Gollem: A Web-based file manager for back-end data

450

Author: Ben Martin

There are many ways to share files with teams of people, but few require only a Web browser for access and let you choose from tens of different ways of authenticating user access to the files. Such lightweight and universal access is the promise of Gollem, a file manager that runs in your Web browser. With it you can connect to and manage your files on a WebDAV, FTP, or traditional filesystem or SQL database.

Gollem is a subproject of the Horde Application Framework, which you must installed along with it. Horde provides PHP interfaces for building Web applications. These interfaces include pivotal things like session handling, forms, authentication, and encryption.

Gollem is packaged for Ubuntu Hardy but not for Fedora 9 or openSUSE 11. You’ll find packages of Horde available for both Fedora 9 and openSUSE 11; installing them will make installing Gollem itself from source tarball much simpler on these distributions. I’ll install Gollem H3 1.0.4 from source tarball on a 64-bit Fedora 9 machine.

Because Gollem is a subproject of Horde, by default it wants to be installed in a subdirectory of the main Horde installation. The below commands will install Horde from the Fedora 9 repository and then expand the Gollem tarball into the Horde directory. Once this is done I rename the gollem directory to no longer contain the version information, and then create a vfsroot directory for the file manager to use for file storage.

# yum install horde horde-enhanced # cd /usr/share/horde # tar xzf /FromWeb/gollem-h3-1.0.4.tar.gz # chown -R root.apache gollem* # mv gollem* gollem # mkdir -p vfsroot # chown -R apache gollem

The Gollem tarball includes many .dist files, which are default configuration files. The for foo line in the below commands makes a copy of these defaults into real configuration files. I then made the config directory writable by Apache so that I can use Horde to complete the configuration.

# cd ./gollem/config # cd config # for foo in *.dist; do cp $foo `basename $foo .dist`; done # chmod g+w .

I edited the backends.php configuration file to change the default vfsroot to be the new directory that I created for Gollem to use during testing.

# vi backends.php ... $backends['file'] = array( 'name' => 'Virtual Home Directories', 'driver' => 'file', 'preferred' => '', 'hordeauth' => false, 'params' => array( // The base location under which the user home directories live. 'vfsroot' =>'/usr/share/horde/gollem/vfsroot,

For some reason PHP’s PEAR repository was not in the default PHP include_path, so I had to edit the php.ini file for Gollem to work.

# vi /etc/php.ini ... ; UNIX: "/path1:/path2" include_path = ".:/php/includes:/usr/local/php/site-includes:/usr/share/pear"

The new gollem.conf file in /etc/httpd/conf.d stops Apache from directly serving files out of the vfsroot. Depending on how your Horde is configured, all the files in the Gollem vfsroot will be owned by the Web server. If you don’t block direct downloads, users will most likely be able to download any user’s files by accessing the vfsroot directory directly as an ordinary HTTP request. I also disabled the “local connections only” restriction by editing the horde.conf file before restarting Apache.

# cd /etc/httpd/conf.d # vi gollem.conf <DirectoryMatch "^/usr/share/horde/gollem/vfsroot/.*"> Order Deny,Allow Deny from all </DirectoryMatch> # vi horde.conf ... <Directory /usr/share/horde> # Comment out the following 3 lines to make Horde accessible from anywhere <b>#</b>Order Deny,Allow <b>#</b>Deny from all <b>#</b>Allow from 127.0.0.1 # service httpd restart

You complete the Gollem setup inside the Horde environment itself by loading http://localhost/horde into your Web browser. Select the Administration -> Setup link in the tree menu on the left of the main page and make sure that the status for both File Manager (gollem) and Horde are both “Application is ready.” If they are not ready, Horde will let you configure and enable them.

By default on a Fedora machine, Horde is set up to automatically log you in as Administrator without authentication. To change the way Horde authenticates users, select Horde in the Administration -> Setup page and switch to the Authentication tab. Toward the bottom of the page is a drop-down menu offering everything from PAM and /etc/passwd through to IMAP, Samba, and LDAP authentication options. I found that the simplest authentication system to set up was the HTTP basic authentication using htpasswd files. I selected “HTTP (Basic Authentication/.htpasswd) authentication” and set the htpasswd_file to /usr/share/horde/config/htpasswd. The below commands will create a new htpasswd file and add Administrator and the user ben to it.

# cd /usr/share/horde/config/ # htpasswd -c htpasswd Administrator # htpasswd htpasswd ben # chown root.apache htpasswd # chmod 640 htpasswd

When you are using htpasswd authentication, the users you set up in Horde are completely divorced from the Linux user accounts. That means that if you log in to Gollem and create a new file foo.txt as ben, you will find the file at vfsroot/ben/foo.txt in the filesystem and it will be owned by the apache user. If you want files to be owned by a Linux user account instead, you must make Horde change to the Linux user when the Horde user authenticates. See this FAQ entry to get started using other authentication schemes. A screenshot of Gollem viewing a subdirectory of ben’s vfsroot is shown below.

You can use Gollem to store your files in a PostgreSQL database instead of the normal filesystem at vfsroot. Using a relational database for storage might be of interest if you want to link information stored in another relational database with the documents that users upload and edit. To try this, set up a database as shown below. Horde supports many databases, so you can use MySQL or others if you prefer. See the README file in the same scripts/sql directory shown in the example for information about using other databases. Also, you probably want to change the password listed on the last line of the commands shown below.

# su - postgres $ cd /usr/share/horde/scripts/sql $ psql -d template1 -f create.pgsql.sql $ psql -qc "ALTER USER horde WITH PASSWORD 'horde';" template1 postgres

Once you have the database set up, log in to Horde as an administrator and go to the database tab in Administration -> Setup -> Horde to make sure you have the right database engine and credentials set up in Horde. Once Horde can connect to the database you are ready to use it to store your files. Click on the SQL Server link under File Manager and you will see a similar interface to the one shown when you were using the Virtual Home (vfsroot backed) storage. After I uploaded a file to SQL Server storage, logging into the console as postgres I could see the new file and its contents from the horde_vfs table, as shown below.

$ psql horde horde=# select *,decode(vfs_data, 'hex') from horde_vfs; vfs_id | vfs_type | vfs_path | vfs_name | vfs_modified | vfs_owner | vfs_data | decode --------+----------+----------+----------+--------------+-----------+------------------------------------------------------------+---------------------------------- 1 | 1 | | zzz.txt | 1225149849 | | 547565204f63742032382030393a32343a30342045535420323030380a | Tue Oct 28 09:24:04 EST 200812 (1 row)

You may notice that there are two SQL Server links under File Manager. The first link, “SQL Server,” provides shared storage in a relational database for multiple users. The second link, which unfortunately had the right side of the text truncated for me, is for the “SQL Server with home,” which provides private storage in a relational database for only your user. Trying to use the “with home” version I got the error ErrorFolder "home/ben" does not exist when attempting to upload a test file.

If you select just the “SQL Server” link, you can create a new folder home and make the user home directories in there. I found that by making home/Administrator and home/ben I could use the “SQL Server with home” functionality when logged in as both Administrator and ben. The downside is that looking at the SQL database, the vfs_owner was not set to anything for all the files in the database. This meant that if I logged in as ben and selected “SQL Server,” I could browse into home/Administrator and view files that the Administrator uploaded into its “SQL Server with home” directory.

In gollem/config/backends.php you’ll find an entry for “SQL Server with home” that has two options you might like to change. If you set createhome to true instead of false, Gollem will automatically create your home directory in the relational database when you log in. You might also like to change the table that is used to store the VFS files. If you use a different table for your SQL with home files, users will no longer be able to navigate to other users’ home directories.

# vi /usr/share/horde/gollem/config/backends.php ... $backends['sqlhome'] = array( 'name' => 'SQL Server with home', 'driver' => 'sql', ... // The default connection details are pulled from the Horde-wide SQL // connection configuration. 'params' => array_merge($GLOBALS['conf']['sql'], array('table' => 'horde_vfs_home')), ... // 'root' => '/home', // 'home' => '/home/' . Auth::getAuth(), 'home' => Auth::getAuth(),

Of course you’ll have to create the new horde_vfs_home table in the database too. The below commands use a copy of the table schema from /usr/share/horde/scripts/sql/create.pgsql.sql with a table name change. Once this table is set up you’ll be able to store private files in the SQL database that only your Horde user can access.

# su - postgres $ psql horde c horde horde; You are now connected to database "horde" as user "horde". horde=> CREATE TABLE horde_vfs_home ( vfs_id BIGINT NOT NULL, vfs_type SMALLINT NOT NULL, vfs_path VARCHAR(255) NOT NULL, vfs_name VARCHAR(255) NOT NULL, vfs_modified BIGINT NOT NULL, vfs_owner VARCHAR(255) NOT NULL, vfs_data TEXT, PRIMARY KEY (vfs_id) ); horde=> CREATE INDEX vfs_home_path_idx ON horde_vfs_home (vfs_path); horde=> CREATE INDEX vfs_home_name_idx ON horde_vfs_home (vfs_name);

Because Gollem relies on Horde it can be a handful to get set up. However, once you have Gollem up and running, you can take advantage of Horde and Gollem to allow users to load and save files into a relational databases. You might then want to investigate other Horde-based Web applications and decide if you want to invest the time to configure a Horde server.

Some of the file management features you might expect are still missing in Gollem. For example, I could not recursively delete a directory in either the filesystem or SQL-backed storage. Recursive copy failed in a similar manner. Selecting a directory and choosing to copy it and paste it into another location failed. While you might not perform such recursive operations on a daily basis, not being able to perform them through the Web interface is going to frustrate more advanced users.

In summary, Gollem lets you set up a Web interface for a team of users who can share files on an FTP server, in a relational database, or a filesystem on the server itself.

Categories:

  • Internet & WWW
  • Databases
  • Collaboration