[lug] Relocating Users Web Page Directories

Jeff Schroeder jeff at neobox.net
Mon Apr 21 08:23:04 MDT 2003

SoloCDM asked:

> What would
> be the best course of action and what documentation would explain
> the steps to make the configurations?  As it is, the users home
> directories are purposely configured to block any outside users into
> their accounts?

I find that using simple file/directory permissions I can protect the 
users' home directories while allowing web access.  All users belong to 
a single group (say, "web", or just "users").  Apache is running as a 
different group (often "nobody").  Then, you can chmod everyone's home 
directory to allow user and world access, but not group:

# chmod 705 /home/bill /home/bob
# ls -l /home
drwx---r-x   66 bill      users        4096 Apr 19 17:46 bill
drwx---r-x   66 bob       users        4096 Apr 19 17:46 bob

In this way, Bill can't get into Bob's directory, and vice versa.  
Apache, running as a different group, can.  Within /home/bill you can 
then have ~/public_html or whatever, and use any permissions (as long 
as it includes world-read, so Apache can see it!).

IMHO this is superior to symlinking everything because it's more 
straightforward and easier to maintain.


More information about the LUG mailing list