newbie: www directory access

Odhiambo Washington wash at wananchi.com
Fri Apr 4 22:56:11 PST 2003 

* admin2 <admin2 at enabled.com> [20030404 21:24]: wrote:
> 
> Running FreeBSD4.7 Stable
> 
> I am virtually hosting some www domains.  I am using apache.
> 
> What is the standard recommended convention for allow specific users update
> access to specific www directories?  Should I just create a separate
> /etc/group for each virtual host?


Make that directory the user's home directory, and give the user ftp access.
Here is how I did mine:

I got some shell from the net that I used. Save this as /sbin/wwwftp
and then do

chmod 755 /sbin/wwwftp

then edit /etc/shells and add a line that reads
/sbin/wwwftp


Now when you add a user who will be updating some www directory, assign them
/sbin/wwwftp as the shell and make their home directory to be the directory
whose contents they have to update. For example, if the DocumentRoot for
foobar.com is /usr/local/www/htdocs/foobar and the user who will update the
contents of this directory is called johndoe, this is what you will have

Username	: johndoe
Shell		: /sbin/wwwftp
Home		: /usr/local/www/htdocs/foobar


Finally, here is the content of wwwftp:

#!/bin/sh -p
#
# filesonly by Michael Grant
#

# no -c option, offer to change passwd
if [ "$1" != '-c' ]; then
   echo "You may only change your password or hit return to exit"
   /usr/bin/passwd
   echo "You may only ftp or scp with this account."
   exit
fi

# $2 contains command to exec, split it into args
set $2

# Verify if the command is scp
if [ \( "$1" = 'scp' \) -a \( "$2" = '-t' \) -o \( "$2" = '-f' \) ]; then
    # Exec scp directly so there can be no mistake
    exec /usr/bin/scp $2 $3
    exit
fi

# Verify if it's the sftp command
if [ \( "$1" = '/usr/local/libexec/proftpd' \) -o \( "$1" = proftpd \) ]; then
    exec /usr/local/libexec/proftpd
    exit
fi

echo "Command not found."
exit






-Wash

-- 
Odhiambo Washington   <wash at wananchi.com>  "The box said 'Requires
Wananchi Online Ltd.  www.wananchi.com      Windows 95, NT, or better,'
Tel: +254 2 313985-9  +254 2 313922         so I installed FreeBSD."   
GSM: +254 72 743223   +254 733 744121       This sig is McQ!  :-)


Information Center, n.:
	A room staffed by professional computer people whose job it is
to tell you why you cannot have the information you require.

More information about the freebsd-questions mailing list