Solved

How can Apache outside jail access pages in jail while jail users still have permissions to upload files?

Posted on 2008-10-03
4
440 Views
Last Modified: 2013-12-15
My Apache (ver 2.2.8-28.1) was built on openSUSE 11.0 and run a couple of domains.

Yesterday I setup a chroot jail for ssh / scp / sftp with Linux according to: http://www.fuschlberger.net/programs/ssh-scp-sftp-chroot-jail/
This works fine, each user get a space /home/jail/home/[username]/

However I want these users to be able to make their own internet pages. Which means that I want some virtual hosts in apache outside of jail, to be able to reache some directories in jail.

If I chgrp to www instead of users, my apache get access to files in /home/jail/home/[users]/public_html ( http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/Q_21316391.html#13321341 ). But then my users loose their permissions to transfer files into their directories...

Is there a way I can accomplish both (without putting apache in jail)?

0
Comment
Question by:kvaade
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 13

Expert Comment

by:Rowley
ID: 22634016
Why not approach this another way? Sync the directories to a directory that apache does have access to within its default root. If on the same box, you could script cp, tar, cpio, pax, rsync or whatever you choose to achieve this.

This way, you could also take copies of old stuff before overwriting, so you'll have a history and be able to restore changes quickly without having to use cvs or something similar.
0
 

Author Comment

by:kvaade
ID: 22638242
Rowley: With your approach, will I have to run a cronjob checking every minute for updates, or is it a way to sync on the fly?
0
 
LVL 13

Accepted Solution

by:
Rowley earned 500 total points
ID: 22638342
True, that is perhaps a disadvantage. However, if you use rsync, you can choose to only copy across changes if you desire. Alternatively, you could set a FollowSymLink option for a particular dir in your apache config  and create a link in your docroot that points to your chrooted area...although I prefer the former suggestion. If you can stage the chroot environment and separate it from your apache,  the better.

 You could also set the "other" permission octal to read and point virtual hosts docroots, aliases to this directory. I'm sure there are other and/or better ways to skin this cat too...
0
 

Author Comment

by:kvaade
ID: 22677211
Sorry for my late reply.
I solved my problem by simply changing folder attributes.

But I appreciate your answers Rowley, they have given me some other ideas, thanks!
You have deserved the points!  :)
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question