Time Nick Message 16:41 owen So Koha has a system preference for date format, right? Does anyone know of an example in the code where that date format is applied? 16:54 owen Oh, I see. Right in front of me. 19:59 kados chris around? 19:59 kados I've got a quick apache security question 20:00 kados I'm wondering whether it's any less safe to setup Koha on only port 80 and use the virtual host ServerName directive to distinguish between opac and intranet (opac.athen.. and intranet.athen...) 20:01 kados so use <VirtualHost *:80> 20:01 kados for both 20:01 ambrose i don't think it's any less safe, fwiw 20:01 kados cool, thanks 20:02 chris nope no less safe really 20:02 kados do you know what the reason for putting intranet on 8080 was originally? 20:02 chris lots of ppl dont run their own dns 20:02 chris originally it wasnt on 8080 20:03 chris that came in round 1.2.0 20:03 kados oh :-) 20:03 chris because people often only had somehting.something.something 20:03 chris and couldnt make the koha.something and opac.something etc 20:04 kados ahh ... makes sense 20:04 kados thanks chris 20:04 chris at hlt koha.something resolves to an ipnumber that is only available internally 20:04 kados yea that's what I'm thinking of doing 20:04 chris cool 20:04 kados too bad our network is a bit fragmented these days 20:05 kados we used to have strictly internal ip ranges that all branches could access 20:05 kados but now we've got several branches using dsl and cable modem and they only have one IP ... 20:05 kados I suppose i could setup virtual tunneling 20:06 kados but not on our routers as they stand ... 20:06 kados Stephen liked the idea of using fanless OpenBSD boxes so that may happen here soon 20:06 chris sweet :) 20:07 kados for now I'm trying to figure out a way to get our next Koha 2.2 machine securely configured without those nifty BSD guys 20:08 kados We have to use a public IP since several of our branches have to cross the internet cloud to get to our main branch 20:08 kados any suggestions? 20:08 chris ipsec tunnels? 20:08 kados hmmm ... 20:09 chris ie build a little vpn 20:09 chris and have the librarian interface available on that 20:09 kados yea ... but we can't do that with our current routers 20:09 chris ahh right 20:09 kados and I dont' think we'll get the BSD boxes for about 6 months or so 20:10 kados Is there some way to limit connections to an interface in Apache to certain IP ranges? 20:10 chris you could put some basic http auth on the libraian interace 20:10 chris certainly 20:10 chris in your virtualhost you can have 20:11 chris <Limit GET POST> 20:11 chris Order allow,deny 20:11 chris Allow from 203.79.121.240 20:11 chris </Limit> 20:11 kados cool ... and I suppose I could have Allow from 66.213.78.0/24 too? 20:12 chris yep, but that is 20:12 chris 66.213.78.* 20:12 kados ahh 20:12 chris i think is the syntax 20:12 kados thanks chris that will do it I think 20:12 chris otherwise u just have lots of Allow lines 20:12 kados I can narrow down the IP addresses of our remote branches 20:12 chris one per ipnumber 20:12 kados and limit connections to those IPs + our class 3 20:13 chris right 20:13 chris souunds like a pretty good start 20:13 chris every other ip will get a 403 20:13 kados I suppose IP spoofing is always a possibility 20:14 chris yep but its raising the bar 20:14 chris and thats what security is all about really 20:14 kados right ... 20:14 kados so one more question now that we're talking about security 20:15 kados do you see Koha ever using ssh for data transfer on the opac side? 20:15 kados (patrons data is currently clear text until it hits the server) 20:15 kados and even then only the password is encrypted 20:15 chris right you could put the opac on https:// 20:16 kados can I do that with virutal hosts? 20:16 kados I thought I couldn't ... 20:16 kados would we have to buy a certificate or something? 20:16 chris yep 20:17 chris and you can only have one secure site per ipnumber 20:17 kados how seamless would that transition be do you think? 20:17 chris ie you cant have https://koha.someth and https://opac.something if they both resolve the same ipnumber 20:17 kados ahh 20:17 kados well we could just use another IP for that on the same machine tho, ne? 20:18 chris exactly 20:18 chris and you could have http://opac just redirect to https://opac 20:18 kados hmmm ... any good docs on how to do that? 20:18 chris set up a secure site? or do a redirect? 20:18 kados both 20:19 kados I guess the first first :-) 20:19 chris Redirect / https://opac.something 20:19 kados hehe 20:19 chris you just put that in ur http opac virtual host config 20:19 kados ok ... 20:19 chris you run apache2 right? 20:20 kados yea ... 20:22 chris right 20:23 chris http://www.informit.com/articles/article.asp?p=30115&seqNum=3 might be some help 20:23 kados cool ... thanks 21:09 kados thanks for the help chris I think I've got a really killer httpd.conf now I just have to wait till our ISP adds the DNS so I can test it (I self-certified for now just to test) 21:09 chris sweet 21:10 kados I'm gonna head out ... see you tomorrow 21:10 chris cya 21:34 tungsten can someone give me a hand getting my borrower data in? 21:34 tungsten thanks 22:13 tungsten got it in will report to wiki thanks 05:25 genji hiya. help! problem. Subjectheadings textarea is not getting into the database. 06:16 genji BUG FOUND! 06:28 genji then again, bug not found. gah. 09:15 genji hey paul, you active? 09:15 paul lucky man ;-) 09:16 genji hiya. help! problem. Subjectheadings textarea is not getting into the database, using saveitem.pl in acqui.simple. call to modsubject is correct, as ive tested it in perl -d. 09:16 paul you have MARC=OFF in systemprefs ? 09:17 genji yup. 09:17 paul so I can't help you. You need to ask chris, he & katipo are the MARC=OFF guys. I'm the MARC=ON one ;-) 09:17 genji k. maybe i put marc=on and try it? 09:19 genji okay... where the... where do you put subjects in the marc biblio? 09:19 paul in the marc biblio, everything is stored in : 09:20 paul * marc_biblio for header 09:20 paul * marc_subfield_table for subfields 09:20 paul * marc_word for all words of a subfield 09:20 genji http://intranet/cgi-bin/koha/acqui.simple/addbiblio.pl marc=on. where do i put it? 09:20 genji there isn't any subject field. 09:20 paul the C4::Biblio/MARCkoha2marc sub will transform a non-MARC hash info a hash one. 09:20 paul you need to modify your cataloguing setup 09:21 paul (Koha >> Parameters >> biblio frameworks) 09:21 paul then select your "item" MARC field 09:21 paul and just add your subject somewhere. 09:21 paul in tab 10 (items), with any other constraint. 09:21 paul oups, no 09:21 paul sorrys. 09:22 paul nothing to deal with "items". 09:22 paul so : 09:22 paul go to biblio framework 09:22 paul select the tag (MARC field) where your subject is stored 09:22 paul "activate" it in any tab (except 10, that is for items) 09:22 paul add any other constraint (like "mandatory" or not...) 09:22 paul and that's all. 09:23 paul your MARC editor will now show it & koha will store it 09:23 paul if you want to do everything : 09:23 paul "link" this field to bibliosubject.subject in the non MARC DB 09:24 genji eh.. too difficult. ill talk to chris tomorrow. 09:24 paul too difficult, but very powerful.