initial commit of file from CVS for smeserver-isoqlog on Sat Sep 7 20:28:56 AEST 2024

root/etc/e-smith/db/accounts/defaults/isoqlog/type

@@ -0,0 +1 @@
+system

root/etc/e-smith/db/configuration/defaults/httpd-isoqlog/TCPPort

@@ -0,0 +1 @@
+942

root/etc/e-smith/db/configuration/defaults/httpd-isoqlog/status

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/httpd-isoqlog/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/events/isoqlog-conf/services2adjust/httpd-e-smith

@@ -0,0 +1 @@
+sigusr1

root/etc/e-smith/events/isoqlog-conf/services2adjust/httpd-isoqlog

@@ -0,0 +1 @@
+sigusr1

root/etc/e-smith/templates/etc/cron.d/isoqlog

@@ -0,0 +1,5 @@
+SHELL=/bin/sh
+MAILTO=root
+
+58 * * * * root  /usr/bin/isoqlog -f /etc/isoqlog.conf 2>&1 > /dev/null
+

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28isoqlogProxyPass

@@ -0,0 +1,26 @@
+{
+    # vim: ft=perl:
+
+    $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ?  'yes' : 'no';
+
+    $OUT = '';
+    if ((${'httpd-isoqlog'}{'status'} || 'disabled') eq 'enabled'){
+
+        if (($port eq "80") && ($haveSSL eq 'yes')){
+            $OUT .= "    RewriteRule ^/isoqlog(/.*|\$)    https://%{HTTP_HOST}/isoqlog\$1 [L,R]\n";
+        }
+        else{
+            $OUT .= "    ProxyPass /isoqlog http://127.0.0.1:${'httpd-isoqlog'}{TCPPort}/isoqlog\n";
+            $OUT .= "    ProxyPassReverse /isoqlog http://127.0.0.1:${'httpd-isoqlog'}{TCPPort}/isoqlog\n";
+        }
+
+        $OUT .=<<"HERE";
+
+    <Location /isoqlog>
+        SSLRequireSSL on
+        Require ip $localAccess $externalSSLAccess
+    </Location>
+
+HERE
+    }
+}

root/etc/e-smith/templates/etc/httpd/isoqlog-conf/httpd.conf/00functions

@@ -0,0 +1,29 @@
+{
+
+use esmith::AccountsDB;
+
+sub getUsersList ($){
+        my ($panelName) = @_;
+        my $a = esmith::AccountsDB->open_ro || die "Error opening accounts db";
+        my @users = $a->users();
+        my @groups = $a->groups();
+        my @Users = ();
+        foreach my $user (@users){
+                my $panels = $user->prop('AdminPanels') || '';
+                push(@Users,$user->key) if ($panels =~ /^(.*,)?$panelName(,.*)?$/);
+        }
+        foreach my $group (@groups){
+                $panels = $group->prop('AdminPanels') || '';
+                        if ($panels =~ /^(.*,)?$panelName(,.*)?$/){
+                        my @members = split(/,/,($group->prop('Members') || ''));
+                        push(@Users,@members);
+                }
+        }
+
+        my %seen = ();
+        my $u = join (' ', grep { ! $seen{ $_ }++ } @Users);
+        return $u;
+}
+}
+
+

root/etc/e-smith/templates/etc/httpd/isoqlog-conf/httpd.conf/01localAccessString

@@ -0,0 +1,24 @@
+{
+    #---------------------------------------------------------------------
+    # Grab ValidFrom access list property of httpd-admin
+    # SSL enabled virtual hosts should only allow access from IP's in
+    # this list, as well as local networks.
+    #---------------------------------------------------------------------
+    use esmith::NetworksDB;
+
+    my $ndb = esmith::NetworksDB->open_ro();
+
+    my @localAccess = $ndb->local_access_spec();
+    my $validFrom = ${'httpd-admin'}{'ValidFrom'};
+    if ($validFrom)
+    {
+        push @localAccess, split /,/, $validFrom;
+    }
+    $localAccess .= join ' ',
+        map { s:/255.255.255.255::; $_ }
+            @localAccess;
+
+    "";
+}
+
+

root/etc/e-smith/templates/etc/httpd/isoqlog-conf/httpd.conf/19AuthTKT

@@ -0,0 +1,9 @@
+{
+    $OUT .= "LoadModule auth_tkt_module modules/mod_auth_tkt.so\n";
+
+    my $secret = ${'httpd-admin'}{TKTAuthSecret} || "34322500-7330-4400-423A-3A00434F5245";
+    $OUT .= "TKTAuthSecret \"$secret\"\n";
+    $OUT .= "TKTAuthDigestType SHA256\n";
+}
+
+

root/etc/e-smith/templates/etc/httpd/isoqlog-conf/httpd.conf/20Modules

@@ -0,0 +1,173 @@
+{
+    my $port = ${'httpd-isoqlog'}{TCPPort} || '940';
+    $OUT .= "Listen 127.0.0.1:$port\n";
+
+    $OUT .= <<HERE;
+
+HostnameLookups off
+
+ServerAdmin admin@$DomainName
+ServerRoot /etc/httpd
+ServerTokens ProductOnly
+
+User isoqlog
+Group isoqlog
+
+ErrorLog /var/log/httpd/isoqlog_error_log
+LogLevel warn
+HERE
+
+foreach (qw(
+    env
+    log_config
+    mime
+    negotiation
+    status
+    info
+    include
+    autoindex
+    dir
+    asis
+    imap
+    imagemap
+    actions
+    userdir
+    proxy
+    proxy_http
+    alias
+    rewrite
+    access
+    authz_host
+    authz_user
+    auth
+    auth_anon
+    auth_digest
+    expires
+    headers
+    usertrack
+    setenvif
+    ssl
+    cgi
+    mpm_prefork
+    unixd
+    authn_core
+    authz_core
+    systemd
+    ))
+{
+    next unless -f "/usr/lib/httpd/modules/mod_${_}.so" ||
+                -f "/usr/lib64/httpd/modules/mod_${_}.so";
+    $OUT .= "LoadModule ${_}_module modules/mod_${_}.so\n";
+}
+
+if (exists $php{status} and $php{status} eq "enabled"){
+        my $modphp = '4';
+        if ( -r "/usr/lib/httpd/modules/libphp5.so" || -r "/usr/lib64/httpd/modules/libphp5.so" ){
+                $modphp = '5';
+        }
+        $OUT .= "LoadModule php".$modphp."_module modules/libphp".$modphp.".so\n";
+}
+
+
+$OUT .=<<"HERE";
+
+<IfModule mod_php4.c>
+    AddIcon /icons/php4.gif .php3 .php4 .php .phtml
+    AddIcon /icons/phps.gif .phps
+</IfModule>
+
+<IfModule mod_php5.c>
+    AddIcon /icons/php5.gif .php3 .php4 .php5 .php .phtml
+    AddIcon /icons/phps.gif .phps
+</IfModule>
+
+
+PidFile /var/run/httpd-isoqlog.pid
+ScoreBoardFile /var/run/httpd-isoqlog.scoreboard
+UseCanonicalName off
+LogFormat "%h %l %u %t \\"%r\\" %>s %b" common
+LogFormat "%{User-agent}i" agent
+
+CustomLog /var/log/httpd/isoqlog_access_log common
+
+KeepAlive On
+MaxKeepAliveRequests 100
+KeepAliveTimeout 15
+
+MaxClients 150
+MaxRequestsPerChild 100
+
+ServerName www.$DomainName
+
+MinSpareServers 1
+MaxSpareServers 5
+StartServers 1
+Timeout 300
+
+DefaultIcon /icons/unknown.gif
+DirectoryIndex index.htm index.html index.php index.cgi
+IndexOptions FancyIndexing VersionSort NameWidth=*
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+AccessFileName .htaccess
+
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+TypesConfig /etc/mime.types
+
+AddEncoding x-compress Z
+AddEncoding x-gzip gz
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+AddLanguage en .en
+AddLanguage fr .fr
+AddLanguage de .de
+AddLanguage da .da
+AddLanguage el .el
+AddLanguage it .it
+
+LanguagePriority en fr de
+
+AddType text/html .shtml
+AddType application/x-pkcs7-crl    .crl
+
+AddType application/x-x509-ca-cert .crt
+
+BrowserMatch "Mozilla/2" nokeepalive
+BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+BrowserMatch "RealPlayer 4\.0" force-response-1.0
+BrowserMatch "Java/1\.0" force-response-1.0
+BrowserMatch "JDK/1\.0" force-response-1.0
+
+AddHandler cgi-script .cgi
+AddHandler server-parsed .shtml
+AddHandler imap-file map
+
+DocumentRoot         /var/lib/qmailtools/isoqlog/htdocs
+
+HERE
+}
+

root/etc/e-smith/templates/etc/httpd/isoqlog-conf/httpd.conf/85DefaultAccess

@@ -0,0 +1,12 @@
+
+# First, we configure the "default" to be a very restrictive set of
+# permissions.
+
+<Directory />
+    Options None
+    AllowOverride None
+    Require all denied
+</Directory>
+
+
+

root/etc/e-smith/templates/etc/httpd/isoqlog-conf/httpd.conf/90isoqlog

@@ -0,0 +1,34 @@
+
+Alias /isoqlog /var/lib/qmailtools/isoqlog/htdocs
+
+# Main access allowed for valid user
+<Directory /var/lib/qmailtools/isoqlog/htdocs>
+        AddType application/x-httpd-php .php
+        Options FollowSymLinks
+        php_flag register_globals off
+        php_flag register_long_arrays on
+        php_admin_value session.save_path /var/lib/php/isoqlog-session
+        php_admin_value openbase_dir /var/lib/qmailtools/isoqlog/htdocs:/var/lib/php/isoqlog-session
+        AllowOverride None
+        Require ip 127.0.0.1
+</Directory>
+
+# /ca is only allowed for admin and explicitely authorized users
+<Location /isoqlog>
+        AuthName "Isoqlog Admin"
+        AuthType Basic
+        TKTAuthLoginURL /server-common/cgi-bin/login
+	<RequireAll>
+          Require user admin {getUsersList("isoqlog");}
+          Require ip 127.0.0.1
+	</RequireAll>
+{
+        my $ManagerTimeout = ${'httpd-admin'}{ManagerTimeout} || "30m";
+        $OUT = "    TKTAuthTimeout $ManagerTimeout\n";
+        my $Cookie = ${'httpd-admin'}{Cookie} || "disabled";
+        $OUT .= "    TKTAuthCookieExpires $ManagerTimeout\n" if "$Cookie" eq "enabled";
+        my $ManagerTimeoutReset = ${'httpd-admin'}{ManagerTimeoutReset} || "0.66";
+        $OUT .= "    TKTAuthTimeoutRefresh $ManagerTimeoutReset\n";
+}
+</Location>
+

root/etc/e-smith/templates/etc/isoqlog.conf/isoqlog

@@ -0,0 +1,48 @@
+#isoqlog 2.1 Configuration file
+
+logtype = "qmail-multilog" #log type qmai-multilog, qmail-syslog, sendmail, postfix
+logstore = "/var/log/qmail" #
+domainsfile = "/etc/isoqlog.domains" #
+outputdir = "/var/lib/qmailtools/isoqlog/htdocs" #html outpur directory
+htmldir = "/usr/share/isoqlog/htmltemp"
+langfile = "/usr/share/isoqlog/lang/english"
+
+{
+    use esmith::config;
+    use esmith::db;
+    my $lang = $sysconfig{'Language'} || 'en_EN'; 
+    my $langfile='english';
+    $langfile= 'french' if $lang=~ m/^fr/i;
+    $langfile= 'italian' if $lang=~ m/^it/i;
+    $langfile= 'bulgarian' if $lang=~ m/^bg/i;
+    $langfile= 'czech' if $lang=~ m/^cz/i;
+    $langfile= 'danish' if $lang=~ m/^da/i;
+    $langfile= 'dutch' if $lang=~ m/^nl/i;
+    $langfile= 'finnish' if $lang=~ m/^fi/i;
+    $langfile= 'german' if $lang=~ m/^de/i;
+    $langfile= 'norwegian' if $lang=~ m/^no/i;
+    $langfile= 'polish' if $lang=~ m/^pl/i;
+    $langfile= 'portuguese' if $lang=~ m/^pt/i;
+    $langfile= 'romana' if $lang=~ m/^ro/i;
+    $langfile= 'russian' if $lang=~ m/^ru/i;
+    $langfile= 'spanish' if $lang=~ m/^es/i;
+    $langfile= 'swedish' if $lang=~ m/^se/i;
+    $langfile= 'turkish' if $lang=~ m/^tr/i;
+    
+    
+    $OUT .= "langfile = \"/usr/share/isoqlog/lang/$langfile\"\n";
+
+    my $system  = $SystemName || '';
+    
+    $OUT .= "hostname = \"$system\"\n";
+    $OUT .= "\n";
+
+    
+}
+maxsender = 100
+maxreceiver = 100
+maxtotal    = 100
+
+
+
+maxbyte     = 100

root/etc/e-smith/templates/etc/isoqlog.domains/isoqlog

@@ -0,0 +1,26 @@
+{
+    use esmith::config;
+    use esmith::db;
+
+    my $domain  = $DomainName || '';
+    $OUT .= "$domain\n";
+    my $a; my $b;
+    
+    system("/bin/cat /home/e-smith/db/domains |/bin/grep domain > /tmp/vdomains");# == 0
+	#or die ("Error writing /tmp/vdomains\n");
+    
+    #list of virtual domains
+    if ( -s "/tmp/vdomains" )
+    {
+      open (INF,"/tmp/vdomains")
+      or die ("can't open vdomains to read: $1. ");
+
+      while (<INF>)
+      {
+           #take each line, split by =
+           ($a,$b) = split(/\=/, $_);
+            $OUT .= "$a\n";
+      }
+    }    
+
+}

root/etc/e-smith/templates/etc/isoqlog.domains/template-begin

@@ -0,0 +1,3 @@
+{
+
+}

root/etc/e-smith/web/functions/Isoqlog

@@ -0,0 +1,73 @@
+#!/usr/bin/perl -wT
+
+#----------------------------------------------------------------------
+# heading     : Administration
+# description : Isoqlog 
+# navigation  : 4000 4390
+#
+#----------------------------------------------------------------------
+
+package esmith;
+
+use strict;
+use CGI ':all';
+use CGI::Carp qw(fatalsToBrowser);
+
+use esmith::cgi;
+use esmith::db;
+use esmith::util;
+
+sub showInitial ($);
+
+BEGIN
+{
+    # Clear PATH and related environment variables so that calls to
+    # external programs do not cause results to be tainted. See
+    # "perlsec" manual page for details.
+
+    $ENV {'PATH'} = '/bin:/usr/bin';
+    $ENV {'SHELL'} = '/bin/bash';
+    delete $ENV {'ENV'};
+}
+
+esmith::util::setRealToEffective ();
+
+$CGI::POST_MAX=1024 * 100;  # max 100K posts
+$CGI::DISABLE_UPLOADS = 1;  # no uploads
+
+my %conf;
+tie %conf, 'esmith::config';
+
+#------------------------------------------------------------
+# examine state parameter and display the appropriate form
+#------------------------------------------------------------
+
+my $q = new CGI;
+
+if (! grep (/^state$/, $q->param))
+{
+    showInitial ($q);
+}
+else
+{
+    esmith::cgi::genStateError ($q, \%conf);
+}
+
+exit (0);
+
+#------------------------------------------------------------
+# subroutine to display initial form
+#------------------------------------------------------------
+
+sub showInitial ($)
+{
+    my ($q) = @_;
+
+    my $url = "/isoqlog";
+    print $q->redirect(-location => $url);
+
+## these lines aren't that important, they just prevent a
+## premature end of script headers error
+    esmith::cgi::genHeaderNonCacheable ($q, \%conf, 'Isoqlog');
+    esmith::cgi::genFooter ($q);
+}

root/etc/e-smith/web/panels/manager/cgi-bin/Isoqlog

@@ -0,0 +1 @@
+../../../functions/Isoqlog

root/etc/httpd/isoqlog-conf/httpd.conf

@@ -0,0 +1,203 @@
+#------------------------------------------------------------
+#	       !!DO NOT MODIFY THIS FILE!!
+# 
+# Manual changes will be lost when this file is regenerated.
+#
+# Please read the developer's guide, which is available
+# at http://www.contribs.org/development/
+#
+# Copyright (C) 1999-2006 Mitel Networks Corporation
+#------------------------------------------------------------
+
+
+
+
+
+
+LoadModule auth_tkt_module modules/mod_auth_tkt.so
+TKTAuthSecret "34322500-7330-4400-423A-3A00434F5245"
+
+
+
+Listen 127.0.0.1:942
+
+HostnameLookups off
+
+ServerAdmin admin
+ServerRoot /etc/httpd
+ServerTokens ProductOnly
+
+User isoqlog
+Group isoqlog
+
+ErrorLog /var/log/httpd/isoqlog_error_log
+LogLevel warn
+LoadModule env_module modules/mod_env.so
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule negotiation_module modules/mod_negotiation.so
+LoadModule status_module modules/mod_status.so
+LoadModule info_module modules/mod_info.so
+LoadModule include_module modules/mod_include.so
+LoadModule autoindex_module modules/mod_autoindex.so
+LoadModule dir_module modules/mod_dir.so
+LoadModule asis_module modules/mod_asis.so
+LoadModule imagemap_module modules/mod_imagemap.so
+LoadModule actions_module modules/mod_actions.so
+LoadModule userdir_module modules/mod_userdir.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule alias_module modules/mod_alias.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule authz_user_module modules/mod_authz_user.so
+LoadModule auth_digest_module modules/mod_auth_digest.so
+LoadModule expires_module modules/mod_expires.so
+LoadModule headers_module modules/mod_headers.so
+LoadModule usertrack_module modules/mod_usertrack.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule cgi_module modules/mod_cgi.so
+LoadModule php5_module modules/libphp5.so
+
+<IfModule mod_php4.c>
+    AddIcon /icons/php4.gif .php3 .php4 .php .phtml
+    AddIcon /icons/phps.gif .phps
+</IfModule>
+
+<IfModule mod_php5.c>
+    AddIcon /icons/php5.gif .php3 .php4 .php5 .php .phtml
+    AddIcon /icons/phps.gif .phps
+</IfModule>
+
+
+PidFile /var/run/httpd-isoqlog.pid
+ScoreBoardFile /var/run/httpd-isoqlog.scoreboard
+UseCanonicalName off
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+LogFormat "%{User-agent}i" agent
+
+CustomLog /var/log/httpd/isoqlog_access_log common
+
+KeepAlive On
+MaxKeepAliveRequests 100
+KeepAliveTimeout 15
+
+MaxClients 150
+MaxRequestsPerChild 100
+
+ServerName localhost
+
+MinSpareServers 1
+MaxSpareServers 5
+StartServers 1
+Timeout 300
+
+DefaultIcon /icons/unknown.gif
+DirectoryIndex index.htm index.html index.php index.cgi
+IndexOptions FancyIndexing VersionSort NameWidth=*
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+AccessFileName .htaccess
+
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+DefaultType text/plain
+TypesConfig /etc/mime.types
+
+AddEncoding x-compress Z
+AddEncoding x-gzip gz
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+AddLanguage en .en
+AddLanguage fr .fr
+AddLanguage de .de
+AddLanguage da .da
+AddLanguage el .el
+AddLanguage it .it
+
+LanguagePriority en fr de
+
+AddType text/html .shtml
+AddType application/x-pkcs7-crl    .crl
+
+AddType application/x-x509-ca-cert .crt
+
+BrowserMatch "Mozilla/2" nokeepalive
+BrowserMatch "MSIE 4.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+BrowserMatch "RealPlayer 4.0" force-response-1.0
+BrowserMatch "Java/1.0" force-response-1.0
+BrowserMatch "JDK/1.0" force-response-1.0
+
+AddHandler cgi-script .cgi
+AddHandler server-parsed .shtml
+AddHandler imap-file map
+
+DocumentRoot         /var/lib/qmailtools/isoqlog/htdocs
+
+
+
+
+# First, we configure the "default" to be a very restrictive set of
+# permissions.
+
+<Directory />
+    Options None
+    AllowOverride None
+    order deny,allow
+    deny from all
+    allow from none
+</Directory>
+
+
+
+
+Alias /isoqlog /var/lib/qmailtools/isoqlog/htdocs
+
+# Main access allowed for valid user
+<Directory /var/lib/qmailtools/isoqlog/htdocs>
+        AddType application/x-httpd-php .php
+        Options FollowSymLinks
+        php_flag register_globals off
+        php_flag register_long_arrays on
+        php_admin_value session.save_path /var/lib/php/isoqlog-session
+        php_admin_value openbase_dir /var/lib/qmailtools/isoqlog/htdocs:/var/lib/php/isoqlog-session
+        AllowOverride None
+        order deny,allow
+        deny from all
+        allow from 127.0.0.1
+</Directory>
+
+# /ca is only allowed for admin and explicitely authorized users
+<Location /isoqlog>
+        AuthName "Isoqlog Admin"
+        AuthType Basic
+        TKTAuthLoginURL /server-common/cgi-bin/login
+        require user admin 
+        SetEnv IMGHDR_SRC "/server-common/server-manager.jpg"
+        Satisfy all
+</Location>
+