Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
03-17-2006, 11:09 AM
|
#1
|
|
LQ Newbie
Registered: Mar 2006
Posts: 5
Rep: 
|
Serving HTTP From Home Folders
Ok, I'm trying to set things up so that if I go to $website.$username.server.com it will serve files from /home/$username/dev/www/$website/. Unfortunately, I can't figure out how to set up the permissions so that Apache can read the files.
I've tried setting permissions so that /home/$username/dev/www/ and below are readable by apache but apache still can't get to it because the permissions higher up in the hierarchy don't allow it. I really don't want to make my users entire home folders readable by apache, though.
Also, what can I do to ensure that files created or moved into that folder keep www-data as the group and the correct permissions are inherited? Should I make my users that deal with those files part of the www-data group?
|
|
|
|
|
03-17-2006, 11:33 AM
|
#2
|
|
Member
Registered: Oct 2003
Location: King George, VA
Distribution: RHEL/CentOS/Scientific/Fedora, LinuxMint
Posts: 370
Rep: 
|
Quote:
|
Originally Posted by spectre_25gt
Ok, I'm trying to set things up so that if I go to $website.$username.server.com it will serve files from /home/$username/dev/www/$website/. Unfortunately, I can't figure out how to set up the permissions so that Apache can read the files.
I've tried setting permissions so that /home/$username/dev/www/ and below are readable by apache but apache still can't get to it because the permissions higher up in the hierarchy don't allow it. I really don't want to make my users entire home folders readable by apache, though.
Also, what can I do to ensure that files created or moved into that folder keep www-data as the group and the correct permissions are inherited? Should I make my users that deal with those files part of the www-data group?
|
Hmm ...you didn't say what distro you were running, but from what you posted. I'm goin to assume its Red Hat Enterprise Linux 4, Fedora, or something similar
If you are running Selinux I would set the security context on that /home/$username/dev/www/ directory
say something like
Code:
chcon -R -h -t httpd_sys_content_t /home/$username/dev/www/
then to check things out
Code:
ls -Z /home/$username/dev/www/
should get something like this in output
Code:
object_r:httpd_sys_content_t
|
|
|
|
|
03-17-2006, 12:53 PM
|
#3
|
|
LQ Newbie
Registered: Mar 2006
Posts: 5
Original Poster
Rep:
|
Actually I'm running Ubuntu. Sorry I failed to mention the distro.
|
|
|
|
|
03-17-2006, 01:37 PM
|
#4
|
|
Member
Registered: Oct 2003
Location: King George, VA
Distribution: RHEL/CentOS/Scientific/Fedora, LinuxMint
Posts: 370
Rep:
|
k Gotcha!
Hmm
try
Code:
chown -R apache.www-data /home/$username/dev/www/
then
Code:
chmod -R g+s /home/$username/dev/www/
now any file created in /home/$username/dev/www/ will belong to group www-data
you using Virtual host directives?
Last edited by doublejoon; 03-17-2006 at 01:44 PM.
|
|
|
|
|
03-17-2006, 04:02 PM
|
#5
|
|
LQ Newbie
Registered: Mar 2006
Posts: 5
Original Poster
Rep:
|
I am.
Code:
<VirtualHost *>
ServerName $developmentSiteFQDN.$username.dev.myFQDN
DocumentRoot /home/$username/dev/www/developmentSiteFQDN
</VirtualHost>
I tried what you suggested and I'm getting this error in apache's error.log: Permission denied: home/$username/dev/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
So it looks like apache needs access to /home/$username/dev/ as well. Does that sound right?
Edit:
Ok, I've got it working. I ended up just being a little bit more lenient with the permissions on my home folder and tightening up the subdirectories instead.
Last edited by spectre_25gt; 03-18-2006 at 03:08 PM.
|
|
|
|
All times are GMT -5. The time now is 03:25 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
