httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jack L. Stone" <jackst...@sage-one.net>
Subject Re: FTP permissions to Apache Vhost
Date Tue, 07 May 2002 15:26:57 GMT
Hi, Timothy: Sorry if this is the wrong list, but actually, since I'm
unsure of what will allow things to work the way I described, I wasn't sure
what controlled the permissions needed. Sort of thought it might be
Apache's <Directory> stuff.

Thanks for your questions to clarify more. Here's what I have now:

1) Yes, in ProFTP config, I have the "DefaultRoot ~" set so that user land
in their own user accounts but cannot see other user accounts/directories.

2) As to the environment, I'm running a webserver and mailserver, thus many
user accounts as a consequence and all are shells they can use to
telnet/FTP to their homedir.

3) The ProFTP has this config setting on user:group and <Dir> setting &
wonder if this is a possible conflict??:
PROFTP.CONF:
# Set the user and group that the server normally runs at.
User                            sageame
Group                           wheel

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite                on
</Directory>

As I now notice, would the above user"group conflicts with Apache's www:www.

4) ...and yes, the docroots are all recursively owned by www

5) Also FP writes okay to the present settings of www:www..... just can't
get FTP to cooperate.

6) I can make the www/vhost1 a user account so that FTP lands there at
login... just have that write problem. Should ProFTP be set to www:www
too... possibly?

At 10:49 AM 5.7.2002 -0400, Timothy G. Wesemann wrote:
>Jack,
>
>First off, I think your question might be better suited for
>proftp-user(AT)lists.sourceforge.net. However, with that said I`d
>like to get a better idea of what you`re working with. In your
>proftpd.conf, do you have something similar to "DefaultRoot ~",
>if so what type of environment is this server running (i.e. only
>webserving, or are your user homedirs with mail and what not
>being mounted on this machine?). Are you running in a yp/NIS+
>environment and cannot modify the homedir`s? Are you NFS mounting
>homedirs on another device with a seperate authentication means
>on this machine so that the users can have different homedirs on
>this particular machine and now the users have different UID`s in
>different places? If you can get the customer into their docroot
>via FTP, then why doesn`t a user own their own files/dirs in
>/usr/local/www/./vhost1/? Is the filesystem not allowing the user
>to write there, or is it a function of proftpd that I am unaware
>of? Are you setting up the FP permissions of that other than the
>user themself? (beware of chown-happy FP)... Are the docroots
>recursively owned by www???
>
>--
>Timothy G. Wesemann
>Voicenet Systems Administration
>
>
>----- Original Message -----
>From: "Jack L. Stone" <jackstone@sage-one.net>
>To: <users@httpd.apache.org>
>Sent: Tuesday, May 07, 2002 10:35 AM
>Subject: FTP permissions to Apache Vhost
>
>
>| I'm running FBSD 4.5 and migrating several virtual host
>domains/websites
>| from a BDSi server and have what is probably a very basic
>question about
>| how to provide access to the virtual host's site via FTP (and
>using
>| FrontPage as well). I did not handle such details at the old
>server, but do
>| now and want to set up the vhosts properly so the access is
>similar as before.
>|
>| I do not place the vhost in user accounts. The document paths
>are
>| structured as follows:
>|
>| /usr/local/www/maindomain
>| /usr/local/www/vhost1
>| /usr/local/www/vhost2
>| /usr/local/www/vhost3 ....and so forth.
>|
>| Apache is set up for the main domain a a couple of the vhosts
>already, but
>| they belong to me and I don't have any access problems, being
>the super
>| user. Also, FrontPage2000 sets up and publishes fine. The user
>and group
>| for Apache and FP is set to www:www.
>|
>| Now, however, I'm getting ready to move domains that belong to
>others
>| without access except through FTP and Frontpage, but most don't
>want to use
>| Frontpage and prefer FTP to upload content that has been
>produced on their
>| local machines. Fairly common method I imagine.
>|
>| I have fiddled with a test domain that I set up as a vhost to
>see how it
>| could be accessed via FTP. BTW, my FTP is ProFTPD and is set so
>that the
>| user only sees the contents that belong to them and so the
>"root" they
>| login to has to be a user account. In order to FTP login at the
>root of the
>| vhost, I have to set up a "user" in the name of the vhost, BUT,
>cannot FTP
>| upload/download to it because of permissions apparently.
>|
>| The obvious question I have is with the above setup, how do I
>give the
>| vhost user access to the root of his "root" that would appear
>like this and
>| he would see all of the content/directories contained below:
>| /usr/local/www/vhost1/
>| ...and point of entry would be /usr/local/www/vhost1/
>|
>| Better yet, to be identical to the old server setup, the path
>would be:
>| /usr/local/www/vhost/data ...and the CGI directory is
>accessible as:
>| /usr/local/www/vhost/cgi-bin
>| The user's FTP point of entry must still be:
>| /usr/local/www/vhost/
>| ...and be writable for that user.
>|
>| Again, Apache is set to www:www (and so is FP2000)
>|
>| Please help me with proper solutions to how to give the "Vuser"
>access via
>| FTP....??? Thanks in advance for any help.
>|
>| .... our website: http://www.sage-one.net/
>|
>| Best regards,
>|
>| Jack L. Stone
>| Server Admin
>|
>| ---------------------------------------------------------------
>------
>| To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>| For additional commands, e-mail: users-help@httpd.apache.org
>|
>|
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>

.... our website: http://www.sage-one.net/

Best regards,

Jack L. Stone
Server Admin

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message