You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Peter Nimda <p....@gmail.com> on 2005/09/16 22:07:05 UTC
[users@httpd] ftp access to virtual hosts (Fedore Core and a like)
Hi all,
Given:
- Fedora Core 4 SELinux
- apache2
- several name-based virtual hosts
- vsftpd
Needed very much:
- provide access to every virtual host content via ftp.
- every virtual host should be associated with one user.
So, what is the Right Way to do this?
Yes, it sounds like FAQ, but i didn't find this in FAQ and in other docs too.
Any links, hints are very appreciated,
Thanks in advance!
P.S. RTFM and STFW took 2+ workdays.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ftp access to virtual hosts (Fedore Core and a like)
Posted by Peter Nimda <p....@gmail.com>.
Hi Davide,
thans for answer,
> OR you make /var/www/.... the home dir of the user
> OR you configure /home/.... as the docroot of the virtualhost.
in both cases a unix home dir of user1
(either /var/www/web.site1.com/ or /home/user1/) is a home dir
of user1 and dir contains also personal data of user1.
Such a solution is not cool if there will apear the second user
managing the same site. Indeed, the second user will then
access the home of user1, where personal stuff is also stored.
Such a "side effect".
I tried to find solution, where user1 lives as normal in his/her
/home/user1. The virtual host does not fully incapsulated in this home dir
but lives independent in /var/www/web.site1.com
and might be managed not only by user1, but with no problem with
any second user (who lives in his/her home dir /home/user2)
Maybe it is really difficult to find such a nice solution for
more the 1 unix user per virtual host...
Thanks, David
--
P.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ftp access to virtual hosts (Fedore Core and a
like)
Posted by Davide Bianchi <da...@onlyforfun.net>.
Peter Nimda wrote:
> So, every virtual host gets its corresponding user responsible for
> content. Definitely not 1 same user for all virtual hosts.
I think that it's what you want.
> Does it imply, that I have to move content of virtual hosts from
> /var/www/ -- as it is by default in Fedore Core 4 -- to the corresponding
> home directories of /home/ ?
OR you make /var/www/.... the home dir of the user
OR you configure /home/.... as the docroot of the virtualhost.
As long as the permissions on the directories are ok, they are all
the same.
Davide
--
Beat me, whip me, make me use Windows!
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ftp access to virtual hosts (Fedore Core and a like)
Posted by Peter Nimda <p....@gmail.com>.
Hi Davide,
thanks for your reply! Before asking about details I'd like to
remove possible ambiguity:
- every virtual host should be associated with ITS OWN one user.
So, every virtual host gets its corresponding user responsible for
content. Definitely not 1 same user for all virtual hosts.
Now let's me ask about details:
> Assign the DocRoot of every virtual host as homedir of one user,
> configure your ftp server to chroot each user in his own homedir,
> fix the umask of the user to have the files/dirs with the
> correct permissions (644/755).
Does it imply, that I have to move content of virtual hosts from
/var/www/ -- as it is by default in Fedore Core 4 -- to the corresponding
home directories of /home/ ?
IMHO, idea to keep content of all virtual hosts in some common
directory (/var/www) looks quite nice to me. Indeed, if for some virtual
host there will appear a second user allowed to manage some content
of the virtual host too then this second user should not get write
permissions to home dir of first user who managed contents of virtual
host.
So, still not fully clear...
Thanks again, Davide.
--
P.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ftp access to virtual hosts (Fedore Core and a
like)
Posted by Davide Bianchi <da...@onlyforfun.net>.
Peter Nimda wrote:
> Needed very much:
>
> - provide access to every virtual host content via ftp.
> - every virtual host should be associated with one user.
>
> So, what is the Right Way to do this?
Assign the DocRoot of every virtual host as homedir of one user,
configure your ftp server to chroot each user in his own homedir,
fix the umask of the user to have the files/dirs with the
correct permissions (644/755).
> P.S. RTFM and STFW took 2+ workdays.
You need more practice.
Davide
--
Best viewed with Internet Explorer 5.6 on a 1280x1024 resolution with
24-bit color depth, maximum contrast, minimum brightness, in a 1000x960
window placed in the exact center of your display with this videocard
and ....
-- from alt.sysadmin.recovery
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org