FIRST OF ALL: SOMETHING OBVIOUS...

This plugin is useful just for those running IMAP-server and
WWW-server on the same machine. Maybe in a future version I
will  try to use rsh or ssh to execute quota on remote system
so you'll be able to retrive disk-quota info over a secure
connection!

=================================================================

OK, WHAT DO I NEED TO USE THIS PLUGIN?

- SquirrelMail configured and running on any Unix/Linux system
- Diskquota installed on your system

=================================================================

WHAT SHOULD I DO TO MAKE THIS PLUGIN WORK?

Well, first of all you have to identify the user running the
web-server on you system. You could procede like that:

[root@monster root]# ps aux |grep http
root      1135  0.0  0.8 45320 4612 ?        S    17:34   0:00 httpd -DHAVE_PHP4
apache    1143  0.0  1.4 47672 7376 ?        S    17:34   0:00 httpd -DHAVE_PHP4
apache    1144  0.0  1.4 47748 7440 ?        S    17:34   0:00 httpd -DHAVE_PHP4
apache    1145  0.0  1.4 47764 7460 ?        S    17:34   0:01 httpd -DHAVE_PHP4
apache    1146  0.0  1.3 47492 7152 ?        S    17:34   0:01 httpd -DHAVE_PHP4
apache    1848  0.0  1.4 47604 7224 ?        S    17:48   0:00 httpd -DHAVE_PHP4
apache    1852  0.0  1.1 46560 6148 ?        S    17:48   0:00 httpd -DHAVE_PHP4
[root@monster root]#

which means that "apache" is the user running the httpd server.
It usually happens (on unix systems) that quota command is executable
by any user, but each user can ONLY query his own disk-quota usage,
while user Root can obviously look at anyone's quota!
In order to let the plugin work, the user running httpd (let's suppose
he's the user Apache) must have the same power of root: he must be
able to ask quota for any user!!!
Please notice that you cannot "chown apache:apache /usr/bin/quota" for
example. It will NOT work because the quota binary simply retrive some
data from a special database which permissions are:

-rw-------    1 root     root         7168 gen 19 15:15 aquota.group
-rw-------    1 root     root         7168 gen 19 15:15 aquota.user

so even if quota-binary is owned by apache, the access to the databases
is still denied. The only way to procede if... having a kind of setuided
quota binary.
Indeed, you have three way to procede.

FIRST WAY (simplest, but not very secure for the privacy)
You could simply "chmod +s /usr/bin/quota", so that any user will run
quota binary as root. There is "just" a privacy issue with it: anyone
could check quotas for any other one! It's not very nice, because the
user you hate could discover that he got 30 MB of disk-quota, while
your girlfriend got 1 GB on raid-1! =;-p
Anyway you can surely use this simple solution (chmoding +s the quota
binary) if user have only got IMAP(s)/HTTP(s) access to the server. It
can happen if any user does not have a shell (let's say he have some-
thing like /bin/false) and the server is just IMAP and WWW...

SECOND WAY (definitely better if users have a real shell)
I have to thank Jakub Grygiel (kubas@kul.lublin.pl) for this nice
suggestions. I simply report his mail: I test it and it works very
well on my system. So here you are:

/*
*	We have to copy quota binary to wwwquota (for expample)
*	Then:
*
*	chown root:apache wwwquota
*	chmod 4750 wwwquota
*
*	In options.php we have to change line with $quota_binary:
*	
*	$quota_binary="/usr/bin/wwwquota"
*
*	So only wwwquota will be suided and none of the users can
*	use it except apache users.
*/

the last problem is that users having www account (I mean: user who
can upload their www pages) can still use a php script with a call
to the quota-binary (just like the one in options.php) to run quota
as apache, and then he can know all of the quota.
Sorry, but I do not have a "global" solution at the moment: please
consider to email me (claudio.panichi @roma2.infn.it) any eventual
hint about it!!!


THIRD WAY (Thanks to Harry Yu, Andrzej Wojkowski, Jorge Paramo)
It seems that FIRST and SECOND way won't work on some systems like
Solaris, BSD and some Linux distribuion (RedHat afaik). So this is
the last resource to make this plugin work on those systems: you can
simply try using "sudo". For example, on Solaris you must add
     nobody        ALL=NOPASSWD:/usr/lib/fs/ufs/quota
or
     apache  ALL= NOPASSWD: /usr/bin/wwwquota [A-z]*

into /etc/sudoers. This seems to fix the problem!



=================================================================

RUNNING DISK_QUOTA ON DIFFERENT BOXES (thanks to Richard J.Sears)

Richard J. Sears sent an email describing the way he could run
disk_quota on different boxes, executing a call over ssh2. He explain
very well the whole procedure, so I simply report his mail!...

> I loved your disk quota checker, but we run many mail servers and
> we needed it to be able to check quotas on different boxes.
> The way I attacked the problem with quotas on another box was
> pretty simple.
> On the box I wanted to get quotas from, I followed your instructions
> to the letter about setting up a wwwquota only I used a non-privilaged
>  user on that box as the user, in my case I used rsears and called
> it webmail-quota:
>
> -rwsr-x--- 1 root rsears 51176 Sep 16 22:56 /usr/bin/webmail-quota
>
> Next, on the webmail server I entered the www directory (user running
> apache), su'd to that user and ran an ssh-keygen2 to create a set of
> keys for the www user. I created them without a password.
> I copied the .pub key to the /home/rsears/.ssh2/webmail.pub file on
> the mail server I wanted to get quotas from and gave that key
> authorization to connect as rsears by editing the authorization file
> and adding Key webmail.pub to the file.
> Then in the options.php file I made this change:
>
> $quota_binary="/usr/local/bin/ssh2 -l rsears -q mail1.domain.net webmail-quota";
>
> Now I was able to allow the www user on my webmail server the ability to
> connect to the mail server as a non-privilaged user (rsears) and make
> the quota request. using the -q flag with the ssh2 command created an
> output exactly as if I were running the command locally.

Really many many thanks for this suggestion! :-)


=================================================================

FAQ

Q. Why quota-binary should be setuided?
A. Apache need to know the user-quota. Usually only root can see
   the quota for any user! But if you want Apache to retrive that
   data, he must be able to query the quota-db for any logged user.

Q. Is there a way it works without the setuid on quota?
A. Yes. See "SECOND WAY", suggest by Jakub Grygiel up in this file.
   One more way could be this: let httpd run as root! (GULP! DO NOT!)

Q. What's the risk with a setuided quota on my system?
A. Any user will be able to see the other's user quota. It's a
   privacy-related matter.

Q. I changed the owner of quota-bynary. Why it still does't work?
A. Even if you chown the quota binary, The user runnig httpd will
   not be able to use the quota-database because it's only readable
   by root...

Q. Oh hell... so what I could do for my user's privacy?
A. I have a great server with apache+php+uw_imap. Users can only
   login via IMAPs or HTTPs: it's a MAIL-SERVER! In this way it's
   safe to setuid the quota-binary. In other words, each user have
   shell=/bin/false, and any telnet/ssh/rsh (etc.etc.) service is
   stricly closed.

Q. What's the SM version you tested this plugin on?
A. I'm running SM-1.2.2 at the moment and disk_quota-1.0 on
   Mandrake-Linux 8.1 (www server is apache-1.3.22)

Q. Is there a way to not allow users to use php scripts
   in their www directory?
A. Yes. I didn't test it, but Jakub Grygiel (kubas@kul.lublin.pl)
   send me an email with this hint:
	>
	> just create .htaccess file in user's www directory
	>
	> chmod 444 .htaccess
	>
	> put the following line to .htaccess file:
	> php_flag engine off
	>
	> I that it's security by obscurity but it works...
	>
   I wish to thank Jakub for his suggestions :-)

Q. I cannot run disk-quota plugin on my Solaris, BSD and RedHat
   system simply changing permission, is there another way?
A. Of course. If the 2 ways I suggested won't work, you can try
   using "sudo". For example, on Solaris you must add
     nobody        ALL=NOPASSWD:/usr/lib/fs/ufs/quota
   into /etc/sudoers. This should fix the problem!
   Many many thanks to Harry Yu and Andrzej Wojkowski  for this
   useful indication! :-)

=================================================================

REPORTED SUCCESS

I've been notified about a fine working of this plugin on...

- Linux Mandrake 8.1
- Solaris
- RedHat
- BSD


=================================================================

PLEASE MAKE ME KNOW YOU SYSTEM PLEASE, both in case of success
or in case of failure!!!  (email to claudio@roma2.infn.it)
