s/,/ /g; $validFrom =~ s:/255.255.255.255::g; unless ($validFrom eq 'none') { $externalSSLAccess = $validFrom; } $OUT .= <<HERE; #----------------------------------------------------------------------------- # SARG generated squid access log reports web repository #----------------------------------------------------------------------------- Alias /squid /var/www/sarg <Directory /var/www/sarg> AllowOverride None Options +Indexes order deny,allow deny from all allow from $localAccess $externalSSLAccess AuthName "SME Server Manager" AuthType Basic AuthExternal pwauth require valid-user </Directory> #----------------------------------------------------------------------------- # End of SARG generated squid access log reports web repository #----------------------------------------------------------------------------- HERE }

David
Title: Re: Sarg
Post by: chriscosta on September 17, 2009, 10:45:19 PM: You are absolutely right. I think I've copied and pasted more than I should :)
I have already fixed the file on my end so it should be fine now.
Sorry about that.
Title: Re: Sarg
Post by: dadoudidon on September 17, 2009, 11:36:35 PM: no prob
thanks for your job
David
Title: Re: Sarg
Post by: hawk on September 18, 2009, 04:00:17 PM: Hi Guys
Thanks for all the help and leads. I have tried all the suggested ideas, but sadly non of them have worked for me.
I have decided to leave the SME server as is and include an untangle server in parallel. Changed the gateway on the workstations.
This in actual fact has released a load off a very busy SME. The untangle gives me a lot more control / reporting / blocking internet traffic. The business owner is very happy.

All the workstations get internet through the untangle server, and all the other server equipment uses the SME as their gateway. So far all is working fine.

I know a big change just to allow someone access to the internet traffic reports, i prefer it that way rather than giving out the admin password. The untangle has been in for 2 days and already some staff are up for disciplinary hearings for internet violations.

thanks again
Title: Re: Sarg
Post by: janet on September 18, 2009, 04:06:40 PM: hawk

Quote
I have tried all the suggested ideas, but sadly non of them have worked for me.

Probably because you did not implement them correctly.

Quote
The untangle has been in for 2 days and already some staff are up for disciplinary hearings for internet violations.

....and already if you look at http://bugs.contribs.org/show_bug.cgi?id=2931
a new sarg release is available that has a fix for your issue....