Closed Bug 177997 Opened 22 years ago Closed 16 years ago

Bugzilla Docs: Installing with AOLserver

Categories

(Bugzilla :: Documentation, defect, P4)

2.17
x86
Windows 2000
defect

Tracking

()

RESOLVED WONTFIX

People

(Reporter: justdave, Unassigned)

References

Details

Subject: Bugzilla Docs: Installing with AOLserver
From: Ben FrantzDale <bfrantzdale@hmc.edu>
To: justdave@syndicomm.com
Date: 01 Nov 2002 16:11:53 -0800

The documentation asks for users experience seting up Bugzilla with web
servers other than Apache. Here is my experience setting it up with
AOLserver.

--Ben

=============================================

Setting up Bugzilla with AOLserver is fairly streightforward. After
following the normal Bugzilla installation instructions and after
installing AOLserver, only two things have to be done.
<ol>
  <LI> AOLserver has to be setup to use CGI if it isn't already. This is
covered in the AOLserver documentation.

  <LI> AOLserver needs to be told not to display sensative files.
    <BR> Because AOLserver does not use <tt>.htaccess</tt> files, this
needs to be done differnetly. Create a file
<tt>aolserver/modules/tcl/filter.tcl</tt> (the filename shouldn't
matter). In this file put the following lines where on this computer
bugzilla is at <tt>www.myserver.com/cgi/</tt>:

<pre>
ns_register_filter preauth GET /cgi/localconfig filter_deny
ns_register_filter preauth GET /cgi/*.pl filter_deny
ns_register_filter preauth GET /cgi/localconfig filter_deny
ns_register_filter preauth GET /cgi/processmail filter_deny
ns_register_filter preauth GET /cgi/syncshadowdb filter_deny
ns_register_filter preauth GET /cgi/runtests.sh filter_deny

proc filter_deny { why } {
    ns_log Notice "filter_deny"
    return "filter_return"
}
</pre>

Change <tt>/cgi/</tt> to the appropriate location on your computer.
</ol>
Status: NEW → ASSIGNED
Matthew is still going to be around to help out, but Jake is taking over the
day-to-day front-line triage type stuff for Documentation
Assignee: matthew → jake
Status: ASSIGNED → NEW
Priority: -- → P4
Depends on: 191034
Ben, I just started putting this into the guide and had the following observations

* localconfig is listed twice
* This doesn't seem to account for webdot (maybe not important, but observed)
* This doesn't seem to block data/ or template/ (making above point pointless)
* This doesn't accound for bug 186383 (editor backups)

BTW, thanks for the contribution... and for future reference, it's easier if you
just submit as plain text than with the HTML tags (HTML and docbook are similar
in syntax, but not even close on actual tags).
* localconfig is listed twice

Oops.

* This doesn't seem to account for webdot (maybe not important, but observed)

Hmm... I'm not sure how to do that. I'll work on it.

* This doesn't seem to block data/ or template/ (making above point pointless)

True. See below.

* This doesn't accound for bug 186383 (editor backups)

Wow. That's not good. Time to change my password. (Fixed below)

ns_register_filter preauth GET /cgi/localconfig filter_deny
ns_register_filter preauth GET /cgi/localconfig~ filter_deny
ns_register_filter preauth GET /cgi/\#localconfig\# filter_deny
ns_register_filter preauth GET /cgi/*.pl filter_deny
ns_register_filter preauth GET /cgi/processmail filter_deny
ns_register_filter preauth GET /cgi/syncshadowdb filter_deny
ns_register_filter preauth GET /cgi/runtests.sh filter_deny
ns_register_filter preauth GET /cgi/data/* filter_deny
ns_register_filter preauth GET /cgi/template/* filter_deny
                                                                                
proc filter_deny { why } {
    ns_log Notice "filter_deny"
    return "filter_return"
}
                                                                                
I just put these additional lines in the docs and changed the <warning/>. I also
added a <note/> about webdot. I did change the /cgi/ to /bugzilla/ (same as I
did last time) and also removed the line for processmail (as it no longer exists
on the tip).

Unless you have more to add, I guess this is FIXED :)

BTW, next time I checking the .html version of the guide, this section will be at:
http://www.bugzilla.org/docs/html/http.html#http-aol
(the section from comment 0 is there now).
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Target Milestone: --- → Bugzilla 2.18
I figured out how to do the IP blocking. I'll describe it in a way that should
be easy to integrate into the existing documentation:

Because the nscgi module only deals with cgi scripts, you will need to make it
possible for AOLserver to display pages in the bugzilla tree. One way to do this
is to create a symlink from AOLserver's $pageroot to your bugzilla directory.


Next, put the following into a aolserver/modules/tcl/filter.tcl file. 


proc filter_deny { why } { # a deny filter
    ns_log Notice "filter_deny" ${why} #log the deny
    return "filter_return" #filter_return  tells AOLserver to give up.
}

proc filter_webdot { why } { # a filter to allow webdot access
    set addr [ns_conn peeraddr]  # Find out what IP we are serving
    set webdotServer "192.20.225.10" # Note what the webdot server's IP is.
#    ns_log Notice "using ${addr}" # For debuging we could log who is accessing
    
    if { [string equal $webdotServer $addr] } { #Check to see if this is lagit
#	ns_log Notice "filter_break ${addr} ${why}" #We could log legal accesses
	return "filter_break"; #filter_break lets the request go through
    } else {
	ns_log Notice "blocking IP: ${addr} ${why}"
	return "filter_return" # tell AOLserver to give up
    }
    return "filter_return"
    ns_returnnotfound # I'm not sure what this does, but without it we have errors.
}


# This if statement prevents the filters from being initialized more than once.
# It's not necessary, but it's recomended in the AOLserver docs.
ns_share -init {set filters_installed 0} filters_installed
if {!$filters_installed} {
    ns_register_filter preauth GET /cgi/localconfig filter_deny
    ns_register_filter preauth GET /cgi/localconfig~ filter_deny
    ns_register_filter preauth GET /cgi/\#localconfig\# filter_deny
    ns_register_filter preauth GET /cgi/*.pl filter_deny
    ns_register_filter preauth GET /cgi/processmail filter_deny
    ns_register_filter preauth GET /cgi/syncshadowdb filter_deny
    ns_register_filter preauth GET /cgi/runtests.sh filter_deny
    ns_register_filter preauth GET /cgi/data/webdot/* filter_webdot 
    ns_register_filter preauth GET /cgi/data/* filter_deny
    ns_register_filter preauth GET /cgi/template/* filter_deny
}

Reopening to put this new information on the radar.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Jake is leaving for a while (Reserve unit got called up), and we don't have a
new docs owner yet.  Anyone interested in helping out, please add
documentation@bugzilla.org to your watch list in your email preferences in Bugzilla.
Assignee: jake → documentation
Status: REOPENED → NEW
I see that Jake has already done most of this... Yay Jake!

I'm mucking around in the Web Server section of lately, however, so I'll get 
the rest of this information in as well.
Assignee: documentation → travis
QA Contact: mattyt-bugzilla → default-qa
Assignee: shane.h.w.travis → documentation
Target Milestone: Bugzilla 2.18 → Bugzilla 2.20
Is this doc still wanted? Is AOLserver largely used? Or can we close this bug as WONTFIX?
Target Milestone: Bugzilla 2.20 → Bugzilla 2.22
WONTFIX unless somebody else says they use it. In any case, the info is here in the bug.
Status: NEW → RESOLVED
Closed: 21 years ago16 years ago
Resolution: --- → WONTFIX
Target Milestone: Bugzilla 2.22 → ---
You need to log in before you can comment on or make changes to this bug.