Ok as anyone reading this thread knows i have huge mess on hands.  Have
found that if i set the all the users dir to 701
chmod -R 701 home
then go into each users home directory and set the the www directory to 751
cd /home/user
chmod -R 751 www
then change the group permissions of this folder to www
chown -R :www www
apache works again
This is all great but what a pain there must be an easier way as i have
many users and do not want to go through this process for all of them.
This seems like a secure method i think or would the /usr/local/www/user
with a symlink be more secure.  I run a stock freebsd system and do
not really what users poking around have heard about chrooting as an
another option for this I am very confused need some guidance.

side note I also have all my users in one directory and it is getting large would like to move some of them into new directories like maybe webclients and mailclients but i moved one and had to modify the permissions all over again and update the password database and oh what a nightmare will take me days.

Nathan Kinkade wrote:

On Tue, Aug 24, 2004 at 03:09:04PM -0600, RYAN vAN GINNEKEN wrote:


Was playing with permissions on my home dirs last night and changed
everything to chmod 700 had some problem with users looking at and
copying other users webpages.  I have a directory in each users home
dir named www where they keep there web files ie
/usr/home/username/www  so i guess when i changed everything to 700
apache was unable to use these files.

Now i have tried the best i can to change everything back set  to
chmod to 655  and even tried moving a site to /usr/local/www/username
in hope that apache could read it there but no luck what has happened
please help.

Wait now things have started to work, for the web site that i moved to
/usr/local/www/username. There seems to be some lag  after i make
changes to the permissions and restart apache is this possible.

I have a real mess on my hands now guess i will have to play with
permissions and modes now to get all the sites backup. How do i set
up home directories that are secure for each user ie other users on
the system cannot read them but apache can. Should i move all web
pages to the /usr/local/www dir. Also is there some way to automate
this so that when i create a new user or modify a file things will
work correctly. Have been using UNIX for many years finally got up
the courage to play with modes and perms. Guess i shot myself in the
foot like i have been warned about by many people and docs.


A better approach would be to set each users home dir itself to 700
permissions, not necessarily all the files and directories in each users
dir. Are you using a httpd.conf directive such as
<Directory /home/*/public_html> to allow users to publish files from
their home dir, or are you putting sym links in the web root?


I am using the home directory no symlinks

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to