Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo User (http://www.linux-archive.org/gentoo-user/)
-   -   Gentoo location for squirrelmail attachments (http://www.linux-archive.org/gentoo-user/608075-gentoo-location-squirrelmail-attachments.html)

Stroller 12-08-2011 06:37 PM

Gentoo location for squirrelmail attachments
 
On 8 December 2011, at 19:17, Grant wrote:

> I ran squirrelmail/configtest.php and realized I don't have an
> attachment directory set up for Squirrelmail:
>
> ERROR: Attachment dir (/var/local/squirrelmail/attach/) does not exist!
>
> I don't even have a /var/local/. Would a good Gentoo'er create the
> directory in that location?

Is this a new installation of Squirrelmail or an existing one?

When you install Squirrelmail you're supposed to (last time I did so, which is admittedly a long time ago) run a setup program (it uses curses / text-menus). That asks what kind of IMAP server you're going to be connecting to (it works with all of them, but optimises itself for different ones), and the naming convention for Trash / Deleted Items, Drafts &c on your server.

I would have thought paths like this would be configured during this setup stage. I'm pretty sure it's safe to rerun this setup program at any time.

Stroller.

Michael Orlitzky 12-09-2011 01:49 AM

Gentoo location for squirrelmail attachments
 
On 12/08/2011 02:17 PM, Grant wrote:

I ran squirrelmail/configtest.php and realized I don't have an
attachment directory set up for Squirrelmail:

ERROR: Attachment dir (/var/local/squirrelmail/attach/) does not exist!

I don't even have a /var/local/. Would a good Gentoo'er create the
directory in that location?


If a website needs to write files, let it do so under its own directory
hierarchy. All of our PHP sites have something equivalent to the
following in their apache vhost configs:


php_admin_value open_basedir /var/www/example.com/www/
php_admin_value upload_tmp_dir /var/www/example.com/www/tmp
php_admin_value session.save_path /var/www/example.com/www/tmp

That way, if www.example.com is compromised, the rest of the machine is
still safe (barring PHP bugs).

"J. Roeleveld" 12-09-2011 05:51 AM

Gentoo location for squirrelmail attachments
 
On Thu, December 8, 2011 8:37 pm, Stroller wrote:
>
> On 8 December 2011, at 19:17, Grant wrote:
>
>> I ran squirrelmail/configtest.php and realized I don't have an
>> attachment directory set up for Squirrelmail:
>>
>> ERROR: Attachment dir (/var/local/squirrelmail/attach/) does not exist!
>>
>> I don't even have a /var/local/. Would a good Gentoo'er create the
>> directory in that location?
>
> Is this a new installation of Squirrelmail or an existing one?
>
> When you install Squirrelmail you're supposed to (last time I did so,
> which is admittedly a long time ago) run a setup program (it uses curses /
> text-menus). That asks what kind of IMAP server you're going to be
> connecting to (it works with all of them, but optimises itself for
> different ones), and the naming convention for Trash / Deleted Items,
> Drafts &c on your server.
>
> I would have thought paths like this would be configured during this setup
> stage. I'm pretty sure it's safe to rerun this setup program at any time.

Yes, it can be rerun at any time.

The script is in the webroot where you installed squirrelmail and is
called "configure".

Simply run that, then select option "4" (General Options).
The directories you want to check/change are the first 2.

HTH,

Joost

Grant 12-09-2011 02:49 PM

Gentoo location for squirrelmail attachments
 
>> I ran squirrelmail/configtest.php and realized I don't have an
>> attachment directory set up for Squirrelmail:
>>
>> ERROR: Attachment dir (/var/local/squirrelmail/attach/) does not exist!
>>
>> I don't even have a /var/local/. *Would a good Gentoo'er create the
>> directory in that location?
>
>
> If a website needs to write files, let it do so under its own directory
> hierarchy. All of our PHP sites have something equivalent to the following
> in their apache vhost configs:
>
> *php_admin_value open_basedir /var/www/example.com/www/
> *php_admin_value upload_tmp_dir /var/www/example.com/www/tmp
> *php_admin_value session.save_path /var/www/example.com/www/tmp
>
> That way, if www.example.com is compromised, the rest of the machine is
> still safe (barring PHP bugs).

There is a Squirrelmail document recommending that the Squirrelmail
data and attachments directories are established outside of the web
server's reach. /var is given as an example. They also recommend
root:apache 0730 for both directories.

This is a little disturbing because my Squirrelmail data directory was
created under the webroot as apache:apache 0755 at some point. Would
this have been done by Gentoo? Should I file a bug?

"Prepare data and attachment directories"
http://squirrelmail.org/docs/admin/admin-3.html

- Grant

Grant 12-09-2011 02:51 PM

Gentoo location for squirrelmail attachments
 
>>> I ran squirrelmail/configtest.php and realized I don't have an
>>> attachment directory set up for Squirrelmail:
>>>
>>> ERROR: Attachment dir (/var/local/squirrelmail/attach/) does not exist!
>>>
>>> I don't even have a /var/local/. *Would a good Gentoo'er create the
>>> directory in that location?
>>
>> Is this a new installation of Squirrelmail or an existing one?
>>
>> When you install Squirrelmail you're supposed to (last time I did so,
>> which is admittedly a long time ago) run a setup program (it uses curses /
>> text-menus). That asks what kind of IMAP server you're going to be
>> connecting to (it works with all of them, but optimises itself for
>> different ones), and the naming convention for Trash / Deleted Items,
>> Drafts &c on your server.
>>
>> I would have thought paths like this would be configured during this setup
>> stage. I'm pretty sure it's safe to rerun this setup program at any time.
>
> Yes, it can be rerun at any time.
>
> The script is in the webroot where you installed squirrelmail and is
> called "configure".
>
> Simply run that, then select option "4" (General Options).
> The directories you want to check/change are the first 2.

That is the script which sets the location of the attachment
directory, which I think is what you meant. I could be wrong but I
think Stroller was referring to a script that actually creates the
directory.

- Grant

Joost Roeleveld 12-09-2011 03:08 PM

Gentoo location for squirrelmail attachments
 
On Friday, December 09, 2011 07:51:16 AM Grant wrote:
<SNIPPED>

> > The script is in the webroot where you installed squirrelmail and is
> > called "configure".
> >
> > Simply run that, then select option "4" (General Options).
> > The directories you want to check/change are the first 2.
>
> That is the script which sets the location of the attachment
> directory, which I think is what you meant. I could be wrong but I
> think Stroller was referring to a script that actually creates the
> directory.
>
> - Grant

I don't think there is a script that automatically creates the directory.
If there is, I haven't seen it yet.

--
Joost

Michael Orlitzky 12-09-2011 03:09 PM

Gentoo location for squirrelmail attachments
 
On 12/09/2011 10:49 AM, Grant wrote:


There is a Squirrelmail document recommending that the Squirrelmail
data and attachments directories are established outside of the web
server's reach. /var is given as an example.


The two aren't mutually exclusive; using the previous example, we have,

php_admin_value upload_tmp_dir /var/www/example.com/www/tmp
DocumentRoot /var/www/example.com/www/public

so Apache can't serve up the temporary files. But sticking them both
under /var/www/example.com/www does allow you to use tighter
open_basedir restrictions.




This is a little disturbing because my Squirrelmail data directory was
created under the webroot as apache:apache 0755 at some point. Would
this have been done by Gentoo? Should I file a bug?


I'm not sure. There's probably a policy that says one of two things:

1. Ebuilds should by default set up everything as securely as
possible, or

2. Ebuilds should not mess with upstream

I've honestly never used Gentoo's webapp stuff; it confuses the hell out
of me.

Joost Roeleveld 12-09-2011 03:14 PM

Gentoo location for squirrelmail attachments
 
On Friday, December 09, 2011 07:49:13 AM Grant wrote:
> >> I ran squirrelmail/configtest.php and realized I don't have an
> >> attachment directory set up for Squirrelmail:
> >>
> >> ERROR: Attachment dir (/var/local/squirrelmail/attach/) does not
> >> exist!
> >>
> >> I don't even have a /var/local/. Would a good Gentoo'er create the
> >> directory in that location?
> >
> > If a website needs to write files, let it do so under its own directory
> > hierarchy. All of our PHP sites have something equivalent to the
> > following in their apache vhost configs:
> >
> > php_admin_value open_basedir /var/www/example.com/www/
> > php_admin_value upload_tmp_dir /var/www/example.com/www/tmp
> > php_admin_value session.save_path /var/www/example.com/www/tmp
> >
> > That way, if www.example.com is compromised, the rest of the machine is
> > still safe (barring PHP bugs).
>
> There is a Squirrelmail document recommending that the Squirrelmail
> data and attachments directories are established outside of the web
> server's reach. /var is given as an example. They also recommend
> root:apache 0730 for both directories.
>
> This is a little disturbing because my Squirrelmail data directory was
> created under the webroot as apache:apache 0755 at some point. Would
> this have been done by Gentoo? Should I file a bug?
>
> "Prepare data and attachment directories"
> http://squirrelmail.org/docs/admin/admin-3.html
>
> - Grant

I think the data-directory is included from upstream and is there to have it
work when installing it "blindly". Recommendations are not always possible
(think hosted environments)

--
Joost

Grant 12-09-2011 05:24 PM

Gentoo location for squirrelmail attachments
 
>> There is a Squirrelmail document recommending that the Squirrelmail
>> data and attachments directories are established outside of the web
>> server's reach. */var is given as an example. *They also recommend
>> root:apache 0730 for both directories.
>>
>> This is a little disturbing because my Squirrelmail data directory was
>> created under the webroot as apache:apache 0755 at some point. *Would
>> this have been done by Gentoo? *Should I file a bug?
>>
>> "Prepare data and attachment directories"
>> http://squirrelmail.org/docs/admin/admin-3.html
>>
>> - Grant
>
> I think the data-directory is included from upstream and is there to have it
> work when installing it "blindly". Recommendations are not always possible
> (think hosted environments)

The Squirrelmail list is telling me:

> SquirrelMail doesn't create any directories aside from the ones
> contained in the installation itself. It doesn't put anything in your
> webroot or anywhere else unless you're using some third party
> installer that does other things.
>
> Maybe you should file a bug report against whatever entity it was that
> provided the package that did that.

Does this sound like a Gentoo bug I should report?

- Grant


All times are GMT. The time now is 06:14 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.