Previous Chapter
Next Chapter
Table of Contents
Index

Available Modules
   BOFH
   Business Graphics
   CGI Executable Support
   Client Logger
   Config Tab List
   Configuration Interface
   Content-Types
   Deep Thought
   Directory Parsing
   Explicit Clock
   FastCGI
   Fast Directory Parsing
   File System
   FTP Gateway
   Gopher Gateway
   Graphics Text
   .htaccess Support
   HTTP-Proxy
   HTTP-relay
   Index Files
   Indirect Href
   IP-less Virtual Hosting
   ISMAP Image-Maps
   Language
   Logging Disabler
   Main RXML Parser
   Mirror Filesystem
   Mirror Server
   Pike Script Support
   Redirect Module v2.0
   Secure File System
   SSL-Proxy
   Tablify
   Tab List
   Timestamp
   User Data Base and Security
   User File System
   User Logger
   WAIS Gateway

Modules


A module is an addition to a Roxen Challenger server, adding to or modifying the server's functionality in some manner. Each virtual server will run a number of modules, most of which will possess some configurable variables. For information on configuring these modules, please refer to the sections on adding modules.

Available Modules

This chapter lists all Roxen modules included in the standard distribution. There is an appendix in the end of this manual Appendix G showing which modules belong to which module types. The significance of these module types is explained in the chapter on How to make your own Roxen module.

BOFH

This is a very simple module. It only adds the tag <bofh>, which will insert a random Bastard Operator From Hell excuse.

It is useful when sending pages as the result of an unsuccessful request.

Business Graphics

This module generates diagrams based on data contained within the <diagram> tag.

Variables

Max height
The maximum height of the generated image in pixels, given as an integer.

Max width
The maximum width of the generated image in pixels, given as an integer.

Mount point
The URL prefix for the diagrams, i. e. s location in the virtual file system.

CGI Executable Support

This module can execute CGI-scripts both from a special directory and on an extension basis. It supports the CGI/1.1 interface. Read more about this at http://hoohoo.ncsa.uiuc.edu/docs/cgi/interface.html.

Variables

CGI-bin path
This is where the module will be inserted in the name space of your server. By default, the module will also service one or more extensions from anywhere in the name space.

Search path
Where the module will find the files in the real file system.

Ignore non-executable files
If this flag is set, non-executable files will be returned as-is to the client.

Allow listing of cgi-bin directory
If set, users can get a listing of all files in the CGI-bin directory.

Handle *.cgi
handle all .cgi files as CGI-scripts, as well as files in the cgi-bin directory. This emulates the behavior of the NCSA server. Valid extensions can be set in the CGI-script extensions variable.

CGI-script extensions
All files ending with these extensions will be parsed as CGI scripts. For example, if you would like to run perl scripts, add pl to this comma separated list.

Pass environment variables
If this is set, all environment variables seen by Roxen will be passed to CGI scripts, not just those defined in the CGI/1.1 standard. Roxen also adds CGI enhancements if they are defined, see below. This includes LOGNAME and all others. For a quick test, you can try this script with and without this variable set, respectively:

!/bin/sh

echo Content-type: text/plain
echo ''
env

Raw user info
If set, the raw and unparsed user info will be sent to the script, in the HTTP_AUTHORIZATION environment variable. This is not recommended, but some scripts need it. Please note that this will give the scripts access to the password used.

Roxen CGI Enhancements
If defined, Roxen will export a few extra variables, namely:

  • VAR_»variable_name« or QUERY_»variable_name«: Parsed form variable, like CGI parse. The parsed value of the form variable variable_name. That is, if you have an input field in an HTML form on the form <input name=name>, and the user types "30 days" in that field, the environment variable QUERY_»name« will be set to "30 days".
  • VARIABLES: A space separated list of all variables in the form request, if any. This list consists of the variable names only.
  • PRESTATE_name: True if the prestate is present.
  • PRESTATES: A space separated list of all states present.

Send stderr to client
If set, standard error from scripts will be redirected to the client instead of the logs/debug/»name-of-configdir.1« log.

Send decoded password
If set, the variable REMOTE_PASSWORD will be set to the decoded password value.

You need this only if you plan to send more than 8KB of data from a script, or use Location: headers in a non-nph script.

Run scripts as
If you start Roxen as root and this variable is set, CGI scripts will be run as this user. You can use either the user name or the UID. If you have no working user database enabled, only UIDs will work correctly, however. If unset, scripts will be run as nobody.

Run user scripts as owner
If set, scripts in the home directory of a user will be run as that user. This overrides the Run scripts as variable.

Nice value
The nice level to use when running scripts. 0 is the most aggressive available to normal users. 20 causes the scripts to claim resources the least aggressively.

Limits: Core dump size
The maximum size of a core dump, in 512 byte blocks. -2 is unlimited.

Limits: Maximum CPU time
The maximum time the script might run, in seconds. -2 is unlimited.

Limits: Maximum number of open files
The maximum number of files a script can keep open at any time.

Extra environment variables
Extra variables to be sent to the script. The format is:

NAME=<value>
NAME=<value>

Please note that normal CGI variables will override these.

Client Logger

This module is a client logger. It simply logs the user-agent field in a log file.

Variables

Client log file
The file into which all client names will be put.

Config Tab List

Adds some tags for making a configuration interface look-alike tab list. As it uses the actual configuration interface module and all settings used therein, it does not need to be very flexible in itself. The usage is as follows:

    <config_tablist>
    <tab href="/tab1/">Some text</tab>
    <tab href="/tab2/">Some more text</tab>
    <tab href="a/strange/place/">Tab 3</tab> </config_tablist>

Attributes for the <tab> tag:

    selectedWhether the tab is selected or not.
    altThe alt text for the image (default: "_/" + text + "\_").
    borderBorder for the image (default: 0).

Variables

Mount Point The URL prefix for the buttons.

Configuration Interface

This module can be used to access the configuration interface from a location, like a normal file system. It can be used to access the configuration interface through a firewall.

Variables

Mount point
Where the configuration interface should exist in the virtual file system.

Allow anonymous read-only access
If set, read only access will be allowed for anyone whose IP number matches the IP pattern in the configuration interface.

Content-Types

This module handles all normal mapping of file extensions to content types.

Given the file foo.html, this module will set the content type to text/html.

Variables

Extensions
A list of extensions and their corresponding content types. The format is as follows:

Extension Type Encoding
gif image/gif
gz STRIP gnuzip
#include

"STRIP" causes Roxen to strip this extension and try again. A file named "roxen.tar.gz" would not only get the Content-encoding "x-gzip", but also the Content-type "application/unix-tar".

The lines containing "include" cause files containing more mappings to be included. The syntax used in these files is the syntax used when defining the value of this variable. The paths are paths in the real file system, starting from where the server is started.

The complete list of types can be found at ftp://ftp.isi.edu/in-notes/iana/assignments/media-types/media-types.

Deep Thought

This is an example parser module. It provides the interested programmer with an example of a working module built in Pike. Specifically, it adds the new tag "<dthought>", which expands to a randomly-selected "deep thought".

No variables are set in this module.

Directory Parsing

This is a directory parsing module. It generates a graphical directory tree using the common folder metaphor.

Note that in order to get any directory parsing at all, you must have a directory parsing module enabled. In other words, this module, the Mk2 directory parsing module, or the simple directory module must be enabled.

Features of this directory module include folding/unfolding of directories and module virtual locations shown in the directory tree. Also, if you have overlapping modules, as when two file systems are mounted on the same location, the content of all of them will be shown.

Variables

Index files
If any one of the files listed here is present in the directory requested, it will be sent instead of the directory listing.

Allow directory index file overrides
If set, you can force Roxen to send the directory listing even if an index file present by adding a dot to the request. This is very useful for" debugging" during site construction or while trying out new scripts. However, it may be considered a security hole, in which case you may wish to turn it off.

Include date
If set, directory listings will include last modification dates.

Include file size
If set, directory listings will include file sizes.

Include file user
If set, the last user who modified the file in will be included in directory listings. Note that this requires a user database module to be working.

Include readme files
If set, README files (i.e. README, README.html) will be inserted before the listing if they exist. See illustration for an example of the result.

Size of the listed filenames
This is the width in characters of the filenames appearing in the directory listings.

Explicit Clock

This module is included here as an example of a very simple location module. It shows what time it is. The time shown can be modified.

Variables

Mount Point
The clock's location in Roxen's virtual file system.

Time Modification
Time difference from the system clock, in seconds.

FastCGI

This module provides support for the Fast-CGI interface (see also http://www.fastcgi.com). While useful, it is not finished at this time.

Variables

Number of simultaneous copies to run
This many copies of each script will be started simultaneously. Most useful for scripts that take a long time to finish. It is suggested that another extension and/or cgi-bin directory be used for these scripts. Also, make sure that the scripts are multi-process safe.

Handle *.fcgi
If set, this flag causes Roxen to handle all .fcgi files as Fast-CGI scripts, as well as files in the cgi-bin directory. This emulates the behavior of the NCSA server. Which extensions to handle can be set in the CGI-script extensions variable.

Fast Directory Parsing

This is a very fast and fairly simple directory parsing module. It basically prints a list of files.

Note that you must enable a directory parsing module to get any directory parsing at all.

Variables

Include readme files
If set to Yes, README files (i.e. README, README.html) will be included in the listing.

Index files
If any one of the files listed here is present in the directory requested, it will be sent instead of the "No such file" response.

File System

The file system module is placed on a mount point in the name space of the server, e.g. /doc/. This mount point is a "mapped to" location in the real file system, e.g. /usr/roxen/doc/. The module makes files from the real file system available in the virtual file system of your web server.

The module tries to map all requests to files. For example, /doc/s2.gif will map to /usr/roxen/doc/s2.gif, and /doc/tmp/test.html will map to /usr/roxen/doc/tmp/test.html".

If more than one module have the same mount point, the server will call them in priority order, and the first one to find a file will "win". The end result is that a directory listing will be the union of the files in all location modules that match the directory.

For example, let us assume that the virtual directory /foo/ is accessed, and that one module is mounted on /foo/, getting its files from /usr/www/foocustomer/". Another module is mounted on "/, getting its files from /usr/www/html, and also there is a directory foo in /usr/www/html. The resulting list of files will then be the union of all files in /usr/www/foocustomer and "/usr/www/html/foo.

Variables

Mount Point
Where the module will be inserted in the name space of the server.

Search Path
Were the module will search for files in the real file system.

Handle DELETE
If set, the DELETE action can be used to delete files in the file system.

Handle PUT
If set, PUT can be used to upload files to the file system.

Enable directory listings by default
If set, you have to create a file named .www_not_browsable (or .nodiraccess) in a directory to disable directory listings. If unset, a file named .www_browsable in a directory will enable directory listings.

*** NOTE ***

Require authentication for modification
Only allow authenticated users to use methods other than GET and POST. If this flag is unset, this file system will be a very public one allowing anyone editing access to files located on it.

Show backup files
If set to No, all files ending with ~, # or .bak will considered backups and excluded from directory listings.

Show hidden files
If set to Yes, all hidden files will be included in directory listings and made retrievable.

Cache the results of stat(2)
If you use NFS, setting this flag can speed up the retrieval of files. This will use some memory, however.

FTP Gateway

An FTP gateway with support for remote proxies. It will keep connections to the FTP sites alive in order to speed up FTP use.

Variables

Connection timeout
The time in seconds that a connection to an FTP server is kept after use. When the time is up, the connection is closed.

Data connection timeout
Time in seconds before a data connection is considered timed out and cancelled.

Connection timeout
The time in seconds before a connection attempt is retried.

FTP transfer method
The method used to transfer files, active or passive. On some systems, there may be problems. If there is, you may want to try changing the method used.

Hold until response
Hold data transfer until response from server; if the server sends file size, size will be sent to the http client. This may slow down access slightly, but not noticeably so.

Icons
If set, icons will be used in the directory listings.

Location
This is the location in the virtual file system. The default value is ftp:/. If set to anything else, all normal WWW clients will fail to successfully use it.

The useful case where it would work with something else is /ftp/. If you set this location, a link formed like "<a href="/ftp/my.ftp.server/foo">myftpserver</a>" will allow accesses to local FTP servers through a firewall. Consider the security issues first.

Logfile
This is the file name of the logfile. If this is left empty, no FTP logging will take place.

Port timeout
How long, in seconds, a data port will be kept open without being used, before it is closed.

Remote gateway regular expressions
Here you can add redirects to remote gateways. If a file is requested from a host matching a pattern, the gateway will query the FTP gateway server at the host and port specified. Hopefully, that gateway will then connect to the remote ftp server. Currently, the remote gateway has to be an http-ftp gateway like the one below.

# All hosts inside *.rydnet.lysator.liu.se have to
# be accessed through lysator.liu.se
.*\.rydnet\.lysator\.liu\.se 130.236.253.11 80


Please note that these must be regular expressions.

Save dataports
Some FTP daemons have problems when the same port is reused. Using this may prove useful.

Show server information
Set this if you want the gateway to show the information given by the server when the gateway logs in.

Gopher Gateway

This is a caching gopher gateway, useful for sites using firewalls and those desiring speedier use of gopher.

Variables

Location
This is the location of the Gopher gateway in the virtual file system.

Graphics Text

This module defines a number of new tags which render text into GIF images using the Pike image module.

Variables

Avoid automatic detection of document colors
If this flag is set, the tags 'body', 'tr', 'td', 'font' and 'th' will not be parsed to automatically detect the colors of a document. You will then have to specify all colors in all calls to gtext.

Default maximum text-length
By default, the module will not try to render texts longer than this. The purpose of this is to prevent common coding errors such as mismatched tags from causing the graphics text module to parse the entire document. This can be overridden by using the maxlen=... attribute in the tag.

Mount point
The URL prefix for the graphic characters.

Default number of colors per image
The default number of colors to use. 16 is generally sufficient. The size of the image will depend on the number of colors.

.htaccess Support

This module provides almost complete support for NCSA/Apache .htaccess files. See http://hoohoo.ncsa.uiuc.edu/docs/setup/access/Overview.html for more information on .htaccess.

Variables

Cache the failures
If this is set, all attempts to find a .htaccess file are logged, failures as well as successful attempts. If you run a busy site it is advantageous to set this so that problems can be quickly traced. One drawback is that users will then have to press Reload in their browser in order to get the updated .htaccess file parsed.

HTTP-Proxy

This is a caching HTTP proxy, useful for sites using firewalls. It is also useful as a site-wide cache, allowing for faster "surfing" on the Internet.

Variables

Cache pages with cookies
If this option is set, documents with cookies will be cached. As such pages might be dynamically generated depending on the values of the cookies, you may want to leave this option turned off.

External filter regular expressions
If the request matches one of these regular expressions, these are the external filters to use. Consider the example below:

www2.infoseek:[0-9]*/ bin/proxyfilterdemo infoseek
www2.infoseek.com:[0-9]*/.*html bin/proxyfilterdemo infoseek
www.lycos.com:[0-9]*/ bin/proxyfilterdemo lycos www.lycos.com:[0-9]*/.*html bin/proxyfilterdemo lycos


Please note that these must be regular expressions.

Location
The location of the proxy in the virtual file system. If set to any other value than the default ("http:/"), all WWW clients will fail in using it as a proxy.

Logfile
This is the file name of the log to be used for proxy-accesses. If it is left empty, no logging will take place.

No cache for
This is a list of regular expressions. URLs that match any entry in this list will not be cached at all.

Remote proxy regular expressions
Here you can add redirects to remote proxy servers. If a file is requested from a host matching one of the patterns, the proxy will query the proxy server at the host and port specified. Hopefully, that proxy will then connect to the remote computer.

# All hosts inside *.rydnet.lysator.liu.se have to
# be accessed through lysator.liu.se .*\.rydnet\.lysator\.liu\.se 130.236.253.11 80

Please note that these must be regular expressions.

HTTP-relay

This module relays requests not resolvable by this server to another server. This can be useful when you have moved information to another server.

Variables

Module priority
This tells Roxen whether or not to immediately redirect the request. If set to "last", Roxen will first try to find the file in the ordinary way. If set to "first", the redirection will be immediate.

Relay host
The IP number of the host to relay to.

Relay port
The port number on the remote host to relay to.

Always redirect
All URLs that match any of the patterns in this list will always be redirected to the remote server, even if they do match a pattern in the Don't redirect list.

This is a space separated list of patterns, where each pattern is a string which will be matched against the requested URL. * matches zero or more arbitrary characters, and ? matches any single character.

Don't redirect
Do not relay requests for any of the patterns in this list, unless they also match one of the patterns in the "Always redirect" list.

Index Files

This is a directory module which you can use if you absolutely do not wish for Roxen to send directory listings. If no index file is present in the requested directory, the "No such file" message will be sent back to the client.

Variables

index_files
This is a list of file names that should be sent when a directory is requested. If a file with any of these names is present, it will be sent to the client when the directory is requested.

Indirect Href

This is a database holding URL aliases mapped to real URLs. The module adds a new tag and by using this new tag (its name is defined in the variable Tagname) you can use the symbolic names instead of the real URLs. Using these definitions, when a URL changes you need only change it here.

Variables

Indirect HREFs
This is the actual database. The syntax is as follows:

name=URL

The following is a valid example: idonex=http://www.idonex.se

Tagname
The name of the tag used when inserting a URL from the database (see above). <Tagname name=indirectname>foo</Tagname> will be replaced with <a href=URL>foo</a>.

IP-less Virtual Hosting

This module adds support for IP-less virtual hosts. It is added to a server with a real listen port. configured, no ports need be added to the servers you want to use IP-less virtual hosting for. Their server URLs must be configured, however. For each request, a server will be selected based on the host header of the request.

ISMAP Image-Maps

This module enables Roxen to handle image maps. For further discussion on this. Refer to the section on image maps for further reference.

There is only one variable to set, the map file extension. This is by default set to .map but may of course be changed to anything you deem appropriate. All files named with this extension are then parsed as map files.

Language

This module handles documents available in different languages. It examines a request to find out what language is desired by the user, based on a special suffix. For instance, .sv would be a Swedish-language resource, and .en one in English.

The module defines three new tags, as follows.

<language>
tells the language the current page is in.
<available_languages>
gives a list of all other languages the current page is available in, and links to them.
<unavailable_language>
shows the language the user requested the page in, if the page is not available in that language.

All tags take the argument type={txt, img}. The default is img.

Variables

Default language
This is the default language for this server. It is used when deciding which language file to send when the user has made a choice. Files without a language extension are considered to be in this language.

Languages
This specifies which languages are supported by the site. Support for each language is defined on one row, on the form »language-code« »language-name« »optional next-language-codes«. An example follows below.

sv Svenska en de
en English de
de Deutsch en

The next-language-codes are used to determine which language to use if the one delected is not available. To find a page in an appropriate language, languages are tried as follows.

  1. The selected language, stored as a prestate.
  2. The user agent's accept-headers.
  3. The default language.
  4. The default next-language-codes for the default language.
  5. All languages, in the order listed in this variable.

Empty lines as well as lines beginning with # or // will be ignored. Lines containing errors may be ignored, or execute a HCF instruction.

Flag directory
The path to a directory holding small GIF format image files of flags or other symbols, representing the various languages.
  • language-code.selected.gif Shown to indicate that the page is in that selected language, usually by the header-module.
  • language-code.available.gif Shown as a link to the page in that language. Only shown if the page is available in that language.
  • language-code.unavailable.gif Shown to indicate that the user has selected a language that this page is not available in.
  • language-code.dir.selected.gif Shown to indicate that the directory entry will be shown in that language.
  • language-code.dir.available.gif Shown as a link to the Shown as a link to the directory entry translated to that language.

Flags in directory lists

Include readme files

Directory parsing

Directory index file override enabled

Exclude backup files from directory listings

Directory index files

Use config (uses prestates otherwise)

Text only
If set, the tags type argument will default to txt instead of img.

Logging Disabler

This module can be used to turn off logging for certain resources, based on regular expressions.

Variables

No logging for
Requests for any file whose virtual file name matches this pattern will not be logged.

Logging for
Files matching this regular expression will be logged unless they also match the pattern in the No logging for field.

Main RXML Parser

This is the main module for parsing RXML, with which other parser modules will register.

Variables

Access log
If unset, the <accessed> tag will not work and no access log will be needed. This will save three file descriptors.

Access log file
When a file is accessed, a counter in this file is incremented. This will be used when parsing the <accessed> tag.

Close the database if it is not used
If this is set, the accessed database will be closed if it is not used for 8 seconds

Don't Parse files with exec bit
If set, no files with the exec bit set will be parsed (the exec bit is the one that is set by chmod +x »filename«). This is the reverse of the Require exec bit on files for parsing flag. It is not very useful to set both flags.

Extensions to accesscount
Count accesses to all files with these extensions.

Extensions to parse
Parse all files with these extensions.

Maximum file size
Maximum file size to parse, in kilobytes.

Require exec bit on files for parsing
If set, files must have the one or more execute bit set in order for them to be parsed by this module.

SSI support: execute command
If set and server side include support is enabled, Roxen will accept NCSA / Apache <!--#exec cmd=\"XXX\"--> server side include.

Note that inserting command and CGI script results will block the server.

SSI support: NSCA and Apache SSI support
If set, Roxen will parse NCSA / Apache server side includes.

Mirror Filesystem

This is a mirror file system, mirroring the virtual file tree of another Roxen server. The file system connects to a Mirror Server using Roxen RPC.

The search path of the Mirror Filesystem is used as a cache. It is not a good idea to use the same cache directory in multiple mirror filesystems. Also, never store other files in it. If you want to test this module, there is a mirror for www.roxen.com at skuld.idonex.se:2000


Do not under any circumstances let this module connect to a mirror server in the same Roxen server. This will cause your server to fail disastrously.

Variables

Mirror Server
The location to mirror from. This is not the http location, but the one entered in the "mirror server" on the remote site.

Mirror Refresh
Check the pages this often (in hours). Please note that the pages are only reloaded from the source server if they have actually changed. While this is a lot faster than FTP mirroring, at most one file per second is checked. The update may therefore take quite a while just the same.

Mirror Server

This is the server end of the Roxen Mirror system. Add this module to any server you want to mirror on another server. You can not mirror to the same Roxen server, since that would cause a deadlock. That is, the mirror file system will make a blocking request to the mirror server, which will be unable to serve it since the mirror file system is blocking the Roxen server.

Variables

Mirror Server port

Base URL

Pike Script Support

This module takes care of users' Pike scripts. Scripting with Pike works somewhat like CGI, with the exception that scripts are handled internally in the server. Because of this Pike scripts are much faster, but will block the server while executing.

This module should not be enabled if you allow anonymous PUT.

Redirect Module v2.0

This module redirects all accesses from one path in the virtual filesystem to another server or path. One use for this is moving a directory tree to another server or path.

Variables

Redirect patterns
The module allows you to redirect requests for one file to another by using regular expressions. The syntax has three different forms; regexp to_URL, prefix to_URL and exact_file_name to_URL. A few examples follow.

To redirect requests in a certain directory to another:

/from/.* http://to.idonex.se/to/%f

To redirect all requests ending with .cgi:

.*\.cgi http://cgi.foo.bar/cgi-bin/%p

To make a request in /thb/ be answered by one specific file:

/thb/.* %u/thb_gone.html

To redirect requests to /roxen/ to another WWW server:

/roxen/ http://www.roxen.com/

This is a special case. If the first string on the line is "exact" the file name following must match exactly.

exact / /main/

%f in the to field will be replaced with the filename of the matched file. %p will be replaced with the full path, and %u will be replaced with this server's URL. The latter is useful when you wish to send a redirect instead of doing it internally.

You can use ( and ) in the regular expression to separate parts of the from pattern when using regular expressions. The parenthesised parts can then be inserted into the to string using $1, $2 and so on. Please refer to the following examples.

When a file ending with ".class" somewhere in a directory containing the partial path "/SE/liu/lysator/" is requested, this will redirect the request to the same file, but under "/java/classes/".

.*/SE/liu/lysator/(.*)\.class /java/classes/SE/liu/lysator/$1.class

This will redirect for files ending with .en.html to a prestate-relative URL.

/(.*).en.html /(en)/$1.html

This will make sure that all "ugly" requests for index files are redirected to the directory itself. This will cause Roxen to always send the index file you have decided should be sent when the URL does not end with a file name.

If the "to-file" is not a full URL, the redirect will always be handled internally, so add %u to generate an actual redirect, i.e. to return a new URL to the browser.


If the "from" pattern does not contain any "*" characters, it will not be treated like a regular expression but as a prefix that must match exactly. The reason for this design choice was speed.

Secure File System

The secure file system module works much like the ordinary file system module, but is a bit more secure since it allows regular expression security.

Variables

Mount Point
Where the module will be inserted in the name space of the server.

Search Path
Were the module will search for files in the real file system.

Handle DELETE
If set, the DELETE action can be used to delete files in the file system.

Handle PUT
If set, PUT can be used to upload files to the file system.

Enable directory listings by default
If set, you have to create a file named .www_not_browsable (or .nodiraccess) in a directory to disable directory listings. If unset, a file named .www_browsable in a directory will enable directory listings.

Require authentication for modification
Only allow authenticated users to use methods other than GET and POST. If this flag is unset, this file system will be a very public one allowing anyone editing access to files located on it.

Show backup files
If set to "No", all files ending with ~, # or .bak will be considered backups and excluded from directory listings.

Show hidden files
f set to Yes, all hidden files will be included in directory listings and made retrievable.

Cache the results of stat(2)
If you use NFS, setting this flag can speed up the retrieval of files. This will, however, use some memory.

Security patterns
This is a list with entries on the form filepattern: security level =pattern. Each entry must be in one of the forms listed below.

  • allow ip=pattern

  • deny ip=pattern

  • allow user=pattern
In patterns, * matches one or more characters and ? matches one single character. Please note that the expressions are tested in order, so if you have *: allow host = * as the first line, it will not matter whatever you add further down. Everything will still be allowed.

SSL-Proxy

This module implements the CONNECT method, useful for "tunneling" SSL connections. This is used in the Secure proxy server by Netscape Communications. Read more on this subject in the draft at http://www1.netscape.com/newsref/std/tunneling_ssl.html.

Variables

Allowed Ports
This is a comma separated list of strings. Connections will only be made to ports within the range given here. The syntax is firstport-lastport or just plain port. It may be desirable to disallow access to some ports. See the Forbidden Ports variable below.

Connection refused message
The message to send when the requested host denies the connection.

Forbidden Ports
This is a comma separated list of strings. The syntax is identical to that of the Allowed Ports variable.

No such host message
The message to send when the requested host cannot be found.

Tablify

This is parser module that can generate HTML 2.0 tables from, for example, a set of tab separated fields. It defines the <tablify> tag. This tag is a container, i.e. text between <tablify>...<tablify> is parsed and put into a table. There are no variables to set.

Tab List

This module generates tab lists like those seen on top of the Roxen configuration interface.

Variables

Mount point
Where the module will be inserted in the name space of the server.

Font path
Where the fonts reside on your system. This path is relative to the mount point.

Default font
The font that should be used when the module generates the tablists.

Timestamp

A sample extension type module. If you open a file with the extension .timestamp, the time stamp, i.e. the last modification date of the file without that extension will be shown.

Variables

Mount Point
Where the module will be inserted in the name space of the server.

Time Modification
Time difference in seconds from the system clock.

User Data Base and Security

The user database and security module manages security in Roxen. It uses the normal system password and user database to validate users. The module also maintains the user database for all other modules in Roxen, e.g. the user filesystem module.

Variables

Password database request method
What method to use to maintain the passwd database. getpwent is very slow but it should work on all systems and it will work with /etc/shadow if Roxen is allowed to read it. It will also enable automatic password information updates. Every ten seconds the information about one user from the passwd database will be updated. A call will also be performed if a user is not in the in-memory copy of the passwd database. This choice may not be available on your system.

Other methods are ypcat, niscat (on Solaris 2.x systems) and file. If you choose none, all authentication requests will succeed regardless of the name and password used.

Password database file
The password file that will be used for authentication checks if the method is set to file.

Password command arguments
If you wish to send extra arguments to either ypcat or niscat. For ypcat the full command line will be:

ypcat »arguments« passwd

For niscat it will be:

niscat »arguments« passwd.org_dir

If you do not want the passwd part, you can end your arguments with "#".

Turn }{| into åäö.
If set, }, {, and | will be translated into å, ä and ö in the Real Name field of the userinfo database.

Strip finger information from fullname
If enabled, the module will strip everything after the first "," character from the GECOS field of the user.

Password database shadow file
This file will be used if method is set to shadow.
Interval between automatic updates of the user database
This specifies the interval in minutes between automatic updates of the user database.

User File System

The user file system works more or less like a file system, except that it uses the user data base to get information about the home directories of users. It then uses this information to fetch the files by appending a public directory path. To use this module, you must have the user data base enabled. Otherwise, this module will not work as expected.

Variables

Banish list
This is a comma-separated list of users, none of which will be considered valid. This can be used to selectively shut off access for certain users, or to disable loops. Consider this example: If the home directory of the user www is /usr/www, and most HTML files are located in the html/ directory, which also happens to be the public directory, then /~www/ would be the same as /.

Password users only
Only users possessing a valid password on the system are allowed to have public directories.

Public directory
This is the location of the public directory. Assume that it is set to .public, that the module has the mount point /~ and that Per's home directory is /home/per. Now, when the file /~per/foo is accessed the module will try to find the file or directory /home/per/.public/foo.

Only owned files
If set, only those files that a user really owns can be sent. It enhances security, but can cause problems when several users are working in one user's directory.

All variables except Search Path are inherited from the file system module.

User Logger

This module can log the accesses of each user's files in their home directory. It will do so for a user if a file named AccessLog is present in that user's home directory, and Roxen can write to this file. This can speed up logging, especially when numerous users are present on your system.

Variables

Maximum number of open log files
Since any one user's pages are typically accessed several times in a row, it is inefficient to close the files after every logging. This number tells Roxen how many log files it should allow to be open at the same time.

Log file garb timeout
This should be set to an integer number. It is the number of seconds after the last logging that should pass before a log file is closed.

Only log in user log
If this is set, no logging will be done in the normal logs.

Private logs
These directories will be checked for private log files. Use either a specific log path or a pattern. /foo/ will check for /foo/AccessLog, while /users/&s/ will check for the file AccessLog in all subdirectories of /users. Note that all paths are in the virtual file system, not the real one.

WAIS Gateway

This module allows Roxen to act as a caching WAIS gateway. It can be useful for sites using fire walls as well as for anyone who wishes to experience faster "surfing",

Variables

Location
The mount point of the gateway in the virtual file system.

Cache WAIS files
Enables the caching of WAIS files.

Connection refused message

This is the path of a file. Upon a "connection refused" error, the contents of this file will be sent to the user.

Previous Chapter
Next Chapter
Table of Contents
Index