From owner-freebsd-questions@FreeBSD.ORG Wed Nov 19 02:00:21 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 09FBC16A4CE for ; Wed, 19 Nov 2003 02:00:21 -0800 (PST) Received: from mail.caraldi.com (caraldi.com [62.212.102.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA46743FE9 for ; Wed, 19 Nov 2003 02:00:18 -0800 (PST) (envelope-from jbq@caraldi.com) Received: from watt.intra.caraldi.com (watt.intra.caraldi.com [192.168.100.101]) by mail.caraldi.com (Postfix) with ESMTP id 205B220C6 for ; Wed, 19 Nov 2003 11:00:17 +0100 (CET) Received: by watt.intra.caraldi.com (Postfix, from userid 1001) id DC07E94; Wed, 19 Nov 2003 11:00:16 +0100 (CET) Date: Wed, 19 Nov 2003 11:00:16 +0100 From: Jean-Baptiste Quenot To: FreeBSD-questions Message-ID: <20031119100016.GE1319@watt.intra.caraldi.com> Mail-Followup-To: FreeBSD-questions References: <000e01c3aac6$6f2bbdd0$0901a8c0@bloodlust> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="CGDBiGfvSTbxKZlW" Content-Disposition: inline In-Reply-To: <000e01c3aac6$6f2bbdd0$0901a8c0@bloodlust> User-Agent: Mutt/1.5.5.1i Subject: Re: user's rights ??? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Nov 2003 10:00:21 -0000 --CGDBiGfvSTbxKZlW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Xpression: > Hi list, I have configured a server to act as a WWW server, > but I have many users that have their own web page and they can access > to their sub-dirs via FTP, now when they want to upload the files via > HTTP (usin PHP) the system denied the write, I mean: Assuming you want to use PHP: You have to setup Apache with suExec so that PHP runs as the user owning the directory. Each user directory should be owned by a different user id. This is because Apache (and PHP) runs as user www, so it cannot modify files. Note that using this approach requires PHP to be run as a CGI program. However, suExec requires that the CGI be owned by the user running it, so either you copy php to every user dir in the cgi-bin directory, or you apply patches available at [1]. The setup is a bit difficult but worth the effort. If you want to use the HTTP PUT method, you may consider running mod_dav, but then an authentication must be setup and all files owned by the user running Apache (www). Best regards, --=20 Jean-Baptiste Quenot http://caraldi.com/jbq/ [1] http://localhost.nl/ --CGDBiGfvSTbxKZlW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/uz8w9xx3BCMc9gsRAm6PAJ9FPlZMSQicL7jCBSlRB6aDlrEilQCggZwI 8A+LSHdSevHw9gDrlD5iVIA= =vwu3 -----END PGP SIGNATURE----- --CGDBiGfvSTbxKZlW--