Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
(not sure if this is newb or medium level so I just though Id post it here...)
I am currently in the process of setting up a http server on linux (mandriva 2006; works fine no probs etc I know the distro and Im happy with it so please dont tell me to change to debian or redhat like all those others did; I dont like debian's look and I dont like redhat's way of doing things and I am a mandriva-er through and through). everything runs fine; apache with the psp and php mod and a mysql server. the thing I have problems with are the directory permissions. say I have the root www directory, /var/www . then, in that, I have different direcotries for different sites with different permissions for every site has a different webmaster. then there is also the fact that I want to have a wwwroot user (or something of the like) that has full access to every directory and/or file in /var/www , no matter what the permissions are. like the root account has but this one only in /var/www . then there is also the fact that the files, no matter where they are, can contain passwords (like for mysql access) so should be settable to a minimum of xx0 permissions, but the apache user in the apache group must be able to read them nontheless. first question: is this possible? I now content myself doing everything as root, but that is of course very risky business as I often perform recursive removals so the day I mistype this horror rm -rf / is only waiting to come.
so, any suggestions? of course if someone has a solution that solves everything except for one thing Id be glad to hear it...
first : you can change the user and the group of you web'server.
second : you can use the .htaccess file to allow certains persons to access (R or W or X) some directories individualy.
to finish : it's better way to place your root web documents on a different partition, than thesystem reside. Because all can happens, if you web'server crash, your box still stay intact.
Other suggestion : you can use virtual server within your apache server by adding sections at the end of hhtpd.conf' file.
I wasnt talking about apache access only, apache is just a little part in this. I mean the system-wide settings. for example; I have user A that wants to log in from the box to edit his webpage. he has write permissions on /var/www/a.com/ . then I have user B that logs in through ssh, and user C through ftp. just examples (it will be ftp most of the time, but I want to keep the options open by configuring it on the system-level). the permissions on the whole /var/www tree will have to be 0 for others; no read or write or execute. groups; I don't know and users 6/7 (of course). but then again, B shouldnt be able to write in /var/www/a.com and the other way around. and to top it all off, there should be a uber-webmaster administrating ALL the sites, having access to ALL the files within /var/www at any time. the user must not be able to prohibit this uberwebmaster from accessing and modifying his files. ah, and I almost forgot; the user apache of the froup apache (though the group can be changed if needed) must have read access to all the files (except if the user owning them doesnt want to). for ex; Id be fine with apache executing some of my php scripts containing mysql passwords but I do not want anyone else scooping around in them. is it a little bit more clear this way?
the user define in apache is the user who launch the child process server and own the entire site.
The user define on the system can publish they own page from "OWN" home directory, not inside the master site.
You understand? Don't permit user to write in /var/www. It's abetter way to include they own directory in httpd.conf <Directory /home/~user/public/www>
Or something like.
B can't write in home directory owned by A
B can't write in apache directory
and so on.
If you configure apache for the virtual hosting, each user will got they own site, independent with master site which run childs.
With the .htaccess procedure, you can adjust finely the autorization of your scipts
I'll go where i want.
i've got nothing to demonstrate, i help people, what you say and what you do now?
i try to build a community wuth all people like me : helper.
And you with a sentence, you resolve all entire world' trouble?
Thank you very much for you constructive dialog.
It's good to proclam : linux is made for people who want to build our own sytem...........". explain the basic thing, and after show the entire pwer of linux. "Read RFM" isn't the solution.
given some personnal experience or some configuration which work for us is not a "needing to prove their superiority by telling you to do things their way.".
Sometime, we must show to explain, the theoric isn't enough to have a complete approach of a problem.
if you want to proove something, the first thing you do is to show an example....Linux is same way.
I've just read this thread and the last 2 posts make no sense. kurtdriver, if your post wasn't an accident then it was just pointless. Don't do it again. If it was an accident, and you meant to post it elsewhere, then you should return to fix the post.
Back_to_Linux, ignore the post from kurtdriver and continue.
I think kurt just meant to point out that there was a mandriva forum to me, regarding my comment about the OS I'm using.. ? I don't think it was directed to back_to_linux.
in reply to back_to_linux's post; I think I understand what you mean. I have a question though; if I do that, will there be a possibility for some kind of user to edit all the websites owned by those people? and about .htaccess; that file adjusts how apache handles the permissions, right? but if the files in the directory of the site are owned like this for example
-rwx------ 1 userA wwwusers 2K Nov 6 00:59 index.php
can apache then still read the file and display it on the web? my experience with this is, though I have very little experience, that if the file is not readable by all or user or group apache, then apache can't access it... can htaccess possibly fix that? it looks like a system-level permission denial to me...? ok, then you say; make it readable by all. but what if my index.php file stores the password for the mysql database...? then anyone with physical login access will be able to read the file (unprocessed) too, or am I wrong on that point?
I would like to hear your opinions on that matter
thank you a whole lot! you've helped me very much already! you guys are the best. seriously.
(I'll jump to the mandriva forum once nobody here wants to answer anymore... since this looks more like an overall linux question than a mandriva-specific one...)