Thanks for the reply, Brian. Yes, I think I'm fairly familiar with the role of httpd.conf. It is for example, where the virtual hosts were defined on RedHat in my earlier version of Linux. In fact I did have an occasional need to make changes to that file on my old RedHat implementation of Linux. Perhaps I didn't explicitly point out in my first post that I'm now running on a server that features Debian Etch. The httpd.conf file in my current structure arrived 100% empty. In fact, in their 'infinite wisdom', Debian developers try to steer users away from httpd.conf entirely. Here's a link to an article that discusses this: www.control-escape.com/web/configuring-apache2-debian.html Yes, I realize the DocumentRoot location can be changed. Indeed I've already changed it with the sites I converted earlier. What I came here hoping to find is someone who understands WHY it was changed by Apache to begin with and who could explain the implications of changing it in a different way... especially since on Debian I can change it from one virtual host to another. Frankly, I haven't found anything yet that says there were technological or security reasons why Apache made this change. Not even their documentation suggests such reasons exist. If the answer is there ARE no specific reasons for the change, I'm inclined to ignore it and go with what I already have working. For the record, I've searched each of the key files in the Debian Apache Config file structure for the direct counterpart to DocumentRoot. The only place I find any references to DocumentRoot is in the individual VirtualHost configuration files I created. I can't find it anywhere else in Debian's Apache config structure. That's part of what leaves me confused. I feel like the Connecticut Yankee in King Arthur's Court here. It's hard to know for sure when you've just made a quantum leap across hardware generations, software generations AND Linux versions just how much of the change you're seeing is the result of the work of Apache developers versus the work product of Debian Developers who thought they knew a "better way". That's as hard as trying to figure out where the Camel ate his last meal by examining the straw in a dung pile you stepped in the desert. ;) After 40 years in the biz, my first motto is "Do no harm." And my second is "Do your best to try to understand any harm you MIGHT do." That's why I'm here looking for guidance. I agree with you about the need to avoid absolute paths in software setups, Brian. My sole excuse (and it's a weak one) is often when you buy these packages they don't offer or suggest pathing alternatives. Instead, they simply demand "path to sendmail on your server" with (or without) a trailing slash. Nevertheless, your point is well taken. I promise the next time I run across the 49 year old version of me dashing up and down the hallways of time, I'll make it a point to kick his butt for not adequately anticipating everything that would happen 9 years in the future! Thanks again for the reply and suggestions, sir. I sincerely appreciate it! -----Original Message----- From: Brian Mearns [mailto:mearns@xxxxxxxxxxx] Sent: Tuesday, September 02, 2008 1:25 PM To: gregplatt@xxxxxxxxxxxxx Cc: users@xxxxxxxxxxxxxxxx Subject: Re: Why do I need /var/www as DocumentRoot & www-data as www owner? Correct me if I'm wrong, but based on the way your message sounds, you don't appear to have any knowledge of the httpd.conf file? It's the main configuration file for your server, and it includes a DocumentRoot directive that allows you to specify the document root. The default may be /var/www, but you should be able to set it to anything you want. The same is true for the user and group that apache uses: these can be configured with the User and Group directives. I personally have no idea about the security implications of choosing one document root or user/group over another, but (as I said), it doesn't sound like you realize they can be changed, so I just wanted to make sure you knew that. Secondly---and not to be critical, but hopefully constructive---basing your work on the absolute paths is a common but dangerous mistake. Of course it's a lot easier but, as you're beginning to see now, it /always/ comes back to bite you in the long run. Not that it does you any good now, but it's something you'll probably remember in the future. Best of luck -Brian --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|