On May 6, 2004 06:20 pm, Pete Nesbitt wrote: > On May 6, 2004 05:58 pm, Rodolfo J. Paiz wrote: > > At 17:53 5/6/2004, you wrote: > > >first off, wow fast response.=) > > > > Welcome to Linux. <grin> > > > > >I want to install cutecast. (http://www.artscore.net/cutecast/). I asked > > >the admin what SMTP server they use for sending email notifications, > > >activation and they said Sendmail. > > > > Sendmail is already configured to accept mail from its same machine > > (localhost) but not from the outside, so it's a reasonably secure > > configuration. If you do want to accept mail from the outside, please > > read my "Sendmail SMTP AUTH HOWTO" [1] and ask any questions either here > > or directly. Otherwise, no need to do anything. > > > > [1] http://www.simpaticus.com/linux > > > > >Basicly I want to give my friend FTP access to his webarea (runs > > > apache2) so that / in his FTP client would be '/var/www/html/PS' so > > > that he can upload his files and chmod. > > > > I would suggest that the best way is to make a user for your friend, say > > "joe". Then create a "www" directory in joe's home directory (/home/joe), > > and create a "virtualhost" in Apache that points to /home/joe/www. That > > way his website files are in his home directory, where they are easy for > > him to reach but difficult for others (except Apache). You may need to > > make sure /home/joe and /home/joe/www have 701 permissions, I'm not sure. > > vsftpd will automatically chroot the user to his home directory, I think. > > If not, it's easy to configure but I don't remember how off-hand. > > > > Note that this has the advantage that people usually remember to back up > > /home but usually not /var... makes your data safer and your users > > simpler to manage. If you wanted to try a completely different approach, > > however, you could try just creating a user "psforum" and changing that > > user's home directory to /var/www/html/PS. Same results, I think, just > > not as neat. > > > > Post again if you get stuck somewhere. > > > > Cheers, > > > > > > -- > > Rodolfo J. Paiz > > rpaiz@xxxxxxxxxxxxxx > > http://www.simpaticus.com > > Hi, > The idea of creating an html dir in the users home is good, but the 'new' > prefered method for apache, instead of configuring apache to use home dirs > (there is a config stanza for doing that), you create a web space, in this > case /var/www/html/PS, then make it owned by the user & group, sguid the > dir and make it world readable "chmod 2775 PS". > Next make a sym link 'ln -s /var/www/html/PS ~joe/www' (or change www to > whatever you like such as PS) > The idea is that first, the user does not need world readable dir's in his > home, and also, the url does not have the ~username in it so it is easier > and does not give away user id's which helps with security. > > -- > Pete Nesbitt, rhce Rodolfo, I should have read your reply closer. I overlooked a few items. My solution with the sym link will allow an escape from the chroot (or will it break the link?). Also, i was thinking of the public_html based home webspace solution. However, the virtualhost will require either a 2nd IP or else a 2nd DNS entry. Another consideration may be to use the apache 'Alias' definition. You could define an alias in apache config to make requests to domain.com/PS go to ~joe/www. The 'Alias' function allows you to disable "Follow Sym Links" and define each one individually. This is kinda the opposite of my 'inbound' sym link mentioned above. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
