I've setup multiple vhosts using as root Dir the /home/~user/public_html.
Everything works fine meaning that I can FTP each to each vhost and Apache is configured to map each vhost URL to the user public_html Dir. The problems is that apache needs at least the X bit in the /home/~user Dir otherwise it returns an forbidden access error, If I ch-mod to 701 the /home/~user dir everything works fine for a while until linux (Mandrake 10.0 Comunity ) resets to mod 700 the /home/~user dir automatically.
I've tried :
ln -s /home/~user/public_html /var/www/html/~user but that wouldn´t work either as soft links retrieve the ownership.

Is there a workaround for the above dilemma or what is the best practice to setup users' web tree with ftp access.
Can anybody point it me to the correct path or tutorial how to actually accomplish that?

Thanks in advance.

You can setup the permissions for all the home directories using drakconf (System->Configuration->Configure your computer). Once you have started drakconf go to the "Security" section and then into "Permissions". Then you can just change the permissions of path "/home/*" to 701 by double clicking on it and checking the "execute" bit in the others column.

Thanks Haaza, I will try that immediately.

Cheers.

Hi:

I did as you adviced me in Mandrake Control Center->Permissions form there I selected Custom Settings and added a rule for an /home/~user directory, however I did't got any rule added to the window and the only active buttom is Add a rule, is this the normal behaviour?, reading trough the help I could see that the rules added by me should be seen in the Permissions window so I can if necesary edit them later, now I don't konow if what I did was correct or I just screwd myself up.

Also is there a way to edit msec in the command shell, and wich command s should I use?

Will be a great help if you could enlight me (before I shoot my toes).

Thanks a lot.

Thanks Haaza, I got it.

The problem was with my screen resolution stoping me from seeing the options, my monitor is just 14'' inch.

Still i'll be looking for a more secure way to setup a web developement tree.

If you or any linux mate could show me the way, please let me know

Thanks a lot .

It does look like now what you need to do is instead of trying to edit the existing "System settings" you need to add a custom setting to override it. Add a rule that matches the existing rule with a path of "/home/*" then check all bits in the User column and the execute bit on the Other column". If chose Custom settings under Permissions then you should be able to edit the existing rules as well as move them up and down.

These settings are stored in /etc/security/msec/perm.local in the form of:

<path> <user.group|current> <permissions>

e.g.

/home/* current 701

So you could probably edit that using your preferred text editor from a command shell.

A more secure way might be to configure Apache to use a different path for each users homepage. I have seen the setting in there somewhere which specifies where each users homepage is. It should be mentioned in the Apache docs somewhere. If I can dig up the appropriate setting I'll post some info on it.

Thanks a lot guys,

I will follow up your advices, will be great if some experinced user could pull off an in depth tutorial on setting up a secure webserver aimed for the newbies like myself. I've seem some arounds in the web put not rxplicit enough for newbies.

I'll be around to learn more from the comunity.

Cheers, and happy linuxing

Jorge