Todd wrote:
> On one of my servers I have a personal account and root. I disable root for ssh logins and run ssh on an alternative port. When 'scp'ing files I usually scp them up, then ssh in 'su' root and move them to /var/www/html. > > I can sftp I realize, but what group can I add my personal account to, but not root, so I can sftp in and put the files in /var/www/html? There are a dozen ways to do this. One is to uplodate with WebDAV over HTTPS, which is built into Apache on CentOS and has plenty of usable clients such as lftp. Another is simply to designate a directory under /var/www/html/, owned by you personally, that the apache user can browse. That give you direct upload access as yourself.Right, but giving myself a directory doesn't allow me to put files other places in /var/www/html....
My goal here is to be able to use my iPad over my ssh port to pull down files, edit them and save them back. Also, upload new files when I am at my desktop.
With /var/www/html owned by root:root and me loggin in as 'jason' I cannot accomplish this. I don't allow root logins over ssh...
So I think that something needs to change.
Would I change /var/www/html/<my domain> owner to myid:mygroup? I am not sure the famifications of this and how Apache would behave, etc.
The whole of /var/www can belong to myid:mygroup as long as the apache user can read it. If apache must write some files somewhere (eg via a cgi script), it needs write access to that specific somewhere, but that's it.