1. 2006-07-11.trac 的权限控制

总是有Spam 来修改首页! 终于弄明白怎么权限ACL了!加入!

trac-admin /path/to/svn.woodpecker/trac permission list 

User        Action
---------------------------
anonymous   BROWSER_VIEW
anonymous   CHANGESET_VIEW
anonymous   FILE_VIEW
anonymous   LOG_VIEW
anonymous   MILESTONE_VIEW
anonymous   REPORT_SQL_VIEW
anonymous   REPORT_VIEW
anonymous   ROADMAP_VIEW
anonymous   SEARCH_VIEW
anonymous   TICKET_CREATE
anonymous   TICKET_MODIFY
anonymous   TICKET_VIEW
anonymous   TIMELINE_VIEW
anonymous   WIKI_VIEW
cpugdevgrp  REPORT_ADMIN
cpugdevgrp  TICKET_ADMIN
cpugdevgrp  WIKI_ADMIN
limodou     cpugdevgrp
woodpecker  cpugdevgrp
zoomq       cpugdevgrp

1.1. 口令生成

根据提示

http://trac.edgewall.org/wiki/TracStandalone 使用如下脚本生成htdigest样儿的口令文件

### file: htdigest.py
from optparse import OptionParser
import md5

# build the options
usage = "usage: %prog [options]"
parser = OptionParser(usage=usage)
parser.add_option("-u", "--username",action="store", dest="username", type = "string",
                  help="the username for whom to generate a password")
parser.add_option("-p", "--password",action="store", dest="password", type = "string",
                  help="the password to use")
(options, args) = parser.parse_args()

# check options
if (options.username is None) or (options.password is None):
   parser.error("You must supply both the username and password")
   
# Generate the string to enter into the htdigest file
realm = 'woodpecker'
kd = lambda x: md5.md5(':'.join(x)).hexdigest()
print ':'.join((options.username, realm, kd([options.username, realm, options.password])))
使用时类似

python htdigest.py -u woodpecker -p [email protected] >> users.htdigest

1.2. 带认证启动trac

然后启动 tracd:

tracd -d -p 8080 --auth trac,/path/to/svn.woodpecker/users.htdigest,woodpecker /path/to/svn.woodpecker/trac
       |    |       |   |       |                                   |           |
       |    |       |   |       |                                   |           +-- trac 实例目录处
       |    |       |   |       |                                   +-- repo的"realm"htdigest.py中可以定制
       |    |       |   |       +-- 口令文件位置
       |    |       |   +-- 所谓项目标识,与trac实例目录名要一致!
       |    |       +-- 不使用"basic-auth"模式!启动扩展认证
       |    +-- 指定发布的端口
       +-- daemon守护模式运行!

2. 反馈

  • Why not use apache to publish ? -- dreamingk
    • Apache is so big now!and not fast no,so so,usage 专门进程来启动专门服务,方便管理! -- ZoomQuiet