[hobbit] restricting access to hobbit

Iain Conochie iain at shihad.org
Thu Nov 15 16:58:06 CET 2007 

Josh Luthman wrote:
> I've never used the PAGE statement, but I was under the impression it 
> was just going to put the following hosts in www/newpage.html instead 
> of www/bb.html - same directory.  Is this not so?

Nope. Using "PAGE NewPage This is a new page!" statement creates a 
directory NewPage and there is an index.html file under that

Iain

>
> On 11/15/07, *Iain Conochie* <iain at shihad.org 
> <mailto:iain at shihad.org>> wrote:
>
>     Josh Luthman wrote:
>     > With two groups of hosts you still only have one directory
>     accessible
>     > by web.  This means Apache HTTP authentication is out of the
>     question.
>     >
>     > That's about all I can tell you =/
>
>     Not necessarily!
>
>     You can use the PAGE statement in bb-hosts and then you have a new
>     directory for each page and sub-page underneath. You can then use
>     apache
>     auth for that.
>
>     Then for the top level you can also use apache auth for admins
>
>     Cheers
>
>     Iain
>
>     >
>     > On 11/15/07, *Phil Wild* <philwild at gmail.com
>     <mailto:philwild at gmail.com>
>     > <mailto:philwild at gmail.com <mailto:philwild at gmail.com>>> wrote:
>     >
>     >     No, not quite, I want to make a single hobbit install work
>     for two
>     >     groups of users, and I don't want group A to have any access to
>     >     see or do anything to Group B hosts and vice versa.
>     >
>     >     I am tryingto find out if there is a way of restricting the
>     >     reports/tools/executables to only run against a subset of the
>     >     hosts defined in bbhosts say like using bbgrep to filter on
>     a tag
>     >     or something for all functions.
>     >
>     >     Any ideas?
>     >
>     >     Phil
>     >
>     >
>     >     On 16/11/2007, *Josh Luthman* < josh at imaginenetworksllc.com
>     <mailto:josh at imaginenetworksllc.com>
>     >     <mailto:josh at imaginenetworksllc.com
>     <mailto:josh at imaginenetworksllc.com>>> wrote:
>     >
>     >         The default Apache configuration that Hobbit makes for you
>     >         will specify requiring HTTP logins for the cgisec
>     directory.
>     >         Is this what you're looking for?
>     >
>     >
>     >         On 11/14/07, * Phil Wild* <philwild at gmail.com
>     <mailto:philwild at gmail.com>
>     >         <mailto: philwild at gmail.com
>     <mailto:philwild at gmail.com>>> wrote:
>     >
>     >             Hello,
>     >
>     >             I am looking at setting up hobbit to manage two
>     groups of
>     >             hosts. I would prefer to just deploy one hobbit
>     >             installation for both groups. For most of the hobbit web
>     >             pages, Apache security solves a lot of the browsing
>     issues
>     >             but the cgi-bin executables and menus are the problem.
>     >
>     >             I want to make sure one group don't have access to
>     see or
>     >             make changes to the other groups hosts.
>     >
>     >             The areas I see a problem with are:
>     >
>     >             hobbit-enadis.sh
>     >             bb-findhost.sh
>     >             hobbit-confreport.sh
>     >
>     >             I would like to restrict the above to only work with a
>     >             subset of hosts (perhaps a tag in the bbhosts file)
>     >
>     >             The reports generate web pages on the fly and drop the
>     >             user at the top level page which is not what I would
>     >             prefer (each group have their own top level page etc.)
>     >
>     >             All nongreen view is also an issue
>     >
>     >             and lastly, manually modifying the URL based on
>     >             bb-hostsvc.sh to get to a web page for a host in the
>     other
>     >             groups list is also a problem.
>     >
>     >             Any ideas how I can address this?
>     >
>     >             Thanks
>     >
>     >             Phil
>     >
>     >
>     >
>     >
>     >         --
>     >         Josh Luthman
>     >         Office: 937-552-2340
>     >         Direct: 937-552-2343
>     >         1100 Wayne St
>     >         Suite 1337
>     >         Troy, OH 45373
>     >
>     >         Those who don't understand UNIX are condemned to
>     reinvent it,
>     >         poorly.
>     >         --- Henry Spencer
>     >
>     >
>     >
>     >
>     >     --
>     >     Tel: 0400 466 952
>     >     Fax: 0433 123 226
>     >     email: philwild at gmail.com <mailto:philwild at gmail.com>
>     <mailto:philwild at gmail.com <mailto:philwild at gmail.com>>
>     >
>     >
>     >
>     >
>     > --
>     > Josh Luthman
>     > Office: 937-552-2340
>     > Direct: 937-552-2343
>     > 1100 Wayne St
>     > Suite 1337
>     > Troy, OH 45373
>     >
>     > Those who don't understand UNIX are condemned to reinvent it,
>     poorly.
>     > --- Henry Spencer
>
>
>     To unsubscribe from the hobbit list, send an e-mail to
>     hobbit-unsubscribe at hswn.dk <mailto:hobbit-unsubscribe at hswn.dk>
>
>
>
>
>
> -- 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
> Those who don't understand UNIX are condemned to reinvent it, poorly.
> --- Henry Spencer

More information about the Xymon mailing list