ACL role based authorization missing mod_env apache2 module -> SetEnvIf?
Hi,
I have done step by step all the thinks described here: http://www.stor2rrd.com/apache_auth.htm
But the problem in my apache2 config is that I can't have the mod_env https://httpd.apache.org/docs/2.4/mod/mod_env.html#setenv
that is used in the .htaccess file
$ cat html/.htaccess
SetEnv XORUX_ACCESS_CONTROL 1
I have instead the setenvif module available in my apache config, so could you please let me know how to edit the SetEnv Line to use SetEnvIf https://httpd.apache.org/docs/2.4/mod/mod_setenvif.html#setenvif
Thank you very much.
apache error_log output:
[Wed Oct 11 08:13:11 2017] [alert] [client 192.168.1.12] /var/opt/stor2rrd/www/.htaccess: Inval
id command 'SetEnv', perhaps misspelled or defined by a module not included in the server con
figuration
I have done step by step all the thinks described here: http://www.stor2rrd.com/apache_auth.htm
But the problem in my apache2 config is that I can't have the mod_env https://httpd.apache.org/docs/2.4/mod/mod_env.html#setenv
that is used in the .htaccess file
$ cat html/.htaccess
SetEnv XORUX_ACCESS_CONTROL 1
I have instead the setenvif module available in my apache config, so could you please let me know how to edit the SetEnv Line to use SetEnvIf https://httpd.apache.org/docs/2.4/mod/mod_setenvif.html#setenvif
Thank you very much.
apache error_log output:
[Wed Oct 11 08:13:11 2017] [alert] [client 192.168.1.12] /var/opt/stor2rrd/www/.htaccess: Inval
id command 'SetEnv', perhaps misspelled or defined by a module not included in the server con
figuration
Comments
-
Hello,
the easiest way is to enable mod_env module in your apache config.
If it's not possible, use SetEnvIf with condition that is always true, something like this:SetEnvIf Remote_Addr ".*" XORUX_ACCESS_CONTROL=1
-
thanks Jirka.
But now I got following error:[Wed Oct 11 10:19:47 2017] [error] [client 192.168.1.12] client denied by server configuration: /var/opt/stor2rrd/www/
-
Looks like Apache has no access to dir, please check apache permissions on /var/opt/stor2rrd/www
-
I didn't change the permissions of the directory.
When I remove the ACL settings in the vhosts and etc then the website works fine
-
Maybe it's all a problem because we use apache 2.2
# httpd2 -v
Server version: Apache/2.2.12 (Linux/SUSE)
Server built: Mar 8 2017 08:30:02
-
here is my current vhosts config:
# cat stor2rrd.conf
Alias /stor2rrd/ "/var/opt/stor2rrd/www/"
<Directory "/var/opt/stor2rrd/www" >
AllowOverride AuthConfig FileInfo
Options Indexes FollowSymLinks Includes MultiViews
Require all granted
</Directory>
# CGI-BIN
ScriptAlias /stor2rrd-cgi/ "/var/opt/stor2rrd/stor2rrd-cgi/"
<Directory "/var/opt/stor2rrd/stor2rrd-cgi">
AllowOverride AuthConfig FileInfo
SetHandler cgi-script
Options ExecCGI Includes
Require all granted
</Directory>
-
I see, there are some differences between 2.2 and 2.4 version. Try to change Require lines as per docu:
https://httpd.apache.org/docs/current/upgrading.html2.2 configuration:Order allow,deny
Allow from all
2.4 configuration:Require all granted
-
thank you Jirka for the apche doc link
I have changed the lines in the vhosts config and now I can see to the website.
the problem is now, that i don't see any storage system that I have configured before.
the apache error_log is empty.
when i remove the new settings in the vhosts and restart the apache webserver all my old configured storage sub systems are visible but with the new settings there are all gone.
any idea?
thank you for your help
-
Hello,
did you get login dialog? Are you ACL admin? Can you see User management in left menu? -
Hi Jirka,
I got no login dialog?
I see only the left menu but if I try to click on a menu point nothing happens
Howdy, Stranger!
Categories
- 1.6K All Categories
- 48 XORMON NG
- 25 XORMON
- 153 LPAR2RRD
- 13 VMware
- 16 IBM i
- 2 oVirt / RHV
- 4 MS Windows and Hyper-V
- Solaris / OracleVM
- XenServer / Citrix
- Nutanix
- 7 Database
- 2 Cloud
- 10 Kubernetes / OpenShift / Docker
- 124 STOR2RRD
- 19 SAN
- 7 LAN
- 17 IBM
- 3 EMC
- 12 Hitachi
- 5 NetApp
- 15 HPE
- Lenovo
- 1 Huawei
- 2 Dell
- Fujitsu
- 2 DataCore
- INFINIDAT
- 3 Pure Storage
- Oracle