Re: Several Easy Questions (for you pros!)

Wed, 14 Feb 2001 19:58:00 -0800 

                Hi Ben,

> the httpd.conf points, in the above example, to
> /apache/vhosts/myClient
> for the account
> myClient.com
> Isn't this the same thing you're talking about? Also, how do I enable the
> client to access his site via ftp? I've chown-ed the myClient folder to his
> ownership, same name as his sendmail name: shouldn't it be accessible via his
> sendmail password?

 I don't know about sendmail names. These users need real accounts, so 
myClient should be mentioned in /etc/passwd, and his/her homedir should be set 
to /apache/vhosts/myClient. So there should be entries like
myClient:x:501:501:Real Client Name:/apache/vhosts/myClient:/bin/bash
in /etc/passwd.
 You could use a fake shell, so these users don't have shell access. In that 
case you would replace /bin/bash with something like /bin/nologin, and add 
this "shell" in /etc/shells.
 Note that when using ftp the users are not chrooted by default, so they can 
cd down the tree, and possibly access other users files, including wrongly 
chmoded system files. You could set up a chroot. In that case you will have to 
set the ftp home directory to /apache/vhosts, so anonymous ftp users will end 
up here as well. But you can block the user directories with "noretrieve" 
lines in /etc/ftpaccess when using wu-ftpd. See man ftpaccess.
 An explanation on how to setup a chroot for wu-ftpd can be found at 
www.openna.com. Look for the book "Optimizing and Securing Linux:..." (it's a 
PDF file). It seems you have to enter some user info now (wasn't there 2 weeks 
ago), but you can get an older version (1.2) without providing this 
information. You'll need the floppy that comes with the book for the ftpaccess 
file.
 When using wu-ftpd make sure to get the latest version. You could use another 
ftpd instead. The OpenBSD ftpd makes chrooting very easy: Just add a username 
to /etc/ftpchroot. It could even be you don't have to setup the user 
directories under the ftp home directory, but I am not 100% sure about that.
 About troubleshooting your webserver: Start with reading the logs. Don't know 
anything better to say about that.
 And folks, be so kind to strip your replies. A lot of text is repeated 
needlessly. TIA.

                                        Bye,

                                        Leonard.



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to