LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   www-data (http://www.linuxquestions.org/questions/linux-newbie-8/www-data-796164/)

tommytomato 03-17-2010 08:27 PM

www-data
 
Hi all

I know this question has come up so many time's

any one care to point me to a fix to get this issue fixed, I've reinstalled my system ( Ubuntu 9.10 command line server ) server is next to me on the floor, I use another PC Ubuntu desktop 9.10 to gain access

I have installed a LAMP server with vsftpd, ssh, imagemagick, php5-gd, I'm planning on running on this server Joomla, Wordpress, Gallery, webmin

the only user that has been added is the admin user when you frist install the system, and sudo has not yet been changed, I use sudo for access to root as in sudo apt-get update

All i want to do is use a FTP program like gFTP or a win app on wine called winscp to upload files to /var/www to be able to run my site

So is there any fix to this problem that alot of people seem to be having I would love to know

chrism01 03-17-2010 08:43 PM

Create a webdev user on the server; use scp (part of ssh pkg) to txmit files from the client to the server on that user eg

client:/home> scp file webdev@server:/home

If you add webdev user to the same group as the owner of var/www/ eg apache then add group write access to that dir path, the webdev user will be able to copy from his home dir to the /var/www. In fact, you should be able to scp direct from the client system to that dir as webdev user.

Don't know if Ubuntu has SELinux service; if so you may(?) have to change the context as well, but let's try the above first.

smoker 03-17-2010 08:57 PM

You have apache installed.
Why not make use of that fact and change the directory for the web root. (default site)

As admin, create directories in admins home directory like the following
www
www/html
www/cgi-bin

Make sure they all have permissions of 755

edit /etc/httpd/conf/httpd.conf as root

find the line
Code:

DocumentRoot "/var/www"
and change it to
Code:

DocumentRoot "/home/admin/www/html"
a bit further down you will find
Code:

<Directory "/var/www">
change that to
Code:

<Directory "/home/admin/www/html">

If you want to run cgi scripts go down until you find

Code:

ScriptAlias
and make it like

Code:

ScriptAlias /cgi-bin/ "/home/admin/www/cgi-bin/"
also a bit further down change the <Directory> line to read
Code:

<Directory "/home/admin/www/cgi-bin">
None of the lines you are changing should have # in front of them.

When you've done all those lines, save the file and restart apache.

You can now login over ftp using admin as the user name and whatever admins password is.

It doesn't have to be admin. It can be any user you want to create for the purpose. Just replace admin with the correct user name in the above instructions.

If you want to access the web server by another domain name (separate site) then you have to add a virtual host to httpd.conf with that domain name.
There are examples in the file. The default site is the one that will come up if you don't specify a virtual site.
Technically, every user on the server could have their own web site and domain names.

tommytomato 03-17-2010 09:11 PM

Thanks smoker

I don't use cgi myself in fact I never have, I do have subdomains so that wont change any thing will it when i add them in.

Thanks for the tip, that sounds alot easier to do.

TT ( karl )

smoker 03-17-2010 09:25 PM

sub domains can be done as virtual hosts.

Example virtual host section in httpd.conf
Code:

<VirtualHost *:80>

        ServerName sub.domain.com
        ServerAdmin me@domain.com
        DocumentRoot /home/<username>/www/html
        RewriteEngine on

        <Directory /home/<username>/www/html/>
                Allow from all
                AllowOverride All
                Order allow,deny
        </Directory>

        SetEnv SITE_ROOT /home/<username>
        SetEnv SITE_HTMLROOT /home/<username>/www/html

</VirtualHost>


tommytomato 03-18-2010 06:53 PM

Quote:

Originally Posted by smoker (Post 3902585)
You have apache installed.
Why not make use of that fact and change the directory for the web root. (default site)

As admin, create directories in admins home directory like the following
www
www/html
www/cgi-bin

Make sure they all have permissions of 755

edit /etc/httpd/conf/httpd.conf as root

find the line
Code:

DocumentRoot "/var/www"
and change it to
Code:

DocumentRoot "/home/admin/www/html"
a bit further down you will find
Code:

<Directory "/var/www">
change that to
Code:

<Directory "/home/admin/www/html">

If you want to run cgi scripts go down until you find

Code:

ScriptAlias
and make it like

Code:

ScriptAlias /cgi-bin/ "/home/admin/www/cgi-bin/"
also a bit further down change the <Directory> line to read
Code:

<Directory "/home/admin/www/cgi-bin">
None of the lines you are changing should have # in front of them.

When you've done all those lines, save the file and restart apache.

You can now login over ftp using admin as the user name and whatever admins password is.

It doesn't have to be admin. It can be any user you want to create for the purpose. Just replace admin with the correct user name in the above instructions.

If you want to access the web server by another domain name (separate site) then you have to add a virtual host to httpd.conf with that domain name.
There are examples in the file. The default site is the one that will come up if you don't specify a virtual site.
Technically, every user on the server could have their own web site and domain names.

Hey Smoker, I'm just getting into it now, this path
Code:

/etc/httpd/conf/httpd.conf
is not the same on my system, it's under
Code:

/etc/apache2
the files I would have to edit would be

Code:

/etc/apache2/sites-enabled/000-default
and

Code:

/etc/apache2/sites-available/default
and the same for ssl

Code:

/etc/apache2/sites-available/default-ssl
Will let you know

TT ( karl )

tommytomato 03-18-2010 07:59 PM

Quote:

Originally Posted by chrism01 (Post 3902577)
Create a webdev user on the server; use scp (part of ssh pkg) to txmit files from the client to the server on that user eg

client:/home> scp file webdev@server:/home

If you add webdev user to the same group as the owner of var/www/ eg apache then add group write access to that dir path, the webdev user will be able to copy from his home dir to the /var/www. In fact, you should be able to scp direct from the client system to that dir as webdev user.

Don't know if Ubuntu has SELinux service; if so you may(?) have to change the context as well, but let's try the above first.

what do you mean by webdev, I haven't heard of that term before

TT ( karl )

tommytomato 03-18-2010 08:01 PM

Smoker, it did work, but I now have lost awstats and webalizer as well, I know you have tried to help, but I would rather try and get my user to upload to the original path instead ( /var/www )

TT ( karl )

chrism01 03-18-2010 08:05 PM

webdev; just a generic made up name for a web development user ie you...

Actually, an acl would be more secure; no need to allow the group to write to those dirs:
Code:

setfacl -m d:u:youruser:rw /var/www
http://linux.die.net/man/1/setfacl

tommytomato 03-18-2010 08:15 PM

I see

I've reset apache2 back to /var/www

the group that has that path is www-data and its group is www-data going by details in webmin

My only user which is admin, EG: my nick has the same group as the nick EG: tommytomato

I've tried before to add tommytomato to the www-data group and I wasn't able to write to the directory and tommytomato home directory is /home/username

TT ( karl )

chrism01 03-18-2010 08:34 PM

Basically, apache installs as someuser:somegroup. This varies on different distros and I don't have Ubuntu.
If you go from a fresh install of apache, you can do

ls -l /var/www

to see what the default ownership & group is. As I said, no need to allow apache to write to those dirs (for security). Add an acl to allow your user to write there.
If you

cat /etc/passwd

you can see current registered users info.

tommytomato 03-18-2010 08:44 PM

/var/www is owner by root and its group is root too from I can see

Code:

ls -l /var/www
total 8
-rw-r--r-- 1 root root  177 2010-03-17 21:13 index.html
drwxr-xr-x 2 root root 4096 2010-03-19 07:24 webalizer

acl is that like so ? I did try this 2 days ago with NO luck

Quote:

Originally Posted by sayan_acharjee (Post 3901559)
I mean you need to create an access control list for the user allowing it to to read-write-execute in the directory, I am not talking about the usual chmod driven permission.
Here is how you can do this:
edit the /etc/fstab file in the following manner:

The mount point can be different depending on the way your system is partitioned, if the /var partition is mounted somewhere else then you need to edit that line by putting ,acl option after defaults.
Then remount that partition:


Set the acl:

http://www.linuxquestions.org/questi...952/page2.html

TT ( karl )

chrism01 03-18-2010 09:02 PM

Post #30 on that page shows how to setup the partition for acls; except use the acl format of mine above. It ensures that all files/dirs get acl set (d = default). Read that man page link of mine first.

See also
http://rute.2038bug.com/index.html.gz
http://www.linuxtopia.org/online_boo...ion/index.html - RHEL, but concepts are same as are most cli cmds.

tommytomato 03-18-2010 10:44 PM

I read that stuff and It don't make alot of sence right now, but I gave it a shot.

I edited the file sudo vim /etc/fstab and I added acl to the line

Code:

UUID=00a855d6-4164-4d31-8f8f-9920870dc190 /              ext4    errors=remount-ro,acl 0      1
then I did
Code:

sudo mount -o remount,acl /
and then
Code:

sudo setfacl -m d:u:tommytomato:rw /var/www
and I still cant write to that folder lol, only tommytomato home directory

TT ( karl )

Sayan Acharjee 03-18-2010 11:33 PM

Are you sure that SELinux is disabled for vsftpd?


All times are GMT -5. The time now is 04:44 AM.