15.03.2012 22:51, Guillaume Rousse kirjoitti: > Le 08/03/2012 16:47, Guillaume Rousse a écrit : >> Le 08/03/2012 16:13, Pascal Terjan a écrit : >>> On Thu, Mar 8, 2012 at 14:57, Romain d'Alverny<[email protected]> >>> wrote: >>>> On Thu, Mar 8, 2012 at 15:02, Guillaume >>>> Rousse<[email protected]> wrote: >>>>> Le 08/03/2012 14:38, Pascal Terjan a écrit : >>>>>> And for /var/www/html >>>>>> This should really be a server-neutral thing (with a better name for >>>>>> the user, like www-data) but I never took the time to do it :( >>>>> >>>>> What is needed exactly by various web servers ? I really doubt >>>>> anything else >>>>> as apache requires apache configuration file. And if it is just a >>>>> /var/www/html directory, there is no use to have a dependency for >>>>> something >>>>> any sysadmin is able to create himself. >>>> >>>> It helps when it works out of the box. A user may not be aware, at >>>> first, that a /var/www/html has to be created + an index.html file put >>>> in it, to see its Web server work. It's a good default behaviour >>>> confirming the install succeeded and that the server works, it saves a >>>> few seconds to everyone trying/doing it first. >>>> >>>> Now, maybe each web server package should check if this /var/www/html >>>> directory exists and create it if needed (or have /var/www/apache, >>>> /var/www/lighttpd, etc.)? Or should that be better handled by a >>>> separate unique package? >>> >>> I would prefer a package providing a web user and a default webroot. >>> Else we can have such shared user created in each of the packages... >>> It would be annoying to have to chown the writable directories when >>> switching between servers. >> Fine with me. > Well, some days ago I pushed a 'webserver-base' package, with the > following elements: > - /var/www and /var/www/html directories > - 'apache' user > - index.html page > > I've been curious, however, at the exact amount of shared elements our > various webservers packages currently use. And actually, only two > (apache and lighttpd) do share user and document root, the two others > (nginx and cherookee) being totally independant. > > In Fedora, they are all independant. > > So I'd rather revert the change, and make lighttpd autonomous also. > Unless someone can convince me there is an advantage having lighttpd > executing as 'apache' :)
The web applications policy has files being owned by 'apache' user, and I don't see how that could work if lighttpd used a different user: https://wiki.mageia.org/en/Web_applications_policy -- Anssi Hannula
