ParrotSecurity 4.2: Install Trac for project management

This article will describe installing Trac which manages user with digest authentication.

1 Install Trac

The following script will install Trac and create "test" project.

  • Login to Trac via digest authentication.
  • ADMIN_PASSWD is password of admin user for digest authentication.
  • USER_NAME is user name of not admin user for digest authentication.
  • USER_PASSWD is password name of not admin user for digest authentication.
#!/bin/sh -e


[ -z "${ADMIN_PASSWD}" ] && ADMIN_PASSWD="admin_passwd"
[ -z "${USER_NAME}" ] && USER_NAME="guest"
[ -z "${USER_PASSWD}" ] && USER_PASSWD="guest_passwd"

trac_install()
{
  sudo apt install -y trac libapache2-mod-wsgi apache2
  sudo systemctl enable apache2

  sudo a2enmod auth_digest

  sudo mkdir /var/lib/trac
  sudo mkdir /var/www/html/trac
  sudo chown www-data:www-data /var/www/html/trac
}

create_project()
{
  proj=$1

  sudo trac-admin /var/lib/trac/"${proj}" initenv "${proj}" sqlite:db/trac.db
  sudo trac-admin /var/lib/trac/"${proj}" deploy /var/www/html/trac/"${proj}"
  sudo chown -R www-data:www-data /var/lib/trac/"${proj}"
  sudo chown -R www-data:www-data /var/www/html/trac/"${proj}"

  sudo apt install -y expect
  expect -c "
set timeout -1
spawn sudo htdigest -c /var/lib/trac/${proj}/.htdigest ${proj} admin
expect \"New password: \"
send \"${ADMIN_PASSWD}\n\"
expect \"Re-type new password: \"
send \"${ADMIN_PASSWD}\n\"
expect eof
"
  sudo trac-admin /var/lib/trac/"${proj}" permission add admin TRAC_ADMIN

  expect -c "
set timeout -1
spawn sudo htdigest /var/lib/trac/${proj}/.htdigest ${proj} ${USER_NAME}
expect \"New password: \"
send \"${USER_PASSWD}\n\"
expect \"Re-type new password: \"
send \"${USER_PASSWD}\n\"
expect eof
"

  cat <<EOF | sudo tee /etc/apache2/sites-available/"${proj}".conf
<VirtualHost _default_:443>
  SSLEngine on
  SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>

WSGIScriptAlias /trac/${proj} /var/www/html/trac/${proj}/cgi-bin/trac.wsgi
<Location /trac/${proj}>
  AuthType Digest
  AuthName "${proj}"
  AuthUserFile /var/lib/trac/${proj}/.htdigest
  Require valid-user
</Location>
EOF

  sudo a2enmod ssl
  sudo a2ensite "${proj}"
  sudo systemctl restart apache2
}

trac_main()
{
  trac_install
  create_project test
  create_project OtherProject
}

trac_main

2 Access to Trac

Access the following URL with browser. Accept this page's certification to browser.

https://<server>/trac/test

The dialog of digest authentication is displayed. Input admin to Username and ADMIN_PASSWD value to Password.

0001_DigestAuth.png

Trac page is displayed.

0002_Trac.png