dcm.pl Permission Denied!
babylon78
03-03-2011 21:03:18
Hello,
First off, great job on ONA! It's beautiful!
I do have a question regarding dcm.pl however. after poking around in the GUI, I realized that the only way I'm going to import my thousands of IPs is through scripting the imports through dcm.pl
I have installed it fine, and am able to read configs from the DB without a problem. However, when I attempt to write anything to the DB, I always get a "Permission Denied!" error.
Any ideas as to what may be happening?
I was doing something very simple just to test it out. i.e
the dcm config file is in /etc, and is own , readable and writable by dcm.pl. The http auth, is currently just the admin user, though I will change it later when I implement an SSL connection.
Any ideas? things to check?
First off, great job on ONA! It's beautiful!
I do have a question regarding dcm.pl however. after poking around in the GUI, I realized that the only way I'm going to import my thousands of IPs is through scripting the imports through dcm.pl
I have installed it fine, and am able to read configs from the DB without a problem. However, when I attempt to write anything to the DB, I always get a "Permission Denied!" error.
Any ideas as to what may be happening?
I was doing something very simple just to test it out. i.e
dcm.pl -r location_add reference=102 name=DLHS
the dcm config file is in /etc, and is own , readable and writable by dcm.pl. The http auth, is currently just the admin user, though I will change it later when I implement an SSL connection.
Any ideas? things to check?
Matt
04-03-2011 09:21:36
dcm.pl will by default try and connect to ONA as the user "dcm.pl". This user does not exist until you create it and grant it permissions. This is to help try and keep things somewhat secure.
Instead of that you must then provide the -l option to dcm.pl to specify a username and then use -p for a password. Then you can log in as "admin" or whatever other user you have set up.
Also you could consider using a .htaccess configuration to help further restrict how dcm.pl functions. I have an example one included with ONA that shows a few situations like limiting to only dcm.pl requests from certain hosts. it is located at /opt/ona/www/.htaccess.example. Just drop the .example from its name to activate it. and of course adjust its contents for your situation.
I hope this helps clarify a bit.. the whole thing needs a bit of cleanup and normalization as I've been messing with it a bit recently when I added the LDAP auth modules.
Instead of that you must then provide the -l option to dcm.pl to specify a username and then use -p for a password. Then you can log in as "admin" or whatever other user you have set up.
Also you could consider using a .htaccess configuration to help further restrict how dcm.pl functions. I have an example one included with ONA that shows a few situations like limiting to only dcm.pl requests from certain hosts. it is located at /opt/ona/www/.htaccess.example. Just drop the .example from its name to activate it. and of course adjust its contents for your situation.
I hope this helps clarify a bit.. the whole thing needs a bit of cleanup and normalization as I've been messing with it a bit recently when I added the LDAP auth modules.