All,
I have an Apache HTTPD instance I am trying to configure for a fairly
small group of users. We're using mod_userdir and mod_suphp to ensure
that user scripts are run as the users themselves rather than as the www
user.
My objective is to configure the website in such a way that certain
distinguished portions of the site can be made easier to access. For
instance, I would like
http://mysite.com/~foouser/barsite
to be equivalent to
http://mysite.com/bazsite
To this end, we have the following subset of configuration:
<VirtualHost *:80>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /home/*/public_html>
Options ExecCGI MultiViews Indexes SymLinksIfOwnerMatch
IncludesNoExec
AllowOverride All
<Limit GET POST OPTIONS>
Order allow,deny
allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
deny from all
</LimitExcept>
Order allow,deny
allow from all
</Directory>
Alias /bazsite /home/foouser/public_html/barsite
UserDir public_html
UserDir disabled root
# ... more stuff here ...
</VirtualHost>
Unfortunately, this does not permit suexec to do its job; in fact, it
seems that suexec is never used. A script
/home/foouser/public_html/barsite/test.py is executed correctly if
accessed via the URL
http://mysite.com/~foouser/barsite/test.py
but, when accessed via the URL
http://mysite.com/bazsite/test.py
the script runs as the www user rather than as foouser. I would not
have expected this, since it doesn't meet my intuitions about aliasing.
Clearly, these alias directories need not be generative; they will be
assigned on a case-by-case basis. Does anyone know how I would express
to Apache that scripts in a specific subdirectory (recursively downward,
of course) should always be executed by suexec to a given user?
Thanks!
Zach
|
|