Fixes: #3109 There is no documentation for encrypt password option

23131919 · Benoit Mortier · 39d6a93c · 23131919 · 23131919 · 23131919
Commit 23131919 authored 10 years ago by Benoit Mortier
Hide whitespace changes
Inline Side-by-side

Showing

with 26 additions and 2 deletions
+26 -2
--- a/contrib/bin/fusiondirectory-setup
+++ b/contrib/bin/fusiondirectory-setup
@@ -1360,6 +1360,10 @@ This option add FusionDirectory attributes to the people branch.
 This option will install the plugin from a tar.gz of the plugin. This option is intended for people wanting to install from the sources.
+=item --encrypt-passwords
+This option will encrypt the password inside your fusiondirectory.conf file, it need the headers module to be activated in your apache to work.
 =item --list_vars
 This option will list the variables you can change to install FusionDirectory on another set of directories. This option is intended for people wanting to install from the sources.

--- a/contrib/docs/README
+++ b/contrib/docs/README
@@ -45,6 +45,23 @@ like described for fusiondirectory.
 Always run fusiondirectory-setup --update-locales after you've added translations in
 order to let FusionDirectory compile and re-sync the translations.
+* Security related information
+FusionDirectory is running as the www-data user. This makes it possible for other
+web applications (well, this is the rule for allmost every web application
+that stores information somewhere around) to read the fusiondirectory.conf file, which
+may contain vital information about your LDAP service.
+To make it harder to extract these passwords, they get encrypted by a
+master password only readable by the FusionDirectory location.
+You can simply migrate old existing passwords by typing:
+    a2enmod headers
+    fusiondirectory-setup --encrypt-passwords
+    /etc/init.d/apache2 reload
 Have fun!
 ---

--- a/contrib/man/fusiondirectory-setup.1
+++ b/contrib/man/fusiondirectory-setup.1
-.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.14)
+.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.16)
 .\"
 .\" Standard preamble:
 .\" ========================================================================
@@ -124,7 +124,7 @@
 .\" ========================================================================
 .\"
 .IX Title "FUSIONDIRECTORY-SETUP 1"
-.TH FUSIONDIRECTORY-SETUP 1 "2013-04-22" "FusionDirectory 1.0" "FusionDirectory Documentation"
+.TH FUSIONDIRECTORY-SETUP 1 "2014-05-19" "FusionDirectory 1.0.7" "FusionDirectory Documentation"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -162,6 +162,9 @@ This option add FusionDirectory attributes to the people branch.
 .IP "\-\-install\-plugins" 4
 .IX Item "--install-plugins"
 This option will install the plugin from a tar.gz of the plugin. This option is intended for people wanting to install from the sources.
+.IP "\-\-encrypt\-passwords" 4
+.IX Item "--encrypt-passwords"
+This option will encrypt the password inside your fusiondirectory.conf file, it need the headers module to be activated in your apache to work.
 .IP "\-\-list_vars" 4
 .IX Item "--list_vars"
 This option will list the variables you can change to install FusionDirectory on another set of directories. This option is intended for people wanting to install from the sources.