WebDAV CGI - Documentation: mod_perl
You can use mod_perl if you don't need special file permissions like AFS, SMB, or DB back-end.Installation
- be sure you use Apache's MPM prefork (Debian/Ubuntu:
apt-get install apache2-mpm-prefork
) - install mod_perl (Debian/Ubuntu:
apt-get install libapache2-mod-perl2
) - configure Apache's mod_perl:
ScriptAlias /webdavcgi /etc/webdavcgi/cgi-bin/webdav.pl PerlRequire /etc/webdavcgi/helper/mod_perl_startup.pl # only for Kerberos auth: KrbMethodNegotiate off KrbMethodK5Passwd on KrbSaveCredentials on Krb5Keytab /etc/apache.keytab <Location /webdavcgi> # only for Kerberos auth: AuthType Kerberos AuthName "WebDAV CGI Account" # AuthUserFile /etc/apache2/users Require valid-user SetHandler perl-script PerlOptions +SetupEnv PerlResponseHandler ModPerl::RegistryPrefork Options +ExecCGI </Location> RewriteEngine on RewriteRule ^/ /webdavcgi [PT,L,E=WEBDAVCONF:/etc/webdav.conf,E=AUTHHEADER:%{HTTP:Authorization}]
- configure WebDAV CGI for AFS or SMB
AFS
webdav.conf:$INSTALL_BASE = '/etc/webdavcgi/'; $BACKEND = 'AFS'; $DOCUMENT_ROOT = '/afs/'; $VIRTUAL_BASE='/'; # simulates mod_auth_kerberos and mod_waklog: kinit; setpag; aklog; ...; unlog;: # and it makes sense for mod_auth_kerberos and mod_waklog users too: require Helper::AfsKrb5AuthHelper; Helper::AfsKrb5AuthHelper->new(); $DBI_SRC='dbi:SQLite:dbname=/tmp/webdav.'.$ENV{REMOTE_USER}.'.db'; $DBI_USER=''; $DBI_PASS=''; $CREATE_DB = !-e '/tmp/webdav.'.$ENV{REMOTE_USER}.'.db'; $BACKEND_CONFIG{AFS}{quota}='/usr/bin/fs listquota $FS'; @EXTENSIONS = (@DEFAULT_EXTENSIONS,@AFS_EXTENSIONS,@EXTRA_EXTENSIONS); $EXTENSION_CONFIG{AFSACLManager} = { allow_afsaclchanges =>1 }; $EXTENSION_CONFIG{AFSGroupManager} = { disallow_groupchanges=>0 }; $ALLOW_CHANGEPERM = 0; $MIMEFILE='/etc/mime.types';
SMB
webdav.conf:$INSTALL_BASE = '/etc/webdavcgi/'; require Helper::Krb5AuthHelper; Helper::Krb5AuthHelper->new(); $DOCUMENT_ROOT = '/'; $VIRTUAL_BASE = '/'; $BACKEND='SMB'; $DBI_SRC='dbi:SQLite:dbname=/tmp/webdav.'.$ENV{REMOTE_USER}.'.db'; $DBI_USER=''; $DBI_PASS=''; $CREATE_DB = !-e '/tmp/webdav.'.$ENV{REMOTE_USER}.'.db'; $SHOW_QUOTA = -x '/usr/bin/smbclient'; $ALLOW_CHANGEPERM = 0; $ALLOW_SYMLINK = 0; #### SMB backend setup: ### required entries: defaultdomain, domains, fileserver ### optional entries: sharefilter, usersharefilter, shares, sharealiases $BACKEND_CONFIG{SMB} = { defaultdomain => 'MY.EXAMPLE.DOMAIN.ORG', #required ## allow only configured server names and shares (default: 0) secure => 1, # optional ## a global share filter (filter out admin shares with trailing $): sharefilter => [ qr/\$$/, ], #optional usersharefilter => { #optional ## admin has no matching filter so he can see all shares (overwrites sharefilter): myadminexample => [ qr/__NEVER_MATCH/, ], }, sharesep => '~', #optional - servername-share separator symbol (default: '~') ## don't use a separator symbol like '$', '-', '_', '#', '%', '?', '&', '/', '\', or letters/numbers ## good alternative separators are '!', ':', '=', '\'', '"', '`', '+', '*', or '@' ## enables/disables quota support for all domains and shares: quota => 1, # optional domains => { #required 'MY.EXAMPLE.DOMAIN.ORG' => { #required (multiple domain entries allowed for forests) ## a domain based filter (overwrites sharefilter and userfilter above): sharefilter => [ qr/\$$/, ], #optional usersharefilter => { #optional ## a domain based user filter (overwrites all sharefilter and global filter): myadminexample => [ qr/__NEVER_MATCH/, ], }, fileserver => { #required 'mywindowsfileserver1.my.example.domain.org' => { #required ## a fileserver based share filter (overwrites all domain based filter): sharefilter => [ qr/\$/, ], #optional usersharefilter => { #optional ## overwrites all sharefilter and domain based filter myadminexample => [ qr/__NEVER_MATCH/ ] }, ## disables all filter and (slow) automatic share detection: shares => [ 'MyFirstShare', 'MySecondShare', 'MyThirdShare/start/here' ], #optional ## enables/disables quota support for given shares: quota => { 'MyFirstShare' => 0 }, # optional ## defines a initial directory for a share (don't forget the initial '/'): initdir => { #optional 'MyFirstShare' => '/starthere', 'MySecondShare'=> '/start/here' }, sharealiases => { #optional ## shows 'H: (Home)' instead of ## 'mywindowsfileserver1.my.example.domain.org~MyFirstShare' in the Web interface 'MyFirstShare' => 'H: (Home)/', ## shows 'S: (Scratch)' instead of ## 'mywindowsfileserver1.my.example.domain.org~MySecondShare' in the Web interface 'MySecondShare' => 'S: (Scratch)/', 'MyThirdShare/start/here' => 'T: Temp (/start/here/)', }, }, }, }, }, };
© ZE CMS, Humboldt-Universität zu Berlin | Written 2010-2015 by Daniel Rohde