From owner-freebsd-questions@FreeBSD.ORG Tue Aug 24 22:18:01 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CDBC16A4DA for ; Tue, 24 Aug 2004 22:18:01 +0000 (GMT) Received: from frontend1.messagingengine.com (frontend1.messagingengine.com [66.111.4.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 77EA543D45 for ; Tue, 24 Aug 2004 22:17:59 +0000 (GMT) (envelope-from nkinkade@fastmail.fm) X-Sasl-enc: 4vl0pUmOH8lCjDklMmdUyQ 1093385876 Received: from gentoo-npk.bmp.ub (unknown [206.27.244.136]) by www.fastmail.fm (Postfix) with ESMTP id 65A3DC1459D; Tue, 24 Aug 2004 18:17:56 -0400 (EDT) Received: from nkinkade by gentoo-npk.bmp.ub with local (Exim 4.21) id 1Bzjan-0007wH-Rm; Tue, 24 Aug 2004 16:16:37 -0600 Date: Tue, 24 Aug 2004 16:16:37 -0600 From: Nathan Kinkade To: RYAN vAN GINNEKEN Message-ID: <20040824221637.GP3767@gentoo-npk.bmp.ub> Mail-Followup-To: RYAN vAN GINNEKEN , freebsd-questions@freebsd.org References: <412BAE70.4080402@computerking.ca> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="hXth9cGL35Nvpk4x" Content-Disposition: inline In-Reply-To: <412BAE70.4080402@computerking.ca> User-Agent: Mutt/1.5.6i Sender: cc: freebsd-questions@freebsd.org Subject: Re: apache permission problem please help X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nathan Kinkade List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Aug 2004 22:18:01 -0000 --hXth9cGL35Nvpk4x Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 24, 2004 at 03:09:04PM -0600, RYAN vAN GINNEKEN wrote: > SEE ERROR BELOW >=20 > Was playing with permissions on my home dirs last night and changed > everything to chmod 700 had some problem with users looking at and > copying other users webpages. I have a directory in each users home > dir named www where they keep there web files ie > /usr/home/username/www so i guess when i changed everything to 700 > apache was unable to use these files. >=20 > Now i have tried the best i can to change everything back set to > chmod to 655 and even tried moving a site to /usr/local/www/username > in hope that apache could read it there but no luck what has happened > please help. >=20 > Wait now things have started to work, for the web site that i moved to > /usr/local/www/username. There seems to be some lag after i make > changes to the permissions and restart apache is this possible. >=20 > I have a real mess on my hands now guess i will have to play with > permissions and modes now to get all the sites backup. How do i set > up home directories that are secure for each user ie other users on > the system cannot read them but apache can. Should i move all web > pages to the /usr/local/www dir. Also is there some way to automate > this so that when i create a new user or modify a file things will > work correctly. Have been using UNIX for many years finally got up > the courage to play with modes and perms. Guess i shot myself in the > foot like i have been warned about by many people and docs. A better approach would be to set each users home dir itself to 700 permissions, not necessarily all the files and directories in each users dir. Are you using a httpd.conf directive such as to allow users to publish files from their home dir, or are you putting sym links in the web root? Nathan --=20 PGP Public Key: pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xD8527E49 --hXth9cGL35Nvpk4x Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBK75FO0ZIEthSfkkRArmpAJ4zGyVsI7lr+cWjAZgzR+JKNMbi8ACeIsBr 8gfwo3zzhi3MubAeffm2RLI= =R6AM -----END PGP SIGNATURE----- --hXth9cGL35Nvpk4x--