[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 230
  • Last Modified:

Apache setup for users

Hello,

Having a bit of trouble getting userdirectories to work with Apache.

I want to give my users the ability to publish web content (with cgi ability too).  I played around with the appropriate section in httpd.conf, but to no avail (all I get are HTTP 403's).

Example user dir: /home/cubedweller/public_html
permissions: rwxrwxr-x
Example html file: .../public_html/index.html
permissions: rw-rw-r--
Example URL: http://servername/~cubedweller/

Does anyone know how to set it up so users only have access to their directories, and can use cgi?

Thanks in advance,
CubeDweller
0
cubedweller
Asked:
cubedweller
  • 5
  • 5
1 Solution
 
jlevieCommented:
UserDir's have changed a bit in the latest version of Apache, what version are you using?
0
 
cubedwellerAuthor Commented:
I am using version 1.3.9-8
You may recall from an earlier question that things broke when I tried to upgrade to the latest version (1.3.12).

Thanks
0
 
jlevieCommented:
Ah yes, I remember now. Let me get to one of my 1.3.9 servers and I'll pull a piece of the config file.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
bernardhCommented:
it's simple as creating the user's directory under /home/httpd/html, so if you create an index.html file on /home/httpd/html/user_dir you can view the his page by going to http://servername/user_dir
0
 
cubedwellerAuthor Commented:
Unfortunately, that did not quite work.  Yes, I could create subdirectories with the usernames, but that was not the point.

As far as I understand from the Apache documentation, the users' directories live under their home directories (default config is for ~username/public_html/).  This allows them access to their content, without undue access in the web root.

Additionally, Apache seems to need a cgi-bin alias within that user directory.  The alternative is to open up the permissions on the main cgi-bin directory, something which strikes me as bad.

Any ideas?

Thanks.
0
 
jlevieCommented:
You are correct in the way Apache treats the UserDir directive. As shipped, 1.3.9 has it defined as "UserDir public_html" which expands to "$usename/public_html". For Apache to gain access to the the personal pages, it has to be able to access them. Since Apache is usually running as nobody, the user's home dir and public_html dir must have at least execute perms for world (o+x) or else you'll get the 403 error. Also the files in public_html must be world readable (o+r).

The crux of your question, as I see it, is how to define an "Options ExecCGI" for the userdir's. I though I had seen something about this, although I haven't been able to locate it so far.
0
 
jlevieCommented:
Okay, I found the reference about personal cgi-bins. It works for me because all of our home dirs are automounted in /home (although it would also work if they were all in one or a few filesystems). And it goes like this:

ScriptAliasMatch /~([^/])/cgi-bin/(.*) /home/$1/cgi-bin/$2

I think that provides the last piece...
0
 
cubedwellerAuthor Commented:
Jlevie,

Almost there.  The user's directory is now viewable, but can't get the user's cgi-bin to work.

Can you tell me exactly what to do, including what path should appear in the html file (e.g. method=get action="/cgi-bin/script.cgi")

A newbie still learning to crawl,
CubeDweller
0
 
jlevieCommented:
What has to be in a users html file to access a personal cgi's would be something along the same lines as would be used to access their personal pages, e.g., for user "billybob" the html pages would be at http://server-fqdn/~billybob/ and the cgi's would be http://server-fqdn/~billybob/cgi-bin/script.cgi.
0
 
cubedwellerAuthor Commented:
Sorry for the handholding.

I have tried using your scriptalias line in place of and in addition to the default one already in the httpd.conf file, restarting httpd everytime.

I have also tried multiple variations of the path, including:
/home/billybob/cgi-bin/script.cgi
/home/billybob/public_html/cgi-bin/script.cgi

Inside the calling html file I have also tried variations including:
action="cgi-bin/script.cgi"
action="/cgi-bin/script.cgi"
action="../cgi-bin/script.cgu"

The script is executable, and the permissions seem right.

Maybe it would also help me if I understood that expression in the ScriptAliasMatch.

Thanks,
CubeDweller

0
 
cubedwellerAuthor Commented:
Thanks.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now