Solved

Apache setup for users

Posted on 2000-03-15
11
218 Views
Last Modified: 2013-12-15
Hello,

Having a bit of trouble getting userdirectories to work with Apache.

I want to give my users the ability to publish web content (with cgi ability too).  I played around with the appropriate section in httpd.conf, but to no avail (all I get are HTTP 403's).

Example user dir: /home/cubedweller/public_html
permissions: rwxrwxr-x
Example html file: .../public_html/index.html
permissions: rw-rw-r--
Example URL: http://servername/~cubedweller/

Does anyone know how to set it up so users only have access to their directories, and can use cgi?

Thanks in advance,
CubeDweller
0
Comment
Question by:cubedweller
  • 5
  • 5
11 Comments
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
UserDir's have changed a bit in the latest version of Apache, what version are you using?
0
 

Author Comment

by:cubedweller
Comment Utility
I am using version 1.3.9-8
You may recall from an earlier question that things broke when I tried to upgrade to the latest version (1.3.12).

Thanks
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Ah yes, I remember now. Let me get to one of my 1.3.9 servers and I'll pull a piece of the config file.
0
 
LVL 2

Expert Comment

by:bernardh
Comment Utility
it's simple as creating the user's directory under /home/httpd/html, so if you create an index.html file on /home/httpd/html/user_dir you can view the his page by going to http://servername/user_dir
0
 

Author Comment

by:cubedweller
Comment Utility
Unfortunately, that did not quite work.  Yes, I could create subdirectories with the usernames, but that was not the point.

As far as I understand from the Apache documentation, the users' directories live under their home directories (default config is for ~username/public_html/).  This allows them access to their content, without undue access in the web root.

Additionally, Apache seems to need a cgi-bin alias within that user directory.  The alternative is to open up the permissions on the main cgi-bin directory, something which strikes me as bad.

Any ideas?

Thanks.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 40

Expert Comment

by:jlevie
Comment Utility
You are correct in the way Apache treats the UserDir directive. As shipped, 1.3.9 has it defined as "UserDir public_html" which expands to "$usename/public_html". For Apache to gain access to the the personal pages, it has to be able to access them. Since Apache is usually running as nobody, the user's home dir and public_html dir must have at least execute perms for world (o+x) or else you'll get the 403 error. Also the files in public_html must be world readable (o+r).

The crux of your question, as I see it, is how to define an "Options ExecCGI" for the userdir's. I though I had seen something about this, although I haven't been able to locate it so far.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 40 total points
Comment Utility
Okay, I found the reference about personal cgi-bins. It works for me because all of our home dirs are automounted in /home (although it would also work if they were all in one or a few filesystems). And it goes like this:

ScriptAliasMatch /~([^/])/cgi-bin/(.*) /home/$1/cgi-bin/$2

I think that provides the last piece...
0
 

Author Comment

by:cubedweller
Comment Utility
Jlevie,

Almost there.  The user's directory is now viewable, but can't get the user's cgi-bin to work.

Can you tell me exactly what to do, including what path should appear in the html file (e.g. method=get action="/cgi-bin/script.cgi")

A newbie still learning to crawl,
CubeDweller
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
What has to be in a users html file to access a personal cgi's would be something along the same lines as would be used to access their personal pages, e.g., for user "billybob" the html pages would be at http://server-fqdn/~billybob/ and the cgi's would be http://server-fqdn/~billybob/cgi-bin/script.cgi.
0
 

Author Comment

by:cubedweller
Comment Utility
Sorry for the handholding.

I have tried using your scriptalias line in place of and in addition to the default one already in the httpd.conf file, restarting httpd everytime.

I have also tried multiple variations of the path, including:
/home/billybob/cgi-bin/script.cgi
/home/billybob/public_html/cgi-bin/script.cgi

Inside the calling html file I have also tried variations including:
action="cgi-bin/script.cgi"
action="/cgi-bin/script.cgi"
action="../cgi-bin/script.cgu"

The script is executable, and the permissions seem right.

Maybe it would also help me if I understood that expression in the ScriptAliasMatch.

Thanks,
CubeDweller

0
 

Author Comment

by:cubedweller
Comment Utility
Thanks.
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now