EPrints Technical Mailing List Archive

Message: #08446


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] controlling security settings


I have just spotted for Ubuntu 20.04 (at least) that there is this enabled setting:

<policy domain="coder" rights="none" pattern="PDF" />

This would need to be changed to:

<policy domain="coder" rights="read" pattern="PDF" />

On CentOS 7 there is no enabled setting, so I assume there is no rights restriction.  ImageMagick should only need to be able read (and not write) PDFs to be able to generate thumbnail and preview images for EPrints.

On 12/01/2021 18:40, David R Newman wrote:

Hi Thomas,

I have seen this issue before you need to change the configuration settings for ImageMagick.  You need to edit policy.xml in /etc/ImageMagick/ (in CentOS 7 this is /etc/ImageMagick-6/ but may have a different name in Debian/Ubuntu or other version of RHEL/CentOS/Fedora).  In this file add the following line to the <policymap> block:

<policy domain="module" rights="read" pattern="{PS,PDF,XPS}" />

Regards

David Newman

On 12/01/2021 17:34, th.lauke--- via Eprints-tech wrote:
CAUTION: This e-mail originated outside the University of Southampton.

Hi all,

running
epadmin redo_thumbnails repoID EPrintsID
refuses working with
convert: attempt to perform an operation not allowed by the security policy `PDF' @ error/constitute.c/IsCoderAuthorized/408.

It seems, the content of security.pl has no influence!?
How to control the access rights from console?

Many thanks for any pointers in advance
Thomas



*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: https://eur03.safelinks.protection.outlook.com/?url="">
*** EPrints community wiki: https://eur03.safelinks.protection.outlook.com/?url="">