ACL role based authorization

The product allows you to create users, define ACLs and assign them to user groups.
The user will then see only allowed objects based on ACL rules in the UI.
  • Use internal user management with ACL definitions for user groups
  • Active Directory, it will be deprecated in the future

Activation on a XoruX Virtual Appliance

Recent Virtual Appliances have it already active.
  • Log in as root user to the running appliance and run:
    /home/lpar2rrd/lpar2rrd/bin/acl_enable.sh
    
  • Refresh the UI (Ctrl-F5).
    Try to access your LPAR2RRD web now. You should be prompted for user name and password.
    Use user "admin" with password "admin" (Change it after first login).
    Create users and ACLs in : menu ➡ LPAR2RRD ➡ User management

Activation in non appliance environment

  1. under root user make change in LPAR2RRD section httpd.conf of your Apache,
    This must be there: AllowOverride AuthConfig FileInfo
    Note: httpd.conf might be in different locations like /etc/opt/freeware/apache/httpd.conf, /opt/freeware/etc/httpd/httpd.conf, /opt/freeware/etc/httpd/conf/httpd.conf, /etc/apache2/apache2.conf
    # vi /etc/httpd/conf/httpd.conf
    
    Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
    <Directory "/home/lpar2rrd/lpar2rrd/www/">
        AllowOverride AuthConfig FileInfo
        Options Indexes FollowSymLinks Includes MultiViews
        Require all granted
    </Directory>
    
    ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
    <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/">
        AllowOverride AuthConfig FileInfo
        SetHandler cgi-script
        Options ExecCGI Includes FollowSymLinks
        Require all granted
    </Directory>
    
  2. Restart Apache:
    Note: apachectl might be in different locations like /opt/freeware/sbin/apachectl
    # apachectl restart
    
  3. Under lpar2rrd user copy ".htaccess" file to "www" and "lpar2rrd-cgi" directories
    Make sure there is right directory path to etc/web_config/htusers.cfg in html/.htaccess file.
    # su - lpar2rrd
    $ umask 022
    $ cd /home/lpar2rrd/lpar2rrd
    $ cp -p html/.htaccess www 
    $ cp -p html/.htaccess lpar2rrd-cgi
    
  4. Refresh the UI (Ctrl-F5).
    Try to access your LPAR2RRD web now. You should be prompted for user name and password.
    Use user "admin" with password "admin" (Change it after first login).
    Create users and ACLs in : menu ➡ LPAR2RRD ➡ User management


Troubleshooting

  • Check Apache error log. It is usually located somewhere in /var
    # find /var -name error_log 2>/dev/null
    # tail error_log
    
  • In case of a problem check our forum or contact us via support@lpar2rrd.com