ACL role based authorization missing mod_env apache2 module -> SetEnvIf?

master07
edited October 2017 in STOR2RRD
Hi,

I have done step by step all the thinks described here: http://www.stor2rrd.com/apache_auth.htm

But the problem in my apache2 config is that I can't have the mod_env https://httpd.apache.org/docs/2.4/mod/mod_env.html#setenv
that is used in the .htaccess file
$ cat  html/.htaccess
SetEnv XORUX_ACCESS_CONTROL 1

I have instead the setenvif module available in my apache config, so could you please let me know how to edit the SetEnv Line to use SetEnvIf https://httpd.apache.org/docs/2.4/mod/mod_setenvif.html#setenvif

Thank you very much.

apache error_log output:
[Wed Oct 11 08:13:11 2017] [alert] [client 192.168.1.12] /var/opt/stor2rrd/www/.htaccess: Inval
id command 'SetEnv', perhaps misspelled or defined by a module not included in the server con
figuration




Comments

  • Hello,

    the easiest way is to enable mod_env module in your apache config.
    If it's not possible, use SetEnvIf with condition that is always true, something like this:
    SetEnvIf Remote_Addr ".*" XORUX_ACCESS_CONTROL=1


  • thanks Jirka.

    But now I got following error:

    [Wed Oct 11 10:19:47 2017] [error] [client 192.168.1.12] client denied by server configuration: /var/opt/stor2rrd/www/

  • Looks like Apache has no access to dir, please check apache permissions on /var/opt/stor2rrd/www 
  • I didn't change the permissions of the directory.
    When I remove the ACL settings in the vhosts and etc then the website works fine
  • Maybe it's all a problem because we use apache 2.2

    # httpd2 -v
    Server version: Apache/2.2.12 (Linux/SUSE)
    Server built:   Mar  8 2017 08:30:02

  • here is my current vhosts config:

    # cat stor2rrd.conf 
    Alias /stor2rrd/  "/var/opt/stor2rrd/www/"
    <Directory "/var/opt/stor2rrd/www" >
        AllowOverride AuthConfig FileInfo
        Options Indexes FollowSymLinks Includes MultiViews
        Require all granted
    </Directory>
    # CGI-BIN
    ScriptAlias /stor2rrd-cgi/ "/var/opt/stor2rrd/stor2rrd-cgi/"
    <Directory "/var/opt/stor2rrd/stor2rrd-cgi">
        AllowOverride AuthConfig FileInfo
        SetHandler cgi-script
        Options ExecCGI Includes
        Require all granted
    </Directory>


  • I see, there are some differences between 2.2 and 2.4 version. Try to change Require lines as per docu:
    https://httpd.apache.org/docs/current/upgrading.html

    2.2 configuration:
    Order allow,deny
    Allow from all

    2.4 configuration:
    Require all granted
  • thank you Jirka for the apche doc link
    I have changed the lines in the vhosts config and now I can see to the website.
    the problem is now, that i don't see any storage system that I have configured before.
    the apache error_log is empty.
    when i remove the new settings in the vhosts and restart the apache webserver all my old configured storage sub systems are visible but with the new settings there are all gone.

    any idea?

    thank you for your help
  • Hello, 

    did you get login dialog? Are you ACL admin? Can you see User management in left menu?
  • Hi Jirka,

    I got no login dialog?
    I see only the left menu but if I try to click on a menu point nothing happens
Sign In or Register to comment.