| | 20 | |
| | 21 | <para> |
| | 22 | <application>repykota</application> behaves differently when it is launched by the |
| | 23 | <literal>root</literal> user, compared to when it is launched by a normal user. |
| | 24 | </para> |
| | 25 | |
| | 26 | <para> |
| | 27 | In the first case, the print quota report will contain current account balance, |
| | 28 | soft and hard limits, number of pages printed since last reset, total number |
| | 29 | of pages printed, total paid, for possibly all users or all groups, depending |
| | 30 | on command line options. |
| | 31 | </para> |
| | 32 | |
| | 33 | <para> |
| | 34 | In the second case, i.e. when <application>repykota</application> is launched by |
| | 35 | a normal user, the user will only be allowed to see informations about himself or |
| | 36 | the groups he his a member of. |
| | 37 | </para> |
| | 39 | <para> |
| | 40 | Any user can limit the report to only one or more printers, by specifying the |
| | 41 | <literal>-P</literal> or <literal>--printer</literal> command line option, |
| | 42 | followed by one or more printer name or wildcard. If more than one printer name |
| | 43 | or wildcard is used, they must be separated by commas. |
| | 44 | </para> |
| | 45 | |
| | 46 | <para> |
| | 47 | Launching <application>repykota</application> with no arguments will generate |
| | 48 | a complete print quota report, depending on what you are allowed to see. |
| | 49 | </para> |
| | 50 | |
| | 51 | <para> |
| | 52 | Use the <literal>--help</literal> command line argument to learn what are |
| | 53 | the different command line options available. |
| | 54 | </para> |
| | 55 | |
| | 109 | |
| | 110 | <para> |
| | 111 | If you install the CGI script as described above, any user will be allowed to view the complete print |
| | 112 | quota report, for all users, groups and printers. This is then a different behavior compared to when |
| | 113 | a normal user wants a print quota report from the command line through <application>repykota</application>. |
| | 114 | If you find this disturbing, then the best is to ask for user authentication whenever the <application>printquota.cgi</application> |
| | 115 | CGI script is accessed. This CGI script will then automatically behave as expected, showing in the print quota |
| | 116 | report only what the authenticated user is allowed to see, just like when he launches <application>repykota</application> |
| | 117 | from the command line. As a special case, if the user authenticates using the <literal>root</literal> username, |
| | 118 | then there's no restriction on what may appear on the print quota report. |
| | 119 | </para> |
| | 120 | |
| | 121 | <para> |
| | 122 | To automatically ask for an authentication dialog whenever the CGI script is accessed, you have to configure |
| | 123 | your web server to do so. If your webserver is <ulink url="http://httpd.apache.org"><application>Apache</application></ulink>, then it's relatively easy. First you have to put |
| | 124 | <application>printquota.cgi</application> in its own subdirectory below your web server's <filename>cgi-bin</filename> |
| | 125 | directory, for example in <filename>cgi-bin/PyKota/</filename>. Then use the <application>htpasswd</application> |
| | 126 | command line tool to create a file which contains usernames and passwords for all your users allowed to see |
| | 127 | the print quota report from a web browser, and put this file outside of the directories served by <application>Apache</application> |
| | 128 | so that nobody could retrieve it. Finally create a file named <filename>.htaccess</filename> in |
| | 129 | <filename>cgi-bin/PyKota/</filename> with appropriate content in it. This file should tell <application>Apache</application> to automatically ask |
| | 130 | for an authentication whenever something from this directory is accessed, and to use the password file previously |
| | 131 | created to match usernames and passwords. |
| | 132 | You may also have to tweak <application>Apache</application>'s default configuration to allow the |
| | 133 | authentication mechanism. |
| | 134 | </para> |
| | 135 | |
| | 136 | <para> |
| | 137 | The detailed procedure to do all this is out of the scope of the present document, please refer to |
| | 138 | <application>Apache</application>'s <ulink url="http://httpd.apache.org/docs-project/">documentation</ulink> |
| | 139 | for all the gory details. |
| | 140 | </para> |
