Sugar Community Edition Documentation

Sugar Community Edition 5.1 Documentation

Sugar Community Edition Installation and Administration Guide

Version 5.1

Chapter 2 Administering Sugar : Advanced Configuration Options

Advanced Configuration Options

The advanced configuration options listed below enable you to exercise tighter control over user actions in your Sugar instances.

Locking Down the Upgrade Wizard

If you are managing multiple instances of the Sugar application and you want to maintain complete control over the Sugar instances, you can lock down the Upgrade Wizard to ensure that no user with administrative privileges can upgrade any of them. To lock down functions on the Administration page

1.	Navigate to the config.php file in the Sugar root directory.

2.	Set the following parameter to true as below:

$sugar_config['admin_access_control']=true

3.	Save the file.

Locking Down the Module Loader

In order to ensure that users with administrative privileges do not load sub-standard modules into Sugar, you can lock down the Module Loader and direct them to load modules from a location of your choice.

To lock down the Module Loader

1.	Navigate to the config.php file in the Sugar root directory.

2.	Set the following parameter to true as below:

$sugar_config['file_access_control']=true

3.	Save the file.

Configuring Default Permissions for Sugar Files on Linux

If you are running Sugar on Linux platform, you can control ownership and accessibility to all Sugar files and folders by configuring default user and group permissions.

The following is an example of setting Read, Write, and Execute permissions for the Apache user and the Apache group on Centos operating system:

'default_permissions' => array (

		'dir_mode' => 02770,

'file_mode' => 0660,

		'chown' => 'apache',

		'chgrp' => 'apache',

),

For dir_mode, you may see a value of 1528, which is the decimal equivalent of the octal value 02770. For file_mode you may see a value of 432 which is the decimal equivalent of octal value 0660.