 |
Configuration Script |  Requirements And Installation |
|
Configuration Script | Requirements And Installation |
The File Submission System |
 | |
Submit Password Manager | ||
The subwpass program
is an administrative utility to set web access passwords
for the submit system.
It can also set Unix permissions on home directories to
allow use of the submit system (see below).
Subwpass
will generally be called by the root user, though
other users may use it to set their own passwords.
The web-based interface to create and manage assignments may only
be used by accounts which have a password set.
The command line takes flags to specify an operation, followed
by a list of user names to apply those operations to.
The flags -i, -p,
-P, -r and -d specify a password operation, while
the flags -I, -x, -g, -X and -G options
specify an operation for setting Unix permissions on the
home directories. You may specify at most one from each group.
If no operations are specified, the program assumes -i.
The operations are applied to the users listed
on the command line, or additional users provided by the -a
or -A options.
The -A option adds all users. If the
the UID limits (UID_MIN and/or UID_MAX)
configuration parameters are set (as by default),
only users with UIDs in range are added.
The -a option is like
-A, but includes only users which have no password set already, so
it enables web access for users lacking it.
If any of the password options are specified, the passwords
of the listed users are changed.
If the -d option is used, the listed user's passwords are removed,
disabling their web access.
If any of -i, -p, -P or -r
are specified, the password is set in the manner
as follows:
-i-p password-P-rPASSLOG,
but this can be changed using the -o flag.
The random passwords are constructed from a string of
letters (usually sort-of pronounceable), a punctuation character,
and a small number. The space of possible passwords seems to be
around 40 trillion. I have no idea if that is good or bad.
The submit system creates and accesses files under the home
directory of each instructor who uses the system. For this to
work, the permissions on home directories must allow the web
server process to access these files. If your web server
maps ~ URLs to public_html,
or some other directory under each user's home area, then you have
already solved this problem.
If not, subwpass
can modify the Unix permissions on home directories
to open them for you, by these options:
-xchmod o+x homedir
on the indicated home directory.
-g-g
option
changes the group ownership
to the group under which the web server runs, then
then adds group directory search permission.
-X-x,
but is performed whether or not the directory appears open to begin with.
-G-g,
but likewise performed unconditionally.
Note that neither the -x or -g
options will make any changes if the directory appears to be
already open. Subwpass
decides it's open if it looks like one of those two things has been done
to it: it either has global directory search, or has group ownership
of the server process group
and group search permission.
If subwpass sets a password for a user
which it judges not open, and no option to set permissions
is given, it will issue a warning message.
You can suppress this check using the -I option.
If you are running on a Unix which uses ACLs, you may have already
opened your home directories in a way which subwpass
cannot recognize. In this case, -I
may be just what you were looking for.
subwpass smith jones scott
This queries and sets new passwords for the three users listed.
subwpass -p Daylight -x foo bar
This sets users foo and bar to each have password Daylight, and adds global search permission to each of their home directories if needed.
subwpass -r -g -o passlist.txt -a
For each user that does not have a submit system password,
we will set a random one. The list of chosen passwords will be
written in plain text to the file
passlist.txt.
If that user's account is not open
to the web process, we'll open it using group permissions.