| View previous topic :: View next topic |
| Author |
Message |
venom
Tux's lil' helper
Joined: 09 Jun 2005
Posts: 110
Location: Poland
|
 Posted: Wed May 31, 2006 12:48 pm Post subject: [SOLVED] public_html proper chmod |
 |
|
Hi,
I want to have public_html directory enabled to store www sites by my system users. i tried to set it up with user called 'venom'.
In /etc/apache2/httpd.conf I have:
| Quote: |
<IfModule mod_userdir.c>
UserDir public_html
UserDir enabled venom
UserDir disabled root
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
|
and in /etc/conf.d/apache2:
| Quote: |
APACHE2_OPTS="-D SSL -D DEFAULT_VHOST -D SSL_DEFAULT_VHOST -D PHP -D USERDIR"
|
so it should work. But when I'm trying to connect with 127.0.0.1/~venom/index.php i get 403 error :/
I think, that it depend on proper permissions on userdir and public_html. I dont't want to have this directory open to read by other users, so I tried to set permissions by group apache:
| Quote: |
# cat /etc/group |grep apache
apache:x:81:apache
# ls -l /home/venom/public_html/
total 4
-rw-r----- 1 venom apache 6 May 31 13:29 index.php
sexy venom # ls -l /home/venom/ |grep public
drw-r----- 2 venom apache 4096 May 31 13:29 public_html
|
but it doesn't work :/ any sugestions ?
Last edited by venom on Wed May 31, 2006 7:59 pm; edited 1 time in total |
|
| Back to top |
|
 |
magic919
Advocate
Joined: 17 Jun 2005
Posts: 2182
Location: Berkshire, UK
|
| Posted: Wed May 31, 2006 2:23 pm Post subject: |
|
|
On the face of it the thing should work. Can I suggest a small change
| Code: |
<IfModule mod_userdir.c>
UserDir public_html
UserDir disabled
UserDir enabled venom
|
|
|
| Back to top |
|
|
venom
Tux's lil' helper
Joined: 09 Jun 2005
Posts: 110
Location: Poland
|
| Posted: Wed May 31, 2006 2:39 pm Post subject: |
|
|
Now it works:
| Quote: |
drwx---r-x 88 venom wheel 12288 May 31 16:35 venom
->
drwx---r-x 2 venom wheel 4096 May 31 13:29 public_html
->
-rw----r-x 1 venom wheel 24 May 31 15:31 index.php
|
so it should be +rx. But now, everybody can view my home directory :/
The solution, what I can imagine now is to add apache to wheel group or chgrp -R apache /home/venom.
Every of this 2 ways is stupid :/ |
|
| Back to top |
|
|
magic919
Advocate
Joined: 17 Jun 2005
Posts: 2182
Location: Berkshire, UK
|
| Posted: Wed May 31, 2006 2:51 pm Post subject: |
|
|
| I suppose it is called public_html. Just use some auth method with Apache instead of leaving it wide open. |
|
| Back to top |
|
|
venom
Tux's lil' helper
Joined: 09 Jun 2005
Posts: 110
Location: Poland
|
| Posted: Wed May 31, 2006 7:59 pm Post subject: |
|
|
solved 
user's home directory should be drwx-----x
| Quote: |
drwx-----x 88 venom wheel 12288 May 31 21:47 venom
|
public_html: drwx---r-x
| Quote: |
drwx---r-x 2 venom wheel 4096 May 31 13:29 public_html
|
and it works - other users can't read files from your home, and apache can run sites from public_html
thanks |
|
| Back to top |
|
|
|
Networking & Security
