On Wed, 9 Jan 2002, Berthold Cogel wrote:
> > if I define 'user' in virtualhost section of apache's httpd.conf, then my
> > cgi scripts will be running as 'user' if suexec has been set up correctly.
> > It's okay. But how can I tell apache to run the whole virtualhost as
> > 'user'? Including accessing html files, and especially php.
> >
> > Is it possible somehow? Having read the apache docs, I haven't found
> > anything useful, but there must be a solution if I don't want my users to
> > run php scripts as www-data.
> Simply use 'User' and 'Group' directive in the 'Virtual Host' container. If
> your
> virtual host setup is correct, then this will work. Oh, and each user needs
> his
> own directory for his CGIs, which is writable only for him (see suexec docs).
>
> We did this for several projects:
>
> CGIs in separate directorys in /var/www/cgi/<projectname>
> Data and HTML in separate directorys in /var/www/<projectname>
> Set the permissions for those directorys.
>
> The resulting vitual host in the apache configuration:
>
> <VirtualHost www.xxx.yyy.zzz>
> ServerName <projectname>.test.de
> DocumentRoot /var/www/<projectname>/docs
>
> User <projectname>
> Group <projectname>
>
> ScriptAlias /cgi-bin/ /var/www/cgi/<projectname>/
>
> <Directory /var/www/<projectname>/docs>
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
>
> <Directory /var/www/cgi/<projectname>/>
> AllowOverride None
> Options ExecCGI
> Order allow,deny
> Allow from all
> </Directory>
>
> </VirtualHost>
this way cgi's will really run as 'user', but html files will be accessed
as www-data, and even php scripts will run as www-data.
--
Gabor Gludovatz <[EMAIL PROTECTED]> - Phone: +36 (20) 9 109 129
http://www.sopron.hu/~ggabor/ - ICQ# 861 404
