joerg | hi | 00:48 |
---|---|---|
sbalneav | Eveving all | 01:14 |
joerg | sbalneav, found an answer? :D | 01:20 |
joerg | I am not even sure if I remember correctly what I asked you ^^ | 01:21 |
sbalneav | Eurhg, sitting in a cafe after a full day of "Team Training" at work, waiting for my sons piano lesson to end. | 01:25 |
sbalneav | hold on... | 01:25 |
sbalneav | Yeah, the mail thing. Well, at then end of the day, a mail sever's gotta have a drop box to deliver to. | 01:27 |
sbalneav | usually, that can be handled by procmail | 01:27 |
sbalneav | and procmail can call external programs | 01:27 |
sbalneav | so | 01:27 |
sbalneav | it wouldnt be to hard to set up a "school-newspaper" alias that delivers to a pipe | 01:28 |
sbalneav | the pipe's a program that looks up your group mappings in ldap via your custom schema | 01:29 |
sbalneav | and outputs a list of actual dropboxes to deliver to | 01:29 |
sbalneav | or, if it's a web only group | 01:29 |
sbalneav | could post the message via inserting into whatever your backend is. Postgresql for ex. | 01:30 |
sbalneav | so I think that one could be worked around. | 01:30 |
joerg | yeah, it is postgres of course :) | 01:30 |
joerg | ok, that sounds great | 01:30 |
joerg | haven't really looked at procmail and stuff yet | 01:30 |
sbalneav | I mean, what you're wanting to do isn't MUCH different from a mailing list. | 01:30 |
joerg | I just wonder: do I need users? :) | 01:30 |
sbalneav | all that differes is the back end. | 01:31 |
joerg | I mean real posixAccounts? | 01:31 |
sbalneav | No | 01:31 |
joerg | if the school does not use LTSP? | 01:31 |
sbalneav | not so long as you provide a custom back end delivery program | 01:31 |
joerg | but the mailserver needs accounts, doesn't it? | 01:31 |
sbalneav | which is pretty easy | 01:31 |
sbalneav | Well, the mailserver can get it's accounts from ldap | 01:31 |
joerg | hmm | 01:31 |
joerg | yeah, and that don't need to be posixAccoutns? | 01:32 |
sbalneav | No, you can usually specify whatever you want your filter to be. | 01:32 |
joerg | and how does auth work? the user doesn't have a shadowPassword attribute then?! | 01:32 |
joerg | for the password as well? | 01:33 |
sbalneav | So long as you're not logging into unix itself, no. | 01:33 |
sbalneav | shadowPassword et al. are needed by pam | 01:33 |
joerg | yeah | 01:33 |
sbalneav | if you're not doing pam logins, you can "roll your own" | 01:33 |
sbalneav | I know with postfix, which is what we use, you can set up completely arbitrary user lookup mechanisms | 01:34 |
sbalneav | via the filters | 01:34 |
joerg | cool | 01:34 |
joerg | but maybe posix account is not that bad?! | 01:34 |
joerg | I mean, if people have their accounts already that will be posixAccounts I guess | 01:35 |
sbalneav | right | 01:35 |
joerg | so if I build it on top of possixAccount to be compatible with existing stuff.... | 01:35 |
joerg | and tell them not to use pam_ldap if they don't need it... | 01:35 |
sbalneav | yeah, that would give you the widest dispesion | 01:35 |
joerg | that should be fine, shouldn't it? | 01:35 |
sbalneav | dispersion | 01:36 |
sbalneav | yeah, that would work fine | 01:36 |
joerg | yeah. I just remember what you said ages ago | 01:36 |
joerg | when we were discussing about creating users in a webbased frontend. | 01:36 |
joerg | which is absolutely needed for our setup. | 01:36 |
sbalneav | right, you want to make it as easy as you can for th widest audience. | 01:36 |
joerg | because 199 of 200 schools don't have the know how and resources to run ltsp or learn how to do that via ssh | 01:36 |
joerg | and if I do it like this: web based user management for posixAccounts which can be turned off | 01:37 |
joerg | and is not recommended if you have "real users" with pam_ldap / nss? | 01:37 |
joerg | because 499 of 500 schools will only want to use the web based stuff | 01:38 |
joerg | and the mailserver maybe | 01:38 |
joerg | to fetch their mail | 01:38 |
joerg | no, not even that | 01:39 |
joerg | but the webmail app will need to talk to a mailserver on behalf of the user | 01:39 |
joerg | that's our experience | 01:39 |
joerg | the current configuration (which is highly insecure, I know) has: webbased access, ftp access to home and group dirs, imap(s) to mailserver, samba to home and group dirs | 01:40 |
joerg | and maybe 5 out of thousand uses all these services. | 01:40 |
sbalneav | I know samba for sure's pretty dependent upon the posixAcccount model | 01:43 |
sbalneav | imap's dependent upon the model. | 01:43 |
joerg | sbalneav, hmm....but samba needs real users I think. | 02:24 |
joerg | sbalneav, I mean for filesystem access for example. | 02:24 |
joerg | that would be my next question | 02:25 |
joerg | how can a user that is not a unix user access the filesystem? | 02:25 |
joerg | the webapp can store it in the DB - what files belong to what user | 02:26 |
joerg | and what permissions are set | 02:26 |
Ahmuck-Sr | hrm, i've forgotten what i needed to make a folder under home writeable by all | 03:31 |
Ahmuck-Sr | nm, i just chmod the directory | 03:32 |
=== ubott2 is now known as ubottu | ||
mgariepy | good morning all | 12:27 |
=== etyack1 is now known as etyack_scale | ||
reynolds | can anyone tell me how to give my students read write permission to a shared folder on their desktop? right now whenever on user creates a file its locked to other users. | 22:25 |
sbalneav | You'll need a group to which all the students belong to, i.e. "students" | 22:26 |
sbalneav | Then create the directory owned root, with group ownership students | 22:26 |
sbalneav | then, set the setgid bit on the dir with chmod 2770 dir | 22:27 |
reynolds | ok ill try that. thanks | 22:27 |
sbalneav | then when they create files in the directory, they'll be owned by the group. | 22:27 |
sbalneav | Heading home for the day, back on later tonight. | 22:27 |
lightnin1 | hey highvoltage | 23:56 |
lightnin1 | nixternal? | 23:58 |
highvoltage | hey lightnin1 | 23:58 |
lightnin1 | Hey - I'm sitting here with Mako. We just uploaded a fixes for scratch. Any chance of making it in? http://revu.ubuntuwire.com/p/scratch | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!