Blog Pro de Jean-Baptiste HEREN - Tag - webDAV
Notes d'un consultant Freelance en Informatique
2015-11-03T21:34:19+01:00
JB HEREN
urn:md5:e39389b5ec134d99645112fce3d957df
Dotclear
Build & use mod_auth_user_dir on debian 5.0 Lenny
urn:md5:50d34fc1b85c47db3e6b315260e95613
2010-04-02T12:34:00+02:00
2010-05-30T20:51:29+02:00
Jean-Baptiste Heren
Linux
apachedebiandéveloppement weblinuxwebDAV
<p>In the need of a WebDAV functionnality that could allow one to share users
personal directories with automated authentification, i found an apache module,
auth_user_dir, that looked fine to me on <span class="Apple-style-span" style="line-height: 18px; white-space: pre;"><a href="http://www.genos.org">http://www.genos.org</a> :</span></p>
<blockquote>
<p style="line-height: 1.5em;">You can create private user folders using the
WebDAV protocol. Users will have only permissions to access to their own
directory. Without this module, a htaccess file must be created inside every
user folder. This is completely unmanageable when the number of users is
big.</p>
<p style="line-height: 1.5em;">We can build a file server accessible from
Windows and Linux using the WebDAV protocol and a web server like Apache.
Because the protocol is build upon HTTP, the server uses ports TCP 80 (HTTP)
and TCP 443 (HTTPS). These ports are commonly open in firewalls without any
other special requirement.</p>
</blockquote>
<p><span class="Apple-style-span" style="line-height: 18px; white-space: pre;"><span class="Apple-style-span" style="line-height: normal; white-space: normal;">The module appears to have been
developed in 2004 an <a href="http://matt.colyer.name/projects/mod_auth_user_dir.html">attached
tutorial</a> was referring to some patches that no longer exist. So here
is explained the way I managed to build this module on debian in 2010. I also
found some tricks to make the mysql authentication work. This is a little crap
but <strong>it worked</strong> !</span></span></p> <div style="background-image: initial; background-repeat: initial; background-attachment: initial; -webkit-background-clip: initial; -webkit-background-origin: initial; background- border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-style: none; border-width: initial; border- background-position: initial initial;">
<h2><strong>Prerequisites</strong></h2>
<h4>first install the needed dev packages if those are not already on your
system</h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> apt-get install apache2
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> apache2-threaded-dev
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> libtool
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> libltdl3
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> libltdl3-dev
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> automake
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> make
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> libapache2-mod-auth-mysql
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> libapache2-mod-ldap-userdir
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> libapr1
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"> libapr1-dev
\</span></p>
<h2>Get the module source code (or take the ready to make <a href="http://blog.jbheren.com/public/tuto/mod_auth_user_dir/mod_auth_user_dir.tar.bz2"><span style="font: normal normal normal 18px/normal 'Lucida Grande';"><span class="Apple-style-span" style="text-decoration: none;"><strong>attached
file</strong></span></span></a>)</h2>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> cd /root</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> mkdir src</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> cd src</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'; color: #1e00af">
<span style="letter-spacing: 0.0px color: #000000"><strong>#</strong> wget
<a href="http://www.genos.org/downloads/mod_authuserdir-1.0.tgz"><span style="text-decoration: underline ; letter-spacing: 0.0px">http://www.genos.org/downloads/mod_authuserdir-1.0.tgz</span></a></span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> tar -xzvf
mod_authuserdir-1.0.tgz</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> cd
mod_auth_user_dir/</span></p>
<h4>Then download the replacement files attached or patch </h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> patch -p1 <
Makefile.am.diff</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> patch -p1 <
configure.in.diff</span></p>
<h2>build the module</h2>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> aclocal</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> autoconf</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> automake -a</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> ./configure
--with-apache=/usr/include/apache2</span></p>
<h2>Install the module</h2>
<h4>Build and install library</h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> apxs2 -i -a -n
auth_user_dir libmod_auth_user_dir.la</span></p>
<h4>Create the needed file for activation of this module in apache2, the debian
way</h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> echo 'LoadModule
mod_auth_user_module /usr/lib/apache2/modules/libmod_auth_user_dir.so'
\</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">>
/etc/apache2/mods-available/auth_user_dir.load</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">Enable the needed modules</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> a2enmod
auth_mysql</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> a2enmod dav</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> a2enmod
dav_fs</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> a2enmod
auth_user_dir</span></p>
<h4>Create database and tables for mysql_auth . (Here we assume you already
have mysql running)</h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> mysqladmin -uroot -p
create davusers</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> mysql -uroot -p
davusers</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">mysql> CREATE TABLE users (</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> user_name CHAR(30) NOT
NULL,</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> user_passwd CHAR(20) NOT
NULL,</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> user_group CHAR(10),</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> PRIMARY KEY
(user_name)</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> );</span></p>
<h4>Add one user to database</h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> INSERT INTO
`davusers`.`user_info` (</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> `user_name` ,</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> `user_passwd` ,</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> `user_group`</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> ) VALUES (</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> 'test', 'test',
''</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">> );</span></p>
<h4>Create folder for DAV & users subfolders</h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 13.0px 'Courier New'">
<span style="letter-spacing: 0.0px"># mkdir /var/davshare</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 13.0px 'Courier New'">
<span style="letter-spacing: 0.0px"># mkdir /var/davshare/test</span></p>
<h2>Change apache virtualhost configuration</h2>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Lucida Grande'">
<span style="letter-spacing: 0.0px">Add the following directory to your
virtualhost conf file</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">Alias /webdav /var/davshare</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><Location /webdav></span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"># Activate DAV module on this
location</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">DAV On</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"># Specific auth_user_Dir
Parameter</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong> AuthUserDirRoot
"/var/davsharev"</strong></span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"># auth_mysql parameters</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthName "Secured access"</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthGroupFile /dev/null</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthUserFile /dev/null</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthType Basic</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthBasicAuthoritative Off</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL On</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Host localhost</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_User admin</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Password mmypassword</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Authoritative on</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_DB davusers</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Password_Table
user_info</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Username_Field
user_name</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Password_Field
user_passwd</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Group_Field user_group</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Group_Table user_info</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">AuthMySQL_Encryption_Types Plaintext
PHP_MD5 Crypt_DES</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><Limit GET PUT POST DELETE PROPFIND
PROPPATCH MKCOL COPY MOVE LOCK UNLOCK></span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">require valid-user</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"></Limit></span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"></Location></span></p>
<h4>Restart Apache2</h4>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> /etc/init.d/apache2
restart</span></p>
<h2>Does it works ?</h2>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Lucida Grande'">
<span style="letter-spacing: 0.0px">If you are on a linux, then you can test
your connexion with a command line client : cadaver.</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 13.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> apt-get install
cadaver</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 13.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>#</strong> cadaver
my.virtual.host/webdav/test</span></p>
<br />
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Lucida Grande'">
<span style="letter-spacing: 0.0px">cadaver should ask you a username and
password. type the ones you added in mysql table and you should see a dav
prompt like it :</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px"><strong>dav:/webdav/></strong>
ls</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">Listing collection `/webdav/':
succeeded.</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">Coll: test
0 Apr 2 16:14</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Courier New'">
<span style="letter-spacing: 0.0px">Coll: notme
0 Apr 2 16:14</span></p>
<br />
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Lucida Grande'">
<span style="letter-spacing: 0.0px">Then if you try to access to a folder
different from the user you specified at logon, you will be asked for the
correct username and password.</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Lucida Grande'">
<span style="letter-spacing: 0.0px">So it should work. the last issue is that
users can see the list on folders in the dav share, even if they cannot see the
contents. If anyone has an idea to fix this issue ...</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Lucida Grande'">
<span style="letter-spacing: 0.0px">Also here is a nice description on how you
can get connected to a webDAV Share using Any operating system : <a href="http://plone.org/documentation/kb/webdav"><span style="text-decoration: underline ; letter-spacing: 0.0px color: #1e00af">http://plone.org/documentation/kb/webdav</span></a>.</span></p>
<br />
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Lucida Grande'">
<span style="letter-spacing: 0.0px">I hope this will help someone, it already
helped myself :)</span></p>
</div>