check out virtualmin, which is part of the webmin (www.webmin.com) project.
jason On Wednesday 09 July 2003 11:56, Joshua Gitlin wrote: > Hey guys, > > A client of mine wants me to develop and host a website that will have > multiple domains, and he wants to be able to add domains at a later > date... so basically I need to build a PHP Application which can add a > VirtualHost directive to a special apache configuration file, add an > entry to /etc/named.conf, create a file to /var/named/newhost.hosts and > fill it with the DNS info, and then reload apache and Bind. For many of > these things, I can create "special" configuration files which the > webserver has permissions to modify, and then include these special > files in my normal config files. (I.E. in httpd.conf, Include > ~client/extrahosts.conf and chown apache ~client/extrahosts.conf)... if > I do that, the Webserver will have permission to *configure* the new > domains but not restart the servers... here are my questions: > > 1. Is this a really, really, really bad idea? Because it sounds to me > like giving the webserver access to anything besides webpages could be > the making of a security flaw. (And if it is, I'll figure out a more > secure way to do this, for sure!) > > 2. How can I implement this? Is there a way in PHP to setuid, so I can > call `/etc/ini.d/httpd reload` and `/etc/init.d/named reload`? Do I > have to run two apache servers, one running as root? Can I add apache > to the sudoers file, granting it access to those tow commands? > > 3. Will calling `/etc/init.d/httpd reload` from within httpd cause > nasty things™ to happen? > > 4. Any other suggestions on how to do this? Is there a way to set up a > generic apache host that will "decide" (via PHP or whatever) which > documents to server without modifying config files? > > Thanks guys! > > Joshua Gitlin > Lead Web Designer > Glow Films, Inc. > http://www.glowfilms.com/ _______________________________________________ TriLUG mailing list http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ: http://www.trilug.org/faq/TriLUG-faq.html
