Re: Apache Permissions

On 2006-10-07 21:55, John A. Bailo wrote:
I enabled the http service on my desktop machine (I have my domain name
pointing to my IP). It seems to be running apache2

The root directory for web documents is /srv/www/htdocs

As my login user, I cannot put documents into the web folder. I can only su
- and then put in documents as root.

My questions are:

How can I give my personal login permission to use this folder?

What account or permissions does the apache2 service run under? Does it
have an Anonymous user such as IIS does in Windows?

What is the minimum permissions I need to give to a HTML document so that
Apache can browse it?


It's best to leave /srv/www/htdocs as it is, since YaST will install things there. For example squirrelmail, mailman and other web-apps, and fix apache
config so they work.

Create another virtual host that has /srv/www/<domain> as document root.

Create the config file /etc/apache2/vhosts.d/<domain>.conf
(use /etc/apache2/vhosts.d/vhost.template)

Then /srv/www/<domain> can be owned by you or some other user,
for example www1 , which can have /srv/www/<domain> as $home , and a /srv/www/<domain>/.ssh/authorized_keys with your public ssh-key stored,
so you can publish with scp index.html www1@hostname: , or with sftp
or fish://www1@hostname in konqueror, or rsync or mount it with sshfs
on any machine , .......

Just don't let this user be a member of the group users, and then
add to /etc/permissions

/usr/bin/wget root:users 750
/usr/bin/curl root:users 750

This will prevent badly written php-forms to use wget/curl to download
scripts that will take over your web.

(maybe that can be fixed with app-armor also)

When using vhosts.d , you must set ServerName to a valid hostname.domain
that exist in dns, and only that hostname will take you to this virtual container.
For example if your domain has an A record xxx.yy , and A record for
mail.xxx.yy , and a Cname www.xxx.yy , and ServerName www.xxx.yy
Then only www.xxx.yy will take you to /srv/www/xxx.yy , while the other 2
will take you to /srv/www/htdocs.

To solve this, you can do:
<VirtualHost your ip or *>
ServerName www.xxx.yy
DocumentRoot /srv/www/xxx.yy
........
</VirtualHost>

<VirtualHost your ip or *>
ServerName xxx.yy
Redirect permanent / http://www.xxx.yy/
</VirtualHost>

Enjoy

/birre
.

Relevant Pages

  • Re: Apache Permissions
    ... I enabled the http service on my desktop machine (I have my domain name ... The root directory for web documents is /srv/www/htdocs ... What account or permissions does the apache2 service run under? ... htdocs pointing to a directory inside the users home directory. ...
    (alt.os.linux.suse)
  • Apache Permissions
    ... I enabled the http service on my desktop machine (I have my domain name ... The root directory for web documents is /srv/www/htdocs ... What account or permissions does the apache2 service run under? ...
    (alt.os.linux.suse)
  • Re: [SLE] php no longer working
    ... I assume you did load the php modules during install. ... srv/www/htdocs dir there are no php files. ... I thought by default apache2 would ... You may need to add an option in the config file for the root directory. ...
    (SuSE)
  • Re: apache+ssl
    ... # aptitude install apache2 ... I created the certificate request like this, ... Then I enabled the ssl module ... to <VirtualHost *:443> on the duplicated definition giving me two virtualhost ...
    (Debian-User)
  • FW: Apache2 Manhattan Virtual Classroom
    ... Once you remove the 000_default out of Apache2 it seems nothing ... found a ServerName directive in any file dealing with Apache 2. ... Why install 2 versions of Apache, ... I.e. the file manhat is the only ...
    (Debian-User)