tag:support.pimpmylog.com,2013-12-07:/discussions/questions/75-unattended-installationPimp my Log: Discussion 2016-01-13T01:05:27Ztag:support.pimpmylog.com,2013-12-07:Comment/388086582016-01-02T18:47:17Z2016-01-02T18:47:17Zunattended installation<div><p>Hello,</p>
<p>there will be an API I hope in 2016 ! But for the moment, here
is the basic format of the <code>auth</code> file (all auth
functions are in the class <code>Sentinel</code> in file
<code>inc/Sentinel.php</code> :</p>
<pre>
<code><?php if (realpath(__FILE__)===realpath($_SERVER["SCRIPT_FILENAME"])) {header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");die();}?>
{
"generated": "1448388815",
"security": "c63JoOs8_ZWJSKw6Xi7eEwzdEjg0i6cCDP7oTZU66SwKWYFnIupDmZk2js-gwkqK",
"anonymous": [],
"users": {
"potsky": {
"roles": [
"admin"
],
"pwd": "917f33800bce25637e632f4f906892424c1fe34b",
"logs": [],
"cd": "1448388822",
"cb": null,
"at": "Dgd-Qwh5zsJAmcHnr_jZsIeaVsWzqoGu",
"hp": "Zjf15D-PoWanaJ-2",
"logincount": 1,
"lastlogin": {
"ip": "::1",
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7",
"ts": "1448388830"
}
},
"potskyuser": {
"roles": [
"user"
],
"pwd": "880770f022dfbee46cd9225c34809b9a5516d853",
"logs": {
"-config-user-d-apache-php-contenterror": {
"r": true
},
"-config-user-d-apache-php-contentaccess": {
"r": true
},
"-config-user-d-apache-php-apierror": {
"r": true
},
"-config-user-d-apache-php-apiaccess": {
"r": true
},
"-config-user-d-squid-php-squidaccess": {
"r": true
}
},
"cd": 1386752948,
"cb": "root",
"at": "fCm1j44r0KYV2c6n8Y_CVYlwqe_3QBUw",
"hp": "iNnCGPfgA7NJaZ98",
"logincount": 1,
"lastlogin": {
"ip": "172.16.25.1",
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7",
"ts": "1444892251"
}
}
},
"logs": [
[
"signin",
"potsky",
"1448388830",
"::1",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7"
]
]
}</code>
</pre>
<p>And here are the explanations :</p>
<pre>
<code><?php if (realpath(__FILE__)===realpath($_SERVER["SCRIPT_FILENAME"])) {header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");die();}?></code>
</pre>
<p>Always copy this line as it to avoid people access directly the
json file.</p>
<pre>
<code>"generated": "1448388815",</code>
</pre>
<p>The <code>generated</code> key is the timestamp of the creation
date of the auth file.</p>
<pre>
<code>"security": "c63JoOs8_ZWJSKw6Xi7eEwzdEjg0i6cCDP7oTZU66SwKWYFnIupDmZk2js-gwkqK",</code>
</pre>
<p>This is a random key which will be used as salt when hashing
password. If you change it when users have already been created,
their password will not work anymore.</p>
<pre>
<code>"anonymous": [],</code>
</pre>
<p>The list of logs (file ids) accessible anonymously</p>
<pre>
<code>"users": {</code>
</pre>
<p>The list of users where keys are usernames and values are the
user object.</p>
<pre>
<code>"potsky": {</code>
</pre>
<p>The first user is <code>potsky</code>. The username is the key
of the user object.</p>
<pre>
<code> "roles": [
"admin"
],</code>
</pre>
<p>A list of roles. Supported roles are now <code>user</code> or
<code>admin</code>. No need to set an admin as a user too.</p>
<pre>
<code> "pwd": "917f33800bce25637e632f4f906892424c1fe34b",</code>
</pre>
<p>The user password hash encoded with this formula : <code>sha1(
$security . $username . $generated . $password )</code></p>
<pre>
<code> "logs": [],</code>
</pre>
<p>This array lists all log files accessible by the user. Here is
an other example with a user and not an admin :</p>
<pre>
<code> "logs": {
"-config-user-d-apache-php-contenterror": {
"r": true
},
"-config-user-d-apache-php-contentaccess": {
"r": true
},
"-config-user-d-apache-php-apierror": {
"r": true
},
"-config-user-d-apache-php-apiaccess": {
"r": true
},
"-config-user-d-squid-php-squidaccess": {
"r": true
}
},</code>
</pre>
<p>The only supported value now is <code>r</code> for
<code>read</code>.</p>
<pre>
<code> "cd": "1448388822",</code>
</pre>
<p>The creation date timestamp.</p>
<pre>
<code> "cb": null,</code>
</pre>
<p><code>cb</code> is for <code>created by</code>. This is the
username of the user who has created the current user. System is
<code>null</code>. You can set all values to <code>null</code>.</p>
<pre>
<code> "at": "Dgd-Qwh5zsJAmcHnr_jZsIeaVsWzqoGu",</code>
</pre>
<p>This is the access token</p>
<pre>
<code> "hp": "Zjf15D-PoWanaJ-2",</code>
</pre>
<p>Presalt for this user, postsalt is the instance security
token</p>
<pre>
<code> "logincount": 1,</code>
</pre>
<p>Do not set this value when creating a user.</p>
<pre>
<code> "lastlogin": {
"ip": "::1",
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7",
"ts": "1448388830"
}</code>
</pre>
<p>Do not set this value when creating a user.</p>
<pre>
<code>"logs": [
[
"signin",
"potsky",
"1448388830",
"::1",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7"
]</code>
</pre>
<p>Do not set this value when creating a user.</p>
<hr>
<p>If you want to use PHP to create the authentication file and
users, it is easier :</p>
<ul>
<li>Include the Sentinel class in your script</li>
<li>use the <code>create</code> method to create the authentication
file</li>
<li>use the <code>setUser($username , $password)</code> method to
create a user</li>
<li>use the <code>setAdmin($username , $password)</code> method to
create an admin</li>
</ul>
<p>For example :</p>
<pre>
<code><?php
include 'inc/Sentinel.php`;
Sentinel::init();
Sentinel::create();
Sentinel::setAdmin('admin','pass');
Sentinel::setUser( 'user' , 'pass' , null , array( 'fileid1' => array( 'r' => true ) , 'fileid2' => array( 'r' => true ) ) );
Sentinel::save();</code>
</pre>
<p>Tell me if it works !</p></div>potskytag:support.pimpmylog.com,2013-12-07:Comment/388086582016-01-05T22:45:55Z2016-01-05T22:45:57Zunattended installation<div><p>Thanks a lot for the very clear explaination.</p>
<p>it worked as well with some minor changes:</p>
<p><?php</p>
<p>include 'inc/global.inc.php'; include
'inc/classes/Sentinel.php'; Sentinel::init(); Sentinel::create();
Sentinel::setAdmin('admin','pass'); Sentinel::save(); ?></p></div>Pietrotag:support.pimpmylog.com,2013-12-07:Comment/388086582016-01-06T08:13:29Z2016-01-06T08:13:29Zunattended installation<div><p>Nice!</p></div>potskytag:support.pimpmylog.com,2013-12-07:Comment/388086582016-01-13T01:05:27Z2016-01-13T01:05:27Zunattended installation<div><p>Here: <a href="https://github.com/pbertera/dockerfiles/tree/master/SyslogServer">https://github.com/pbertera/dockerfiles/tree/master/SyslogServer</a><br>
you can find a Docker container with rsyslog and PML.</p>
<p>Thanks,</p></div>Pietro