Accounts of goobi users v/s accounts of unix users, all in /home

Hi,

Since we in our institution use CAS login of Goobi, we need to use usernames in Goobi workflow that are the same as our usernames that we use for example as unix login and other things.

The users of Goobi workflow get a directory in /home on the server, just like we do for our ssh accounts. The username is the same.

Is there any risk that there will be problems using the same unix login home-dir as is used from Goobi workflow? Do you have any suggestions to change it?

And a question regarding my other forum question,

does the creation of the PDF file (print docket as PDF) save any temporary files in the home directory of the user?

Hope everyone is having a nice summer!

As the linux administrator and goobi user with the same username for both systems I experience issues e.g. when I want to apply to a workflow step in goobi and this step needs access to the filesystem.

We use separate authentification systems for goobi (ldap) and linux (local user). The mismatch was my mistake, when I configured linux, but I have my workarounds.

1 Like

Thanks for your reply!

Do you have any workarounds for when we can’t change neither usernames for goobi (using CAS) nor linux? They are the same.

Hi @mirkh

you could play with the following options in the goobi_config.properties file:

I am not sure if that works but you could give it a try!

Have a nice day,

Jan :slight_smile:

Hi Jan, thanks for the tip! I will see what happens if I change dir_Users – I had not noticed that it was configurable.
/ Maria

1 Like

I have changed both the config settings, and see no change. Is it enough to restart tomcat when you change settings in goobi_config.properties?

Our CAS login is entered as authentication type “openid”. Is that correct? It works to login via CAS.

But then I tested to change home directory in the LDAP / Standard login. When I create a test user with standard login I now get “Could not create user home /var/local/goobi-home/mmmtest”

The settings for the dir are
drwxrwsr-x 4 tomcat tomcat 4096 Aug 25 15:32 goobi-home

Yes. That is enough.

Yes, that is correct :slight_smile:

Well, I can imagine that some of the upper directories are not writeable for the tomcat user. Please check the permissions from /var or /var/local, too. For testing purposes you could try something like /localhomes, too.

Again: If we don’t find the problem here together we could arrange a call probably.

Best wishes from

Jan :slight_smile:

Hi @jan,

I changed the dir to keep it at the top of the filesystem,

I set the home dir to /goobi-homes

and changed the owner to tomcat, u+w, g+w

Then changed to that home directory for Standard login in the system,

User directory: /goobi-homes/{login}

The user is created, but the dir is not, and in the catalina.out log I get

[2022-09-05 16:02:52] [info] Could not create user home /goobi-homes/mmmtest

It’s not the Standard authentication we really want to use, it was just a way to faster test if we could create the home directory.

Kind regards,
Maria

Hi,
This had to do with my other question: Tomcat sends e-mail messages to root - #5 von mirkh
Needed to change the goobi specific sudoers file.

1 Like