Ok as anyone reading this thread knows i have huge mess on hands. Have found that if i set the all the users dir to 701 chmod -R 701 home then go into each users home directory and set the the www directory to 751 cd /home/user chmod -R 751 www then change the group permissions of this folder to www chown -R :www www apache works again This is all great but what a pain there must be an easier way as i have many users and do not want to go through this process for all of them. This seems like a secure method i think or would the /usr/local/www/user with a symlink be more secure. I run a stock freebsd system and do not really what users poking around have heard about chrooting as an another option for this I am very confused need some guidance.
side note I also have all my users in one directory and it is getting large would like to move some of them into new directories like maybe webclients and mailclients but i moved one and had to modify the permissions all over again and update the password database and oh what a nightmare will take me days.
Nathan Kinkade wrote:
On Tue, Aug 24, 2004 at 03:09:04PM -0600, RYAN vAN GINNEKEN wrote:
SEE ERROR BELOW
Was playing with permissions on my home dirs last night and changed everything to chmod 700 had some problem with users looking at and copying other users webpages. I have a directory in each users home dir named www where they keep there web files ie /usr/home/username/www so i guess when i changed everything to 700 apache was unable to use these files.
Now i have tried the best i can to change everything back set to chmod to 655 and even tried moving a site to /usr/local/www/username in hope that apache could read it there but no luck what has happened please help.
Wait now things have started to work, for the web site that i moved to /usr/local/www/username. There seems to be some lag after i make changes to the permissions and restart apache is this possible.
I have a real mess on my hands now guess i will have to play with
permissions and modes now to get all the sites backup. How do i set
up home directories that are secure for each user ie other users on
the system cannot read them but apache can. Should i move all web
pages to the /usr/local/www dir. Also is there some way to automate
this so that when i create a new user or modify a file things will
work correctly. Have been using UNIX for many years finally got up
the courage to play with modes and perms. Guess i shot myself in the
foot like i have been warned about by many people and docs.
<snip>
A better approach would be to set each users home dir itself to 700 permissions, not necessarily all the files and directories in each users dir. Are you using a httpd.conf directive such as <Directory /home/*/public_html> to allow users to publish files from their home dir, or are you putting sym links in the web root?
Nathan
I am using the home directory no symlinks
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
