From owner-freebsd-questions@FreeBSD.ORG Wed May 30 22:45:43 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BA7CE16A41F for ; Wed, 30 May 2007 22:45:43 +0000 (UTC) (envelope-from agus.262@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.180]) by mx1.freebsd.org (Postfix) with ESMTP id 618DC13C43E for ; Wed, 30 May 2007 22:45:43 +0000 (UTC) (envelope-from agus.262@gmail.com) Received: by py-out-1112.google.com with SMTP id a29so4200277pyi for ; Wed, 30 May 2007 15:45:42 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=s+LhSY7Acf8FTfHI+RoEsKgdTAFmvriz0yxqIMWAZ6H0Tw0sAJ+Wr4ucIW7eEnI8P0OoyfAC1nBn66Y80Mo+IMoTbcxhTzIvWSlL0hAeWY60xIYl6iQH4lXcl3k5QVqWWR1mvzMTyg2lZoxvx7bcz0Hn8PxYNC9MenYz26nvK4Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=NWiWsAZkP5nwNEQUexlUuyW+CibL5tc6XJpVwUJgSB2ELyL3EZ2dGnOKCmJ9ADcrCmOtBT6SeMeJb69wC+Z0xL0HPSsghO2zkf9dQKsMLLzmqP/LuGE4/RqrGfkL1MuZptQagolZuYk3ZlJCx/ORKtSL6MIjsJ8dTl/3C29YEnU= Received: by 10.65.73.16 with SMTP id a16mr16393956qbl.1180565142583; Wed, 30 May 2007 15:45:42 -0700 (PDT) Received: by 10.65.204.15 with HTTP; Wed, 30 May 2007 15:45:42 -0700 (PDT) Message-ID: Date: Wed, 30 May 2007 19:45:42 -0300 From: Agus To: "Christopher Hilton" In-Reply-To: <465DE3DA.7040504@vindaloo.com> MIME-Version: 1.0 References: <465DDAA0.8060204@locolomo.org> <465DE3DA.7040504@vindaloo.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions Subject: Re: NFS and apache... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 May 2007 22:45:43 -0000 2007/5/30, Christopher Hilton : > > Erik Norgaard wrote: > > >> How can i do this? I am trying but im getting permission denied...while > >> trying to create a file... > > > > NFS is insecure (No File Security) since there is no authentication. You > > get access with the user id of your current user. > > > > I didn't want to touch the security problems with this as I assumed that > the original poster knows about them. Just the same I'm assuming that > webserver:/etc/exports has a line like: > > /usr/local/www/data/mysite -maproot=nobody:nogroup 192.168.233.17 > > which would tighten down the mount to just the one machine. As a > developer, without even looking at security I think that direct access > to the webroot tree is a bad idea. However I'm giving the original > poster the benefit of the doubt. Perhaps he's just trying to learn HTML > and PHP. > > [snip] > > > > > One security measure is implemented though: root user on client is > > treated as nobody on the server. There is an option you can add to the > > exports file (forgot which), to override this see the exports manpage. > > > >> Also if you have a different solution for updating the site..they are > >> welcome.. > > > > Unless you have problems with diskspace, why not just use rsync? Do it > > manually and you get time to correct blunders before they become public, > > or do it as a cronjob. > > > > rsync > scp, > dav, > *** cvs *** > > When I work on a website I tend to start with the site directory in cvs > to protect me from the damage caused by fat fingers. I'm an old C > programmer and CVS and Make are tools that I'm used to so I usually add > a really simple make file to the web tree... > > ***** Typical Makefile for web project ***** > -- cut from here -- > > update: > cvs -PAd . > > MYWEBUSER = www > MYHOST = webserver.example.com > MYWEBROOT = /usr/local/www/data/webserver.example.com/ > > publish: > rsync -auv ./ $(MYWEBUSER)@$(MYHOST):$(MYWEBROOT) > > -- to here -- > > Then running: > > $ make update > > on the webserver from within the webtree will refresh the site from the > latest copy in CVS. In my opinion this is the best way because with a > little CVS knowledge you can back out any mistakes. This is also nice > since it only depends on the ability for both your development machine > and webserver to be able to reach the cvs server. A final nicety is that > there are CVS clients for FreeBSD, Windows, and Mac OS X. On the > downside you do have to setup a cvs server. > > Add a little magic with ssh-keygen and the command: > > $ make publish > > will push the current state of the web project, N.B. whatever it may be, > onto the webserver. This is a lower overhead way of publishing that has > the danger of no fallback position in case something is screwed up. > Honestly I think that the publish tag is better used for testing than > production but not every is willing to go to the overhead of using > revision control (CVS, SVN, what have you) on this stuff. > > -- Chris > > -- > __o "All I was doing was trying to get home from work." > _`\<,_ -Rosa Parks > ___(*)/_(*)___________________________________________________________ > Christopher Sean Hilton > pgp key: D0957A2D/f5 30 0a e1 55 76 9b 1f 47 0b 07 e9 75 0e 14 > Great.....thanks a lot guys....you've been very kind..... I will begin reading about rsync and CVS then....it also seems a lot more interesting than NFS.... Thanks again... Greetz