Hi Alexander,
I'm a PHP developer and my audience on YouTube, I would guess, are
people wanting to learn PHP.
I use Linux to support my PHP programming.
I'm wondering if there is some value in not automating so one has to do
these tasks over and over. I'm thinking this can help the learning
curve.
I know I have learned a lot. I last did this stuff on CentOS 6.x maybe
5 or 6 years ago. Ubuntu is similar but different.
Your Thoughts?
Keith
On 2024-10-22 15:34, Keith Smith via PLUG-discuss wrote:
What is the learning curve for that?
On 2024-10-22 15:09, Snyder, Alexander J wrote:
I think a lot of this could be made a lot easier with Ansible and
Jinja templates.
--
Thanks,
Alexander
Sent from my Google Pixel 7 Pro
On Tue, Oct 22, 2024, 13:39 Keith Smith via PLUG-discuss
<plug-discuss@lists.phxlinux.org> wrote:
Thank You Everyone!!
Seems the problem was I needed to uncomment "PasswordAuthentication
yes". When creating a user with SSH ability.
Keith
On 2024-10-22 10:46, Rusty Carruth via PLUG-discuss wrote:
ChatGPT gave a more complete answer than I do below (the question
was:
This person is using vhost, and thinks he wants to chroot to the
docroot of the vhost when the user logs in. What do you think of
that?)
(I never thought I'd be pointing people to an AI for answers! ;-)
On 10/22/24 10:42, Rusty Carruth via PLUG-discuss wrote:
One thing I don't understand, below.
On 10/22/24 10:25, Keith Smith via PLUG-discuss wrote:
Hi,
I appreciate all the feedback. There is more to the story.
....
The 3 things I think I need to accomplish:
1) Add a user and configure it to use SSH.
2) Configure each vhost to use PHP-FPM.
3) Limit the User to the docroot of it's virtual host.
(ChrootDirectory)
I don't understand # 3. Let me say what I think you said: you
have
(some number of) virtual machines. Or do you mean that thing
that
allows you to run more than one web address from the same IP
address?
In either case, why do you need to chroot to docroot? You do
realize
that docroot must then have EVERYTHING the user needs - all
programs,
all devices, everything. So you're going to need /dev, /bin,
/usr/bin, and so forth or the user will be dead in the water with
no
commands - shoot, not even bash will be there to try to type
commands!
If you're doing the chroot already, and its failing, then that's
probably because bash isn't there, nor is anything else you
need...
I am using a clone of the LAMP server so I am going to remove it
and
create another close and start by trying to create a use that
has SSH
access and a home directory.
If you are using virtual machines, just clone it in the virtual
machine - but then, I'm thinking you don't mean virtual machine,
you
mean that other thing :-)
Then I think I should work on limiting that user to the vhost
that is
designated to work with.
So, if you mean not virtual machine but that other thing, then
you're
either going to have to copy all the stuff I talk about above in
to
the docroot tree (which I still think will cause more problems
than it
will fix), or mount the stuff above inside the docroot, or figure
out
how to change permissions and ownership so that the user can only
change the stuff in their docroot. Perhaps group ownership can
save
the day here, assuming you want ALL files in ALL web servers to
be
owned by whoever is running Apache, then create 2 or more groups,
change all group ownership to the NON-User group, then
change group ownership of all files in your docroot to the group
of
the user (obviously you're going to have to change the user to
have
that group too), then change permissions to something like 770
for all
directories everywhere (or 775, or whatever) and 660 for all
files.
Done, supposedly ;-)
Then finish up by installing configuring the vhost to use
PHP-FPM.
Any thought are much appreciated!!
Keith
---------------------------------------------------
PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
