Link to home
Start Free TrialLog in
Avatar of cubedweller
cubedweller

asked on

Apache setup for users

Hello,

Having a bit of trouble getting userdirectories to work with Apache.

I want to give my users the ability to publish web content (with cgi ability too).  I played around with the appropriate section in httpd.conf, but to no avail (all I get are HTTP 403's).

Example user dir: /home/cubedweller/public_html
permissions: rwxrwxr-x
Example html file: .../public_html/index.html
permissions: rw-rw-r--
Example URL: http://servername/~cubedweller/

Does anyone know how to set it up so users only have access to their directories, and can use cgi?

Thanks in advance,
CubeDweller
Avatar of jlevie
jlevie

UserDir's have changed a bit in the latest version of Apache, what version are you using?
Avatar of cubedweller

ASKER

I am using version 1.3.9-8
You may recall from an earlier question that things broke when I tried to upgrade to the latest version (1.3.12).

Thanks
Ah yes, I remember now. Let me get to one of my 1.3.9 servers and I'll pull a piece of the config file.
it's simple as creating the user's directory under /home/httpd/html, so if you create an index.html file on /home/httpd/html/user_dir you can view the his page by going to http://servername/user_dir
Unfortunately, that did not quite work.  Yes, I could create subdirectories with the usernames, but that was not the point.

As far as I understand from the Apache documentation, the users' directories live under their home directories (default config is for ~username/public_html/).  This allows them access to their content, without undue access in the web root.

Additionally, Apache seems to need a cgi-bin alias within that user directory.  The alternative is to open up the permissions on the main cgi-bin directory, something which strikes me as bad.

Any ideas?

Thanks.
You are correct in the way Apache treats the UserDir directive. As shipped, 1.3.9 has it defined as "UserDir public_html" which expands to "$usename/public_html". For Apache to gain access to the the personal pages, it has to be able to access them. Since Apache is usually running as nobody, the user's home dir and public_html dir must have at least execute perms for world (o+x) or else you'll get the 403 error. Also the files in public_html must be world readable (o+r).

The crux of your question, as I see it, is how to define an "Options ExecCGI" for the userdir's. I though I had seen something about this, although I haven't been able to locate it so far.
ASKER CERTIFIED SOLUTION
Avatar of jlevie
jlevie

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Jlevie,

Almost there.  The user's directory is now viewable, but can't get the user's cgi-bin to work.

Can you tell me exactly what to do, including what path should appear in the html file (e.g. method=get action="/cgi-bin/script.cgi")

A newbie still learning to crawl,
CubeDweller
What has to be in a users html file to access a personal cgi's would be something along the same lines as would be used to access their personal pages, e.g., for user "billybob" the html pages would be at http://server-fqdn/~billybob/ and the cgi's would be http://server-fqdn/~billybob/cgi-bin/script.cgi.
Sorry for the handholding.

I have tried using your scriptalias line in place of and in addition to the default one already in the httpd.conf file, restarting httpd everytime.

I have also tried multiple variations of the path, including:
/home/billybob/cgi-bin/script.cgi
/home/billybob/public_html/cgi-bin/script.cgi

Inside the calling html file I have also tried variations including:
action="cgi-bin/script.cgi"
action="/cgi-bin/script.cgi"
action="../cgi-bin/script.cgu"

The script is executable, and the permissions seem right.

Maybe it would also help me if I understood that expression in the ScriptAliasMatch.

Thanks,
CubeDweller

Thanks.