Hi,
A token for the apache process is not required for a read-only setup.
That said, you will need a token or IP ACL for write access.
Tell apache to use public_html in the users home folder and then run the
following commands to give anonymous access to the proper folders.
fs sa ~ system:anyuser l
fs sa ~/public_html system:anyuser rl
Those are the minimal permissions to have apache read a user's
public_html folder. Be sure that all of the ancestor directories of the
home directory have at least "system:anyuser l" access.
As for your server set up, I strongly recommend that your afs server be
a separate machine or VM and that it not be a webserver or an X terminal
server. X is insecure, so you might try freenx instead
http://freenx.berlios.de/
If you can't afford an extra machine to put the afs server on, run Xen
or VMware server and put the AFS server, X terminal server, and web
servr in separate VM's.
Sincerely,
Jason
Christof Hanke wrote:
Well, you have to give your apache-server a token
at startup and set the ACL on the public-html dir so that the apache
can read it using this token. That's all.
There are a number of mails on this list how to give a daemon a
persistent token.
Christof
Alexander Al wrote:
Hi,
We have a openAFS-server on FC5 and in time we will provide
a X window terminal server on our network. The latter isn't the problem.
But there is also a request for servicing a Webserver. Now I have here
a problem, is there a system or method that users can have a public_html
folder in their home-dirs on the openAFS-server but Apache can read
those directory's?
Hopefully someone can help me on this one.
regards,
Alexander.
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
