I got a eaton 5110 1000watt for xmas I ended up installing nut http://www.networkupstools.org/ to monitor it

nut has a few components to it

nut-client
nut-cgi
nut-monitor
etc etc

Its been installed in /etc/ups with the following permissions

-rw-r--r-- 1 root root 1074 Dec 29 11:19 hosts.conf
-rw-r----- 1 root nut 1413 Aug 11 07:14 nut.conf
-rw-r----- 1 root nut 3650 Dec 29 09:36 ups.conf
-rw-r----- 1 root nut 2589 Aug 11 07:14 upsd.conf
-rw-r----- 1 root nut 2134 Dec 29 15:46 upsd.users
-rw-r----- 1 root nut 11895 Dec 29 11:13 upsmon.conf
-rw-r----- 1 root nut 3891 Aug 11 07:14 upssched.conf
-rw------- 1 nut root 1420 Aug 11 07:14 upsset.conf
-rw-r--r-- 1 root root 4003 Aug 11 07:14 upsstats.html
-rw-r--r-- 1 root root 6644 Aug 11 07:14 upsstats-single.html

Nut is running but I am concerned about the cgi part of it running upsstats.cgi

I ended up copying it into my www dir cp /var/www/nut-cgi-bin/upsstats.cgi /var/www/cgi-bin/

But everyone an sundry can view it. How would I lock this down to the local access only for that specific set of directories related to it. (I don't do web stuff at all)


As you can see the permissions are far from what I would call secure

ls -l
total 32
-rwxr-xr-x 1 root root 32028 Dec 29 11:18 upsstats.cgi

^^ or if the server supports .htaccess files he could use that, couldn't he?

^^ or if the server supports .htaccess files he could use that, couldn't he?

what I posted is what you'd put inside the .htaccess file, if you were using .htaccess files - it's all just apache config directives whether you put them in a .htaccess file, or directly into the server config

access files are just an optional feature that allows users to affect the apache config on the fly via the convenience of a separate file, although at the expense of several extra filesystem calls on every http request

Thanks Jim just what I was after


I might actually try and lock it up in the webconfig inside clearOS which would be even more desirable should not be too hard.

IIS can suck my nuts, why would I want to bring my work problems home... keep that broken shit at work where it belongs

I give up

real men use crusher
so hawt

maybe with Alias http://httpd.apache.org/docs/2.2/mod/mod_alias.html#alias
and DirectoryIndex http://httpd.apache.org/docs/2.2/mod/mod_dir.html#directoryindex

something like:

Alias /ups /var/www/cgi-bin/ups

<Directory /var/www/cgi-bin/ups>
DirectoryIndex upsstats.cgi
</Directory>

Should mean you can just load http://your.server/ups

Or you can just add upsstats.cgi to your existing DirectoryIndex line in httpd.conf if you don't mind it being global instead of just for that dir, or you could probably just put the above DirectoryIndex line into the .htaccess file you now have, negating the need for the <Directory> tags

Just depends how you prefer doing your config

no wukkaz!

I'm the same even after years of using apache. it's not always obvious how to do something, or I forget how I did it last time so a lot of the time I end up having to google for examples

ScriptAlias /ups/ /usr/lib/cgi-bin/ups/

Add that inside your Virtualhost directive