[mrtg] Re: 14all and authorization

Rainer Bawidamann Rainer.Bawidamann at rz.uni-ulm.de
Wed Dec 13 18:15:52 MET 2000

In article <000201c06516$4524cf20$f4a69793 at geeur.bt.com>,
	M.Dorenbos at concert.net ("Marcel Dorenbos") writes:
> I am using the MRTG tool for quite a while now. At the moment we are
> building a new system and we will switche to rrdtool mode. In the old
> situation I could rely on the authorization methods offered by the apache
> web server (basically the reports are placed in different subdirectories,
> with different realms).
> It seems that the 14all.cgi script doesnot provide this functionality, so
> allowing group of users access to their reports only. Is there a known
> solution for this problem?

No. In fact 14all takes the config file name as CGI parameter so
everyone has access to every mrtg config file if he knows the name.

A quick hack would be to add "BasicAuthentication" support to 14all so
you can say in the config file

  14all*users[target]: user1,user2,root

Should be around 20 lines of code (if '14all*users' exists check if
$ENV{REMOTE_USER} exists and '14all*users' contains it). I currently
don't have much time, any volunteers?


Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

More information about the mrtg mailing list