- Timestamp:
- 02/28/05 23:29:25 (20 years ago)
- Location:
- pykota/trunk/docs
- Files:
-
- 3 modified
Legend:
- Unmodified
- Added
- Removed
-
pykota/trunk/docs/installation.sgml
r2115 r2116 104 104 is not necessary though if your Quota Storage Server and your Print Server are 105 105 the very same host. 106 </para> 107 108 <para> 109 Here's an excerpt from a <filename>pg_hba.conf</filename> file. This one rejects all 110 connections to PyKota's database excepted when made from the same host by <application>PostgreSQL</application> users 111 <literal>pykotauser</literal> or <literal>pykotaadmin</literal> with the correct password. 112 <screen> 113 local all postgres ident sameuser 114 local all all reject 115 host pykota pykotauser 127.0.0.1 255.255.255.255 crypt 116 host pykota pykotaadmin 127.0.0.1 255.255.255.255 crypt 117 host pykota all 127.0.0.1 255.255.255.255 reject 118 </screen> 119 </para> 120 121 <para> 122 Of course if your print server and your database servers have different <acronym>IP</acronym> 123 addresses, you have to replace the <literal>127.0.0.1</literal> address above with your print 124 server's <acronym>IP</acronym> address. 106 125 <tip> 107 126 <title>Tip</title> … … 133 152 is waiting for your connections, you have to create the Quota Storage DataBase. 134 153 To do so, you'll have to feed <application>PostgreSQL</application> with the 135 <filename>pykota- x.xx/initscripts/postgresql/pykota-postgresql.sql</filename> file.154 <filename>pykota-1.21/initscripts/postgresql/pykota-postgresql.sql</filename> file. 136 155 This file will create a Quota DataBase administrator in the <application>PostgreSQL</application> system, then create an empty 137 156 Quota DataBase and set some permissions on it. The Quota DataBase administrator … … 144 163 This read-only user is used by <application>PyKota</application> to connect to the 145 164 Quota Storage when an user who is not a <application>PyKota</application> administrator 146 <footnote><para>a <application>PyKota</application> administrator is an user who can read the <filename> /etc/pykota/pykotadmin.conf</filename> file.</para></footnote>165 <footnote><para>a <application>PyKota</application> administrator is an user who can read the <filename>~pykota/pykotadmin.conf</filename> file.</para></footnote> 147 166 launches a pykota command. This prevents normal 148 167 users from being able to modify their own, or other users', quota information. … … 221 240 take any other step as needed. Please refer to <application>PostgreSQL</application>'s 222 241 documentation for details. Also if <application>PyKota</application>'s configuration 223 file <filename> /etc/pykota/pykotadmin.conf</filename> is readable by anyone with access on your file system,242 file <filename>~pykota/pykotadmin.conf</filename> is readable by anyone with access on your file system, 224 243 a local user could create some script to modify his own print quota. 225 244 <warning> … … 375 394 376 395 <para> 377 Once you have chosen and created your directory structure, you have to modify PyKota's configuration files <filename> /etc/pykota/pykota.conf</filename>378 and <filename> /etc/pykota/pykotadmin.conf</filename>396 Once you have chosen and created your directory structure, you have to modify PyKota's configuration files <filename>~pykota/pykota.conf</filename> 397 and <filename>~pykota/pykotadmin.conf</filename> 379 398 to set some LDAP specific options and binding <literal>dn</literal>s. The easiest is 380 399 probably to give a look at … … 559 578 </para> 560 579 <para> 561 You have to copy these files into the <filename> /etc/pykota</filename>580 You have to copy these files into the <filename>~pykota</filename> 562 581 directory (you have to create it before), under the respective names <filename>pykota.conf</filename> and 563 582 <filename>pykotadmin.conf</filename>. Once copied there, you just … … 575 594 576 595 <para> 577 Please create a backup copy of the <filename> /etc/pykota</filename>596 Please create a backup copy of the <filename>~pykota</filename> 578 597 directory before modifying a working installation. 579 598 </para> … … 595 614 double check their permissions, otherwise your installation may be 596 615 insecure or may not work at all. 597 The main configuration file <filename> /etc/pykota/pykota.conf</filename>616 The main configuration file <filename>~pykota/pykota.conf</filename> 598 617 doesn't contain much sensitive information, so it can be made 599 618 readable by anyone. If normal users read this file, at best they 600 619 will learn the username and optional password of the read-only 601 620 database user, so they won't be allowed to do any harm. 602 On the other hand, the <filename> /etc/pykota/pykotadmin.conf</filename>621 On the other hand, the <filename>~pykota/pykotadmin.conf</filename> 603 622 file contains the read-write user's identity and password. You must then 604 623 ensure that no normal user can read this file. It should only be readable … … 608 627 with CUPS, here's how to do to give the correct permissions : 609 628 <screen> 610 $ chown root.root /etc/pykota/pykota.conf611 $ chmod 644 /etc/pykota/pykota.conf612 $ chown lp.lpadmin /etc/pykota/pykotadmin.conf613 $ chmod 640 /etc/pykota/pykotadmin.conf629 $ chown root.root ~pykota/pykota.conf 630 $ chmod 644 ~pykota/pykota.conf 631 $ chown lp.lpadmin ~pykota/pykotadmin.conf 632 $ chmod 640 ~pykota/pykotadmin.conf 614 633 </screen> 615 634 … … 617 636 <title>Warning</title> 618 637 <para> 619 All the users allowed to read the <filename> /etc/pykota/pykotadmin.conf</filename>638 All the users allowed to read the <filename>~pykota/pykotadmin.conf</filename> 620 639 are considered to be <application>PyKota</application> administrators. So be 621 640 careful with these files permissions. … … 763 782 764 783 $Log$ 784 Revision 1.31 2005/02/28 22:29:25 jalet 785 More complete PostgreSQL configuration. 786 Changed all occurences of /etc/pykota/ to ~pykota/ 787 765 788 Revision 1.30 2005/02/28 00:07:37 jalet 766 789 Added pkmail's doc. -
pykota/trunk/docs/pkhint.sgml
r1409 r2116 22 22 some special features which would allow you to use either hardware or software accounting on them, with 23 23 a preference for hardware since it's more reliable. If it can help you, it will print some text which 24 you will be able to copy and paste into <filename> /etc/pykota/pykota.conf</filename>.24 you will be able to copy and paste into <filename>~pykota/pykota.conf</filename>. 25 25 </para> 26 26 … … 52 52 53 53 $Log$ 54 Revision 1.2 2005/02/28 22:29:25 jalet 55 More complete PostgreSQL configuration. 56 Changed all occurences of /etc/pykota/ to ~pykota/ 57 54 58 Revision 1.1 2004/03/18 10:32:23 jalet 55 59 Added pkhint's documentation -
pykota/trunk/docs/repykota.sgml
r2115 r2116 109 109 <para> 110 110 Please ensure that the user your web server is run as, for example <literal>www-data</literal> under 111 Debian, is allowed to read <filename> /etc/pykota/pykota.conf</filename> but for security reasons you112 must ensure that this user <emphasis>is not</emphasis> allowed to read <filename> /etc/pykota/pykotadmin.conf</filename>111 Debian, is allowed to read <filename>~pykota/pykota.conf</filename> but for security reasons you 112 must ensure that this user <emphasis>is not</emphasis> allowed to read <filename>~pykota/pykotadmin.conf</filename> 113 113 </para> 114 114 </note> … … 152 152 153 153 $Log$ 154 Revision 1.10 2005/02/28 22:29:25 jalet 155 More complete PostgreSQL configuration. 156 Changed all occurences of /etc/pykota/ to ~pykota/ 157 154 158 Revision 1.9 2005/02/28 00:07:37 jalet 155 159 Added pkmail's doc.