Skip to content

Latest commit

 

History

History
123 lines (85 loc) · 6.36 KB

README.textile

File metadata and controls

123 lines (85 loc) · 6.36 KB

Remediation

Introduction and Installation Instructions

This application is designed to help LSPs track compliance with tasks assigned to their users, such as SSN Remediation. An LSP installs the application, configures the list of users that need to complete the task, and then notifies the users. Users complete the task, and then access this application to record compliance. LSPs may use an administrative interface to view progress.

System Requirements

The following components are needed to run this application:

1. Apache web server
2. PHP running on the web server
3. PHP configured to use mysqli
4. PHP configured to use LDAP (not strictly necessary, but it makes it nicer)
5. Apache configured to use NetBadge
6. A MySQL database server that the web server may query

MySQL database installation

Assuming you have a database set up on a MySQL server and that you have the credentials for accessing it (note: creating MySQL databases and accounts is outside of the scope of this documentation), create the users and the administrators table in that database. You may do this with the mysql command line interface from a unix prompt. Be sure to swap out YOUR_USERNAME, YOUR_DATABASE_SERVER, and YOUR_DATABASE_NAME with the actual values for your database.

	mysql -u YOUR_USERNAME -h YOUR_DATABASE_SERVER -p
	(enter your user's database password)
	use YOUR_DATABASE_NAME
	CREATE TABLE users (computing_id VARCHAR(255), completion_date DATE NOT NULL, PRIMARY KEY(computing_id));
	CREATE TABLE administrators (computing_id VARCHAR(255), PRIMARY KEY(computing_id));

Loading users into the database

Insert the users who need to complete the task into the users table. There are lots of ways to do this, but here’s an example using the mysql command line interface. Be sure to swap out YOUR_USERNAME, YOUR_DATABASE_SERVER, and YOUR_DATABASE_NAME with the actual values for your database.

Note: Include yourself in the list of users so that you may verify that things are working correctly.

	mysql -u YOUR_USERNAME -h YOUR_DATABASE_SERVER -p
	(enter your user's database password)
	use YOUR_DATABASE_NAME
	INSERT INTO users(computing_id) VALUES("mst3k");
	INSERT INTO users(computing_id) VALUES("abc2d");
	INSERT INTO users(computing_id) VALUES("xyz3e");

Add any administrators you’d like to the administrators table (administrators can view the status for everyone):

	INSERT INTO administrators(computing_id) VALUES("mst3k");

For batch loading large numbers of users, you can use the mysqlimport command. First, create a file called “users.txt” on your machine that has all of your users in it, one per line. For example:

	mst3k
	abc2d
	zyx3e

Then use the mysqlimport command (be sure to swap out all of the uppercase values below with your real credentials):

	mysqlimport --columns=computing_id --local -u YOUR_USERNAME -h YOUR_DATABASE_SERVER -p YOUR_DATABASE_NAME users.txt

Application Installation

Log into your web server, go to the appropriate place in the filesystem for storing SSL content, and clone the application. Be sure to swap out YOUR_WEB_SERVER_HOST and YOUR_SSL_DIRECTORY with the actual values for your site. Please note that this application uses NetBadge, which requires SSL, so the application will not work unless it is installed in an SSL directory on a NetBadge-enabled web server.

	ssh YOUR_WEB_SERVER_HOST  (e.g. - ssh blue.unix.virginia.edu)
	cd YOUR_SSL_DIRECTORY (e.g. - cd /web/www.virginia.edu/doc/my_department)
	git clone git://github.com/darthmolly/remediation.git

Alternatively, download one of the tagged versions, and then upload it to your server.

Application configuration

At a minimum, you will need to adjust the settings in inc/configs.inc.php to include your database information. Edit the values in the first few lines in the parts after the => symbol. For example, change:

	"DATABASE_HOST"                 =>      "localhost",                            # your database server

to (where YOUR_DATABASE_SERVER is the actual information for your database server):

	"DATABASE_HOST"                 =>      "YOUR_DATABASE_SERVER",                            # your database server

You should now be able to access your application via a web browser. You’ll need to use the correct host name and directory information for your site. Be sure to swap out YOUR_WEBSERVER and YOUR_SUBDIRECTORY (if applicable):

https://YOUR_WEB_SERVER/YOUR_SUBDIRECTORY/remediate

For example:

https://www.virginia.edu/mydepartment/remediate

Note the “s” on https! If NetBadge is correctly enabled, you should see NetBadge authorization occur. If you get a message that says “We couldn’t find your user record.”, that means you forgot to put your own computing id into the database (doh!)

If you get a blank screen, it’s possible that you have a PHP error occurring, and your server is configured not to display PHP errors (this is a good thing in production, but it makes troubleshooting difficult). To change this setting, edit the file called “.htaccess” (note that the file begins with a dot), and take out the comment symbols (#) at the beginning of the last two lines:

	php_flag display_errors on
	php_value error_reporting 6143

Save, and then try reloading your page to see error messages.

Tweaking the verbiage or style

Now that your application is up and running, you will almost certainly want to update the default verbiage. The relevant files are in the “partials” directory of your application. In there you will find:

1. header.inc.php – the header at the top of the page
2. incomplete.inc.php – the text someone sees if they haven’t completed the process
3. complete.inc.php – the text someone sees if they have already completed the process
4. done.inc.php – the text someone sees right after they complete the process
5. not_found.inc.php – the text someone sees if they have logged into the site but aren’t in your users table
6. footer.inc.php – the footer at the bottom of the page
7. style.css – a stylesheet for the app. In case you want to get fancy or something.
8. users.inc.php – the administrative screen
9. user_confirmation_email.inc.php – the email a user gets after completing the process
10. admin_confirmation_email.inc.php – the email an administrators gets after a user has completed the process