Ok as anyone reading this thread knows i have huge mess on hands. Have
found that if i set the all the users dir to 701
chmod -R 701 home
then go into each users home directory and set the the www directory to 751
chmod -R 751 www
then change the group permissions of this folder to www
chown -R :www www
apache works again
This is all great but what a pain there must be an easier way as i have
many users and do not want to go through this process for all of them.
This seems like a secure method i think or would the /usr/local/www/user
with a symlink be more secure. I run a stock freebsd system and do
not really what users poking around have heard about chrooting as an
another option for this I am very confused need some guidance.
I also have all my users in one directory and it is getting large would
like to move some of them into new directories like maybe webclients and
mailclients but i moved one and had to modify the permissions all over
again and update the password database and oh what a nightmare will take
Nathan Kinkade wrote:
On Tue, Aug 24, 2004 at 03:09:04PM -0600, RYAN vAN GINNEKEN wrote:
SEE ERROR BELOW
Was playing with permissions on my home dirs last night and changed
everything to chmod 700 had some problem with users looking at and
copying other users webpages. I have a directory in each users home
dir named www where they keep there web files ie
/usr/home/username/www so i guess when i changed everything to 700
apache was unable to use these files.
Now i have tried the best i can to change everything back set to
chmod to 655 and even tried moving a site to /usr/local/www/username
in hope that apache could read it there but no luck what has happened
Wait now things have started to work, for the web site that i moved to
/usr/local/www/username. There seems to be some lag after i make
changes to the permissions and restart apache is this possible.
I have a real mess on my hands now guess i will have to play with
permissions and modes now to get all the sites backup. How do i set
up home directories that are secure for each user ie other users on
the system cannot read them but apache can. Should i move all web
pages to the /usr/local/www dir. Also is there some way to automate
this so that when i create a new user or modify a file things will
work correctly. Have been using UNIX for many years finally got up
the courage to play with modes and perms. Guess i shot myself in the
foot like i have been warned about by many people and docs.
A better approach would be to set each users home dir itself to 700
permissions, not necessarily all the files and directories in each users
dir. Are you using a httpd.conf directive such as
<Directory /home/*/public_html> to allow users to publish files from
their home dir, or are you putting sym links in the web root?
I am using the home directory no symlinks
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"