[PLUG] common authentication for small server/web site?
Galen Seitz
galens at seitzassoc.com
Thu Mar 27 16:43:46 UTC 2008
Thanks to everyone for their suggestions. I decided to go the ldap
route. I now have sshd, postfix, dovecot, apache, squirrelmail,
subversion, viewvc, and trac running on my Centos 5 machine with user
and group data contained in ldap. I have yet to integrate samba.
Here are the two links I found to be the most useful:
http://www.centos.org/docs/5/html/5.1/Deployment_Guide/ch-ldap.html
http://www.ibm.com/developerworks/library/l-openldap/index.html
One gotcha that I encountered was that slapd requires a file named
DB_CONFIG in /var/lib/ldap. It took a while before I stumbled onto a
link that explained the problem. Note that the file should be edited
to better suit your requirements.
cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
vi /var/lib/DB_CONFIG
A second ugly bit was my caused by my desire to support both svn+ssh
and http access to subversion. This requires running apache with a
umask of 002 in order to avoid permission problems. It's somewhat
ugly to change the umask because apache can be started by either
apachectl or /etc/init.d/httpd. I didn't want to have to touch either
one of these, much less both. Instead, I hacked a Mandriva spec file,
and built and installed an rpm for an apache module call mod_umask.
Now, of course, I have more questions, but I'll start a new thread for
those.
thanks,
galen
More information about the PLUG
mailing list