[Koha-devel] writing a file on server from staff interface

Mathieu Saby mathieu.saby at univ-rennes2.fr
Tue Sep 24 22:59:20 CEST 2013 

Thanks for your answers!

I started with the idea of a YAML file because it was easy to manage and 
already used by SolR configuration, but it was maybe not a good choice.
The technical choice for facet configuration must be safe, and avoid the 
need for libraries to change the configuration of groups or users on 
their servers.
And I am not fond of the idea of 1 or 2 sysprefs (unimarc/marc21) with a 
big block of YAML data inside. Not user friendly, and risky (oups, I 
forgot a space...)

So from what I read, I see 2 solutions :
- forgetting YAML and putting the configuration in a small new sql table.
- putting YAML in a syspref, but not modifying it directly, but through 
a user friendly form on a specific page. I have never seen that in Koha, 
so I don't know if it will complies to the coding rules...

Mathieu


Le 24/09/2013 22:24, Mark Tompsett a écrit :
> Greetings,
>
> Chown the files: 664, and make the group www-data (or whatever group 
> the script will end up running as). 666 is just evil. Pun intended. 
> Though, limiting exposure of an entire configuration file by only 
> modifying a single system preference is clearly a more secure idea.
>
> GPML,
> Mark Tompsett
>
>
> -----Original Message----- From: Mathieu Saby
> Sent: Tuesday, September 24, 2013 3:31 PM
> To: Koha Devel
> Subject: [Koha-devel] writing a file on server from staff interface
>
> Hi
> for my patch about facets, I currently have 2 problems :
> 1- how to put the file in /etc/ of installation directory (in discussion)
> 2- how to allow the perl script (from staff interface) to write or
> rewrite the yaml configuration file if a librarian decides to change
> some settings.
>
> If I do nothing special, YAML::DumpFile fails to (re)write the file,
> because -  I suppose - the apache user does not have rights to access
> the server.
> So, for the moment, the only way I found to make my config file editable
> is "chmod 666".
> But  I suppose it is not very safe...
>
> Do you know if there is a safer way to do that?  How is managed for
> example for SolR configuration files?
>
> Regards
> Mathieu
>


-- 
Mathieu Saby
Service d'Informatique Documentaire
Service Commun de Documentation
Université Rennes 2
Téléphone : 02 99 14 12 65
Courriel : mathieu.saby at univ-rennes2.fr

More information about the Koha-devel mailing list