Wow, thanks for taking the time to answer my question, Craig. Your reply was
totally unexpected, and very appreciated.
Olumuyiwa Taiwo properly pointed out to me the source of my problem -- that
I'm not taking advantage of winbind's ability to strip the domain name off
of the user name. Thus, I should be logging in as "administrator", not
"PDXMISSION\Administrator". Having changed my login behavior, everything is
working properly.
The fix you recommended worked properly, too. However, it solves the problem
*only* for the "$Conf{CgiAdminUsers}" list.
I see a further potential problem, (but since I'm using "winbind use default
domain = yes" now, it doesn't affect me any longer). Say, for instance, that
someone wanted to set "winbind use default domain = no". I foresee that they
would have the following issues:
- They would be unable to add their domain accounts to "CgiAdminUsers"
(unless they change Lib.pm as you instruct below)
- Machine owners would be unable to receive emails about hosts because the
messages would be sent to "[EMAIL PROTECTED]"
- They (presumably) would be unable to use a domain group under
"$Conf{CgiAdminUserGroup}" because:
- the group name would be interpreted improperly, same as
$Conf{CgiAdminUsers} was
- the users therein might be interpreted improperly. For instance
"DOMAIN\Administrator" isn't the same as
"DOMAIN\administrator"
thus although the login to the webpage interface might work,
you couldd still be locked out of anything useful due to
capitalization issues.
In short, I agree with you that your fix corrects the bug, but if my guesses
above a correct, there will be additional work necessary before the target
audience will see significant benefit. However, having taken Olumuyiwa's
advice, everything is working great for me now.
Thanks so much for your time and the great software!
Justin Best
503.906.7611 Voice
561.828.0496 Fax
-----Original Message-----
From: Craig Barratt [mailto:[EMAIL PROTECTED]
Sent: Friday, January 20, 2006 12:22 AM
To: Justin Best
Cc: [email protected]
Subject: Re: [BackupPC-users] I get the error "Only privileged users
can...''
"Justin Best" writes:
> First, my congratulations to Craig for creating a truly useful and unique
> piece of software. I am very impressed.
You sure know how to get your questions answered :).
The problem is that the regexp that matches CgiAdminUsers
isn't robust to special characters in the string. That's
actually a bug.
Try this change. In lib/BackupPC/CGI/Lib.pm, change this line:
$Privileged ||= ($Conf{CgiAdminUsers} =~ /\b$User\b/);
to:
$Privileged ||= ($Conf{CgiAdminUsers} =~ /\b\Q$User\E\b/);
A single backslash inside single quotes should be ok, ie:
$Conf{CgiAdminUsers} = 'PDXMISSION\Administrator';
Tell me if this works and I'll make this fix permanent.
Craig
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
BackupPC-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/
