apache permission problem please help

RYAN vAN GINNEKEN maillist at computerking.ca
Wed Aug 25 02:13:42 PDT 2004 

Ok as anyone reading this thread knows i have huge mess on hands.  Have
found that if i set the all the users dir to 701
chmod -R 701 home
then go into each users home directory and set the the www directory to 751
cd /home/user
chmod -R 751 www
then change the group permissions of this folder to www
chown -R :www www
apache works again
This is all great but what a pain there must be an easier way as i have
many users and do not want to go through this process for all of them.
This seems like a secure method i think or would the /usr/local/www/user
with a symlink be more secure.  I run a stock freebsd system and do
not really what users poking around have heard about chrooting as an
another option for this I am very confused need some guidance.


side note
I also have all my users in one directory and it is getting large would
like to move some of them into new directories like maybe webclients and
mailclients but i moved one and had to modify the permissions all over
again and update the password database and oh what a nightmare will take
me days.

Nathan Kinkade wrote:

>On Tue, Aug 24, 2004 at 03:09:04PM -0600, RYAN vAN GINNEKEN wrote:
>  
>
>>SEE ERROR BELOW
>>
>>Was playing with permissions on my home dirs last night and changed
>>everything to chmod 700 had some problem with users looking at and
>>copying other users webpages.  I have a directory in each users home
>>dir named www where they keep there web files ie
>>/usr/home/username/www  so i guess when i changed everything to 700
>>apache was unable to use these files.
>>
>>Now i have tried the best i can to change everything back set  to
>>chmod to 655  and even tried moving a site to /usr/local/www/username
>>in hope that apache could read it there but no luck what has happened
>>please help.
>>
>>Wait now things have started to work, for the web site that i moved to
>>/usr/local/www/username. There seems to be some lag  after i make
>>changes to the permissions and restart apache is this possible.
>>
>>I have a real mess on my hands now guess i will have to play with
>>permissions and modes now to get all the sites backup.  How do i set
>>up home directories that are secure for each user ie other users on
>>the system cannot read them but apache can.  Should i move all web
>>pages to the /usr/local/www dir.  Also is there some way to automate
>>this so that when i create a new user or modify a file things will
>>work correctly.  Have been using UNIX for many years finally got up
>>the courage to play with modes and perms.  Guess i  shot myself in the
>>foot like i have been warned about by many people and docs.
>>    
>>
><snip>
>
>A better approach would be to set each users home dir itself to 700
>permissions, not necessarily all the files and directories in each users
>dir. Are you using a httpd.conf directive such as
><Directory /home/*/public_html> to allow users to publish files from
>their home dir, or are you putting sym links in the web root?
>
>Nathan
>  
>
I am using the home directory no symlinks

More information about the freebsd-questions mailing list