Hi all, I need to upload files to /var/www/html on our remote centos box. The perms on /var/www/html are stock from the install, (drwxr-xr-x root.root). I set the box for ftp, but (obviously) normal users can't write to that directory. I don't want to allow root ftp logins (I've also disabled root ssh logins, so scp doesn't work either), and I don't know how secure it is to change ownership of the html directory. Can someone float me a couple of hints on how to accomplish this?
TIA,
Tom Elsesser wrote:
Hi all, I need to upload files to /var/www/html on our remote centos box. The perms on /var/www/html are stock from the install,
the 'normal' way to do this is to setup a vhost in /etc/httpd/conf.d/ and setup the docroot for that in /home/<someusername>/public_html ; change the perms there to satisfy what apache needs, and set
" chcon -R -u system_u -r object_r -t httpd_sys_content_t /home/<username>/public_html/ "
and you are done, just upload your content under /home/<username>/public_html/
Karanbir Singh wrote:
the 'normal' way to do this is to setup a vhost in /etc/httpd/conf.d/
Thanks for the quick reply. I admit to not knowing much about apache, so forgive if this all sounds silly.
I was looking at virtual hosts all day and just ended up confused and bitter, getting "you don't have access to / on this server", but I thought vhosts went into /etc/httpd/conf/httpd.conf? My conf.d dir has stuff like squirrelmail aliases. I need content for the site itself, so I didn't think an alias would work.
" chcon -R -u system_u -r object_r -t httpd_sys_content_t /home/<username>/public_html/ "
I had absolutely no idea about this command. The man page is fairly sparse, so I'll take you obviously knowledgeable word on this one.
Tom Elsesser wrote:
Karanbir Singh wrote:
the 'normal' way to do this is to setup a vhost in /etc/httpd/conf.d/
Thanks for the quick reply. I admit to not knowing much about apache, so forgive if this all sounds silly.
I was looking at virtual hosts all day and just ended up confused and bitter, getting "you don't have access to / on this server", but I thought vhosts went into /etc/httpd/conf/httpd.conf? My conf.d dir has stuff like squirrelmail aliases. I need content for the site itself, so I didn't think an alias would work.
you dont need to touch httpd.conf at all, just setup all your Virtualhosts in seperate files ( I do, somepeople just use a vhosts.conf ) in /etc/httpd/conf.d/ and you wont need to worry about conf file mangling / handling when the httpd package updates, and moving config's, data, html stuff becomes real easy between machines.
There is an example VirtualHosts setup ( the last few lines in /etc/httpd/conf/httpd.conf ), just copy that and paste it into a new file in conf.d/ - and remember you need to enable the NameVirtualHost <ip>.
everything in the conf.d/ directory that ends in a .conf is parsed and used as config material by httpd.
" chcon -R -u system_u -r object_r -t httpd_sys_content_t /home/<username>/public_html/ "
I had absolutely no idea about this command. The man page is fairly sparse, so I'll take you obviously knowledgeable word on this one.
chcon will handle / setup SELinux context's for httpd to access the content.
-
Karanbir Singh -
Tom Elsesser