Server component Apache
From Kolab wiki
Contents |
Function
Apache is the web server for the Kolab server.
Patches
Apache needs to be able to identify users in the Kolab LDAP tree by using filters that use: (mail=%u) or (uid=%u). For Apache-1.* and Apache-2.0.* this is accomplished using the mod_auth_ldap package. Apache >=2.2 does not need to be patched in order to use such a LDAP filter.
Apache 1.*
| Outdated patch | |
|---|---|
| Patch source: | mod_auth_ldap patch |
| Applies to: | Apache-1.3.33 with mod_auth_ldap |
| Description: | The important feature is being able to use a filter for lookup instead of just a single attribute (uid=%u). This is not supported by Apache. There are two auth_ldap modules available and the external one (mod_auth_ldap) was chosen to be patched. |
| Impact: | The typical use of Kolab is to give the users a uid that is the same as their primary email address. If this is the case, the patch is unnecessary. |
| References: | Kolab bug tracker merge: ID=3 |
| Comment: | The patch becomes unnecessary with Apache >=2.2.* |
Apache 2.0.*
| Outdated patch | |
|---|---|
| Patch source: | mod_auth_ldap-3.05 patch |
| Applies to: | Apache-2.0.* with mod_auth_ldap |
| Description: | Kolab comes with apache-1, while many distributions moved to apache-2 already. But even Apache2 does not support using a filter for lookup instead of just a single attribute (uid=%u). This is not supported by Apache. There are two auth_ldap modules available and the external one (mod_auth_ldap) was chosen to be patched. This is the updated patch for the Apache-2.* version of the mod_auth_ldap module. |
| Impact: | The typical use of Kolab is to give the users a uid that is the same as their primary email address. If this is the case, the patch is unnecessary. |
| References: | Gentoo version of the patch for mod_auth_ldap-3.3: patch |
| Comment: | The patch becomes unnecessary with Apache >=2.2.* |
Apache >=2.2.*
Apache >=2.2.* supports the filters described above so the patches become obsolete. Use the following as configuration directives:
<AuthnProviderAlias ldap ldap-mail> AuthLDAPURL ldap://127.0.0.1:389/"dc=mail,dc=yourdomain,dc=com"?mail </AuthnProviderAlias> <AuthnProviderAlias ldap ldap-uid> AuthLDAPURL ldap://127.0.0.1:389/"dc=mail,dc=yourdomain,dc=com"?uid </AuthnProviderAlias> AuthType Basic AuthName "Kolab Freebusy" AuthBasicProvider ldap-mail ldap-uid Require valid-user
Platform specific notes
OpenPKG
Compile options
--with=mod_auth_ldap --with=mod_dav --with=mod_php --with=mod_php_zlib --with=mod_php_gdbm --with=mod_php_gettext --with=mod_php_imap --with=mod_php_openldap --with=mod_php_xml --with=mod_php_dom --with=mod_ssl
Users
Involved users:
kolab kolab kolab kolab-n root kolab
kolab-r directories and files are:
-rw-r----- 1 kolab kolab-n 10548 Jan 10 10:13 /kolab/etc/apache/apache.conf -rw-r----- 1 kolab kolab-n 30284 Jan 10 10:13 /kolab/etc/apache/php.ini
Suse
Compile options
(suse uses apache2):
Hard to tell the difference as kolab comes with apache1 and suse with apache2.
Users
Involved users:
wwwrun root
Non 'root root' directories and files are:
drwxr-x--- 2 wwwrun root 0 Oct 2 11:20 /var/cache/apache2 drwxr-x--- 2 wwwrun root 0 Oct 2 11:20 /var/lib/apache2
Debian
Compile options
(Debian sarge uses apache1.3):
--enable-suexec --without-confadjust --without-execstrip --enable-shared=max --enable-rule=SHARED_CHAIN --enable-module=most --enable-module=status --enable-module=auth_digest --enable-module=log_referer --enable-module=log_agent --enable-module=auth_db --activate-module=src/modules/extra/mod_macro.c --activate-module=src/modules/perl/libperl.a --disable-shared=perl
Users
Involved users:
www-data www-data
Non 'root root' directories and files are:
/var/cache drwxr-xr-x 2 www-data www-data 4096 2005-02-08 04:34 apache
Gentoo
Use flags
- ldap
- Required.
- ssl
- Required.
Configuration
The Gentoo development branch uses the newest apache-2.2.4 version and has a corresponding configuration. The Gentoo apache configuration provides some additional features that are not available in the standard Kolab server. These will at some point be described in Gentoo - Apache configuration. Currently you can look at the configuration files in the corresponding kolab ebuild.
