I want to ask a question maybe a stupid one Here what i understand saying linux user : i can create various users for example for me , for my brother and so on to log in to system. But what does it mean that apache runs under user wwwrun and group www by default . What kind of user is that ? It's explicitly not a user kind that one I know about .
View 6 RepliesHow do i add the default normal user to the sudoers group? Is it normal for the main user to be kept out of the sudoers group or did i do something wrong during install?
View 2 Replies View RelatedI migrated joomla to my new server and noticed that the script doesn't have the permission to edit it's own configuration file and write to the cache folder. All my files are owned by root, which I guess isn't a good idea.
As what user do the PHP scripts run? Or is this system specific? I don't want to chmod all files to 777 so I'd just like to change file and folder ownerships to the user that is executing that script.
What would be the effect of setting ProFTPd's user and group to the same user and group that Apache use? Are there any security risks in doing this, or is this safe to do?
View 4 Replies View RelatedI want to run a Web service that performs a lengthy calculation for the customer. If I let PHP perform the calculation, the script gets killed by server timeout. So I figured out it should initiate a batch job.However, the HTTP server process cannot initiate a batch job because user wwwrun is denied access to service at. Why is that so, and is it safe to remove this denial?
View 9 Replies View RelatedI am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
I am now using CentOS5 as the server providing Apache services. I have managed to setup the web page under /home/user1/public_html, now I wish to change the default web page of our server to /home/user1/public_html. i tried to modify httpd.conf, in which i changed the "/var/www/" to the above user directory, but didnot work. Please kindly suggest.
View 9 Replies View RelatedHow can I create a user group that restricts Internet privileges to only members in the group, then I will assigns certain applications to join the group for access to the Internet.
For example, I want only group net to have access to the Internet. Group net is then connected to:
Code:
So far, I am using the gnome group policy manager that is standard with ubuntu but Its not working. It is possible that im misdirected and that I should use a firewall instead?
I am learning about group and user management with Fedora and can change the user's group using the usermod command but did not know if there was a command to see the group currently associated with the user.
View 3 Replies View RelatedI'm using a fedora install mainly for audio work and have everything working well out of the box. My setup is simple:
-Direct cable from Guitar 1/4" > Sound Card input>Rakarrack Guitar Effects>Ardour>System Out
(Occasionally I put a synth/plugin like Zynaddsubfx or jackrack before or after rakarrack depending on what sound I'm going for)
-Jack for all audio transport with synthesizers
I have real time support with Jack and all other programs except Rakarrack. When I launch Rakarrack in the terminal, I get this message:
Code:
rakarrack 0.6.1 - Copyright (c) Josep Andreu - Ryan Billing - Douglas McClendon - Arnout Engelen
Try 'rakarrack --help' for command-line options.
Cannot lock down memory area (Cannot allocate memory)
Cannot use real-time scheduling (RR/15)(1: Operation not permitted)
AcquireRealTime error
However, running rakarrack in root does not display this output, and I assume it has no problem getting real-time scheduling in that case. I did some google searches but the only similar issues that I find are that people can't get RT support in jack except in my instance, I do have RT scheduling with jack, but for some reason I can't get it in rakarrack unless I'm root.
[Edit] I actually have to run jackd and rakarrack in root to get rakarrack to use real time scheduling. But, it isn't necessary for any other jack compatible program that I know of. I'm actually not getting any real time scheduling with any jack application, even though Jack is reporting to be running in Real Time. However, running everything in root fixes the issue even though I would prefer to not have to run as root.
I have a box that is Rec Hat Linux 5.4 with Apache server 2.2.3 . I'm told there are multiple vulnerabilities in Apache httpd, that version 2.2.16 or later is better. However, I did a package update this week and 2.2.3 is where I sit. Is there a newer version that will run or a patch for 2.2.3? Upgrading Red Hat is not an option.
View 3 Replies View RelatedThis netbook only has a user with non-administrative privs on it and root user but I do not have root's password.Is there a way that I can create a new administrative user of change the current user's group so that it can do sudo commands or have more privs?
View 1 Replies View RelatedIs it possible to allow a group/user to execute a command, where one of the parameters of the command is a group as well? example that does not work as intended:
Code:
Cmnd_alias SU=/bin/su -l %group1 This example works sortof, it treats the "%group1" literally. I know I can list out the "/bin/su -l <eachuser>", but as you can imagine that is impractical. In this example, I want people in group2(not shown for brevity sake) to be able to su to someone in group1
The normal user is now in the sudoers group. How can i allow it to install programs using it's own password rather than having to know the super-secret Root-Users password?
View 5 Replies View Relatedhaving an absolute mare on this one and doin me in.! I'm trying to install apache on fedora 9 to a non default directory /usr/local/apache as i need to set it up with resin see[URL]... I've removed the default install with yum remove httpd and then tried installing using apache's ./configure make make install commands. This all appears to work ok but when trying to start the server i get command not found error.any suggestions **ps why are the apache files all over the place in fedora..
View 14 Replies View RelatedI have apache installed and I have it all setup so that when I create a user, in their home directory i created a folder called public_html and then that user can upload web content. Users then can browse to their site by going to[URL],,.How can I get apache to show a different or default page if the user does not have a index.html file in their public_html folder. Cause if they dont, you get a 401 saying you dont have permissions to view, etc. So id like apache to default to something else if the user doesnt have a index.html.
View 1 Replies View RelatedI've created a virtual host and when I try to access it it displays the root of the Default Server. Running Fedora 11. This works fine in our Fedora 8, same configuration.
192.168.0.200
Default server is set to
Listen 80
virtual server
[Code]....
I have FC10 newly installed, and Apache is serving content from /var/www/ okay.
I'm trying to get Apache to serve web content from user's home directories. This is what I've tried with no success:
Uncommented 'UserDir public_htm' in /etc/httpd/conf/httpd.conf and commented out 'UserDir disabled'.
And...
Uncommented user directory section in /etc/httpd/conf/httpd.conf. It now reads as follows:
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
[Code].....
I also tried setenforce 0 to temporarily disable SELinux until the next reboot. No luck. It doesn't appear to be an SELinux issue.
That's as far as the information available will take me. I still get URL 'Not Found' when I try to access http://192.168.0.2/~myusername/
setting up user home directory web access?
this costed me a whole day of trying and retrying. I set up a small home server with apache, php, and mysql.
System infos:
Linux 2.6.31-22-generic-pae
Ubuntu 9.10 Karmic Server edition
Apache/2.2.12 (Ubuntu)
Until now, it served happily a couple of sites, with no problems. But now, I wanted to set up my ftp server to point to the same directory as one of the sites, for me to be able to upload and manage files via ftp. As a server I normally use proftpd. With my usual config, proftpd runs with its own user and simulates the user ftpuser:ftpgroup when creating files. So I just changed all the files to be owned by this user and group. Permissions set to 770.
Everything works fine, and I'm able to access the data via ftp. BUT, when I try to browse my site the usual way (i.e. point firefox to its address) a 403 forbidden error is issued. Of course, you will say: you didn't allow access to apache. Well, I remembered that right away, and added the user www-data to the ftpgroup user. Now I espect apache to be able to read and serve the files.
Still same problem. 403. The apache error log is full with "permission denied" errors. After many attempts, I logged in as the user www-data, and tested access to the files. This way I'm able to cd into the directory, and read-write the files with nano. As a test, I tryed the other way around. Setting www-data:www-data as the owner of the files, and adding the ftpuser to the www-data group. This way apache works, but proftpd does not. Most probably it has something to do with a misunderstanding of groups permissions or the way this two deamons access the files.
Me and 2 others are working on a website (Bob, Mike, and Joe). We made a group called developers and each of us are in the developers group. The Apache server runs as www-data. When we upload files, the file owner is the users name and the group is "developers".
/etc/group has the following
Code:
www-data:x:33:
bob:x:1000:
mike:x:1001:
[Code]....
I have always just set everything to 775 and just called it good. Well I don't want to wake up to a Russian political message plastered all over the site. It's time I do things properly.
I wanna that the pc starts (on/off), the pc arrives to gdm. It waits for an user to log.But but at the boot of this machine, I would like that an user has a script started in the processes (NO X cuz bash script).How can an user runs a script at boot of the PC ? (once only and no one loged)
View 4 Replies View RelatedI have had slack 12 on this computer for quite a while with never a problem. Slack 13.1 was installed a few weeks ago without a problem, it seems to run forever as long as it is root. When I go to user it will crash 2 or 3 times a day. When it crashes it is a total lockup that only the off/on switch will reset it. There is no certain time or thing that causes it, it will just lockup while surfing using the command line switching or opening a new le. Any suggestions will be appreciated! I have googled and searched with no info found.I do have 13.1 on another computer that works fine, it has an nvidea video card in it and it is 64 bit.
View 12 Replies View RelatedI want to enable User Directories in Apache. So in httpd.conf I set:
Code:
<IfModule mod_userdir.c>
#UserDir enabled // commented out
UserDir public_html
</IfModule>
Directory /home/kees is listed has the following file permissions: drwx--x--x 32 kees kees
Directory /home/kees/public_html has the following file permissions: drwxr-xr-x 2 root root
Directory public_html has two files: index.html and index.php, both with file permissions: -rwxr-xr-x 1 root root If I now try to open http://myhost/~kees/index.html (or index.php) in my browser I get a 403 Forbidden error. If I look in my error log I see the following messages if I first try to open the index.html and then the index.php file:
[Code]...
I'm trying to do a shell script which are suppose to run a program as a specific user at system boot up. The problem is that I don't know for sure how to make the script add the users password to the prompt when it's necessary.
Basically the program would be run like this:
sudo -u extrema program_name -r /srv/program_name -d
and in this example the password is, "hidden".
How would I make this script run this program as user extrema with the password "hidden" at boot-up? I know how to put the script in the rc.X directory and so on, its more the syntax of the code.
OK I have multiple developers on a system and I have setup a area on the web server where they all should have access to and all that fun stuff. Now I do not want to setup these developers default group to be this single group cause they could be members of multiple groups...
IE:
/var/www/cust1 - Group Cust1
/var/www/cust2 - Group Cust2
etc...
Then say for the developers:
dev1 - member of Cust1 & Cust2 - Default group is dev1
dev2 - member of Cust2 - Default group is dev2
dev3 - member of Cust1 - Default group is dev3
So when they go into say /var/www/cust1 only dev1 & dev3 should have access to modify files and when they create/edit files the owner should be the user and the group I want it to be Cust1. Then when going to say the Cust2 area new files and stuff have Cust2 group access with RWX.
Is this possible for users to just use their normal accounts, or will I need to look are setting up "project" accounts where they can su into say dev1cust1 account which will have the default group of Cust1?
how you all handle this and what I might be able to do so that the permissions stick.
I have apache working,i have users set under admin group in /home/admin/username/html that is with an html publicfolder at the end, now permissions are set right, /html is set to mode 777, and the contents also inside them. But everytime i do a 10.0.11.25/~les i get a damn forbidden error code, its got me so pissed off and i dont' know whats the problem. This is the error i get: Forbidden 403 You don't have permission to access /~les on this server.
Code:
[Tue May 05 19:37:48 2009] [notice] Apache/2.2.11 (Unix) DAV/2 PHP/5.2.6 configured -- resuming normal operations
[Tue May 05 20:44:30 2009] [error] [client 10.3.0.254] (13)Permission denied: access to /~les denied
[code]....
In graphic interface, when I use dolphin to view the files in super user mode, this application runs very slowly, and react dull at each request!
View 7 Replies View Relatedaccidently deleated ubuntu lucid default theme,and lost the default user logon,it's now flat and gray.how to get it back?i still have the background, not the user logon
View 8 Replies View RelatedI can't figure out how to make files have a different default owner:group.. Example:I need the users of my group called gpib, to create new files with: username:gpib, instead of the default: username:username
[Code]...
What I want to be able to do, is have create a group, for example called "group1" and set its default permissions to read & write, instead of the usual just read.
So when I add a user into "group1" they automatically have read & write access to all files & directories which is in "group1".
Oh & I use crunchbang 10 (statler) for my desktops & Ubuntu 11.04 for my NFS/print/SSH/etc/etc server