90 lines
4.3 KiB
Text
90 lines
4.3 KiB
Text
|
1. Copy ezmlm-web.cgi to some publically readable directory. It does not
|
||
|
have to be in a path accessible to your web server, but any user with a
|
||
|
mailing list must be able to run it (Check the read and execute rights
|
||
|
on both the file and directory). We put our copy in
|
||
|
/usr/local/bin ...
|
||
|
|
||
|
3. Edit the ezmlmwebrc file and alter the variables at the top to suit
|
||
|
your particular system. In particular, you will probably have to change
|
||
|
the $ENV{'PATH'} variable. Be particularly careful about what you set
|
||
|
as the path. Too much is a security risk and too little will cause the
|
||
|
script to malfunction. Version 2.0 requires that the following programs
|
||
|
be accessible in your path; mv, rm
|
||
|
|
||
|
Also be careful about the $LIST_DIR variable. This script assumes that
|
||
|
all users store their mailing lists in the same sub directory of the
|
||
|
home directory (eg ~/lists). You can override this for an individual
|
||
|
user by recompiling the C wrapper to call ezmlm-web.cgi with a -d
|
||
|
option.
|
||
|
|
||
|
Other configurable options are documented in the ezmlmwebrc file
|
||
|
itself. I have tried to keep the amount of information that you need to
|
||
|
supply to a minimum and also make reasonable guesses about default
|
||
|
values.
|
||
|
|
||
|
finally, copy the ezmlmwebrc file and the "lang" directory to one of
|
||
|
the following places:
|
||
|
- /etc/ezmlm
|
||
|
- the home directory of the user that runs ezmlm-web.cgi
|
||
|
- the directory, that contains your ezmlm-web.cgi file
|
||
|
|
||
|
4. Edit the index.c file and change the path to the path of your copy
|
||
|
of ezmlm-web.cgi. Then compile this file. You can do this by issuing
|
||
|
the command; gcc -o index.cgi index.c
|
||
|
|
||
|
5. For every user/virtual host that needs to manage mailing lists, you
|
||
|
need to create a SUID (user not root!!) copy of index.cgi (see
|
||
|
chmod(1) for details). These need to reside somewhere accessible by
|
||
|
the web server. I suggest that you put them in a sub directory (see
|
||
|
about security) of each user/virtual host's home directory (eg
|
||
|
/home/luser/public_html/ezmlm for Apache on Redhat).
|
||
|
|
||
|
The copies don't actually have to be called index.cgi, but it is nice
|
||
|
for web servers that can resolve a cgi script as an index page (see the
|
||
|
srm.conf file in Apache). It is important to make sure that whichever
|
||
|
directory you choose to put them can i: Execute CGI Scripts and ii: Be
|
||
|
access controlled (here I mean both web and user access) by some method
|
||
|
(eg .htaccess, access.conf for Apache).
|
||
|
|
||
|
6. Install some method of securing access to the page. The following
|
||
|
information is applicable to Apache web servers ... Detailed
|
||
|
information on user authentication can be obtained from the Apache
|
||
|
documentation (http://www.apache.org) and ApacheWeek
|
||
|
(http://www.apacheweek.com/features/userauth)
|
||
|
|
||
|
6.1 Ensure that your Apache setup will allow .htaccess file to control
|
||
|
access in the directory that contains. This is controlled by the
|
||
|
AllowOverride tag in access.conf. (Also ensure you have the
|
||
|
necessary Apache modules installed)
|
||
|
|
||
|
6.2 Create a htpasswd file. This is done using the htpasswd command that
|
||
|
comes with Apache. Its command line syntax is;
|
||
|
htpasswd [-c] passwordfile username
|
||
|
|
||
|
You need to put the passwordfile somewhere that is not accessible by
|
||
|
people through the web, and create an entry for each user you want
|
||
|
to have access ... See the ApacheWeek article for more details.
|
||
|
|
||
|
6.3 Create a .htaccess file in the directory that contains index.cgi.
|
||
|
Note that using Apache's built in access control, you can only control
|
||
|
access to directories, not individual files, hence the need for a
|
||
|
sub-directory in step 5.
|
||
|
|
||
|
The format of the .htaccess file should be along the lines of this;
|
||
|
|
||
|
AuthName EZ Mailing List Manager
|
||
|
AuthType Basic
|
||
|
AuthUserFile /path/to/passwordfile
|
||
|
require valid-user # or require user username
|
||
|
|
||
|
Again, see the ApacheWeek article for details.
|
||
|
|
||
|
7. Test the installation through the web. You should be asked for a
|
||
|
username and password (supplied in 6.2) and then be presented with a
|
||
|
screen entitled EZ Mailing List Manger. You can then try to create and
|
||
|
edit mailing lists ... Have Fun :)
|
||
|
|
||
|
If you have any problems, then you can:
|
||
|
- take a look at https://systemausfall.org/toolforge/ezmlm-web
|
||
|
- send me an email: ezmlm-web@sumpfralle.de
|