I am trying to set up an ampache server using apache as the webserver. The instructions have the following line as one of the requirments: Your webserver has read access to the /sql/ampache.sql file and the /config/ampache.cfg.php.dist file..I have essentially zero experience with apache, and I'm not sure how to grant read access to a file.
On RedHat 5 64-bit.I have a group that requires read-only access to the /var directory.I believe someone mentioned SGID and ACL stuff, and I've been researching this solution, but I wanted to check with you all first to ensure there wasn't an easier way to do this. Basically, I just need folks that belong in this certain group to read the contains of any file/directory contained within /var.
I am trying to setup a Rsync backup method.I have multiple files and folders all OWNED by different users.Now I can read the files as root.But I want to make a user for RSYNC that can ONLY read all these files for copying them across.It requires to create a non password login and I dont want to do that with the root user ! I have tried to create a new user and use 'setfacl':setfacl -m u:someuser:r /var/test.But when I su to 'someuser' I cannot copy the files to my homedir. So I think it wont work for rsync also.
I installed Apache server with Debian 5.0.2 Lenny. I am trying to write a script which would analysis web log files. I found the log files on /var/log/apache2. There is an access log file, `access.log`. My question is what configuration file determines the location and the name of the access log file. How can I change them? I used CustomLog in /etc/apache2/apache2.conf like below.LogFormat ": %h %l %u %t "%r" %>s %b" common CustomLog /home/test/my_log_file common Apache2 generated /home/test/my_log_file. But no logs were written in the file even after I run `/etc/init.d/apache2 restart`. Ichanged the log file location. It still didn't work. However, Apache2 still wrote logs in the file `/var/log/apache2/access.log`
What are the possible problem when Windows access the file from Ubuntu got Read Only even though have a full permission to read, write and execute the file? Ubuntu to Ubuntu accessing the file there is no problem only Windows got a problem.
I am trying to setup my webserver and I am trying to make a website to run under suexec but somehow I cannot start my apache it directly fails and SELinux is giving me errors and don't really know what to do with it, it is giving me some command to type but not sure if this will make my server less secure. The SELinux error is as follow:
Code: Summary: SELinux prevented httpd reading and writing access to http files.
Detailed Description: SELinux prevented httpd reading and writing access to http files. Ordinarily httpd is allowed full access to all files labeled with http file context. This machine has a tightened security policy with the httpd_unified turned off, this requires explicit labeling of all files. If a file is a cgi script it needs to be labeled with httpd_TYPE_script_exec_t in order to be executed. If it is read-only content, it needs to be labeled httpd_TYPE_content_t, it is writable content. it needs to be labeled httpd_TYPE_script_rw_t or httpd_TYPE_script_ra_t. You can use the chcon command to change these contexts. Please refer to the man page "man httpd_selinux" or FAQ [URL] "TYPE" refers to one of "sys", "user" or "staff" or potentially other script types.
Allowing Access: Changing the "httpd_unified" boolean to true will allow this access: "setsebool -P httpd_unified=1"
Fix Command: setsebool -P httpd_unified=1
I will write down how I did setup my server so maybe you can see a mistake I did. First I changed my Apache httpd.conf I added the following to it: Code: NameVirtualHost 192.168.1.2:80 <VirtualHost 192.168.1.2:80> ServerName localhost DocumentRoot /var/www/html DirectoryIndex index.html index.html index.shtml index.php </VirtualHost>
Then I created the username "ulyaoth" with the group "ulyaoth" as I specified with my suexec, then I created all the directories as specified in my httpd.conf and "chown ulyaoth:ulyaoth (dirname)" them to the right group and username.
I'm using Kubuntu 10.04 at the moment. Every time I log in, KDE Wallet asks me to give a password so that Kopete can access my login password to login. Is there any way you can 'grant permission' to access the wallet for certain applications so that I don't have to fill in my password every time?
I have wicd 1.6.1 (bzr-r426) and it is working very good with my root user but with all those which have not the root rights wicd asks for superuser password to connect. I want to avoid this pop-up window to be shown, how can I proceed? I first thought about the sid and gid but it seems that there is no improvements using chmod 4755 and 2755 on the different files involved in.
I have a JavaCL program trying to open a port on 41xxx and it is getting permission denied unless I run it as root. I would like to grant a single user this permission for opening this port. This program runs fine on a vanilla ubuntu install but not on server. Where does Ubuntu handle user permissions for opening ports?I understand this is typically a no-no on a server but this is an unusual circumstance.
I am installing Big Brother on a CentOS 5.2 running the default Apache 2.2.3. When I try to access any web page I get the following error: Forbidden You don't have permission to access /bb/ on this server. Apache/2.2.3 (CentOS) Server at fmsubbnix Port 80 So far I have:
1) Set the Directory options to FollowSymLinks 2) Verified all directory and file permissions are at 755 3) Set permissions temporarily to 777 and received same error so I am assuming the issue is in a config file somewhere 4) in hhtpd.conf verified <Files ~ "^.ht"> is correct 5) verified the "default" directory is correct (/var/www/html)
I have read and tried several ideas in posts listed on the web but to no avail and am at a loss as to what to look for next..
Is there any way to grant access to non root users to use some commands like reboot and date and some other commands that root user can work with .I tried chmod on their binaries and added them to root group but nothing happened.
There are some log files that I wish to get some information from (Apache Access Log) but it is huge! All I need as of right now is any information from date and time A to date and time B. What commands can I use to extract this information from the access_log and put it into another file with just that information? I created a file called "access_info" by doing Code: touch access_info but I was not sure where to go from there.
I own a particular file on a Linux system. I would like to give 2 groups (accounting, shipping) read access and only read access, and 3 users(Mike, Raj and Wally) write access and only write access. How can I accomplish this?
I have apache2 running on my computer. I want to change the permissions for /var/www/ so that I can edit the files without a problem. Right now I can use the gksudo command, but I'd like to be able to have all the files available when using an IDE like eclipse. I've read in several places that Code: chmod 755 /var/www will do, but if I'm not mistaken that would give read/write access to anyone. I'm not in a production environment, so I'm not too worried about security, but I'd like to give anyone else as less permissions as possible. Would this be possible?
I'm having a problem when I try to connect to my apache2 server from any client in my network using the .local address with the firewall on. I opened the port 5353 UDP but I still can't connect. The only way I can connect is disabling the firewall which I don't like to do on the server. What I'm doing wrong?
i have already configured a domain in my server. now i have configured multiple local ip addresses,can i configure a domain for each local ip address. is it possible. if possible how can i access the web page through apache.Because already i am accessing the web page for a pre-configured domain from the path /var/www. if i able to create new domain.From where the apache fetches that index.html file, when requested through browser.
I want to be able to assign the group "readers" read access to guests/c1 but it says access denied. but it shows r-x acsess. i want to be able to control who has read access and not just give it to everybody.
I've hit a wall here; I'm attempting to find some way by which to view files and cd into directories on a device mounted read-only. So I need the permissions to read, write, execute (and the same with directories), but chmodding is out of the question because I don't want to alter the drive one iota.
I guess what I could do--what I was thinking of initially--was to dupe the whole drive and then mess with permissions. This wouldn't affect the original (actually I'm working on a duplicate of the original, but I'm treating it as if it were the original) but I was hoping for something that would maintain data integrity. This is a forensic application and not altering the data is very important.
I have a fresh fedora 13 install, I managed to browse and setup my phpadmin.....and browse everthing locally. I can not browse the web site from any other machine in my network. All my machines get their IPs from my dhcp (192.168.1.0).I googled and read a thread in this forum, I understood it might be due to SELINUX. I disabled it, rebooted, still have the same behavior, browse my apache locally but not from other machines. I did a telnet from one of my machines using the IP as followstelnet 192.168.1.11 80got the following onnecting To 192.168.1.11...Could not open connection to the host, on port 80: Connect failed.I checked error-log and access_log file, found no hint. I think it should be something related to some fedora systemor firewall or selinux config that is not allowing access to it.
I am looking for the best way to set up permissions in the following situation. I have a web server set up on debian. I have different web sites in /var/www. Each web has a group of developers who each have system users and ssh access to the server. For example i have a web site in /var/www/example.com and a group of developers in group exampledev. I need all the users in exampledev plus the apache user (www-data) to have read write and execute permissions on all the content of the web site. I can give the group exampledev these permissions without a problem. The problem is that when they modify or create new files (they either connect via ssh o sftp which is the same right?) they are created with their user and group rather than exampledev. Am i going down the wrong path? This must be a common situation but i haven't found the solution.
We have Apache installed on CentOS 5.3 in our laboratory. Indeed the server is running fine for almost two years since it is actually the first CentOS 5 that was released just regularly updated. Now, most of our applications are custom made PHP applications and until now we somehow managed to avoid using PHP to fetch files that are on the internet itself. But now we are desperate because we need to allow PHP to fetch files through Apache but it seems as if Apache is not allowed to make a connection to the outer world. Additionally we use a proxy server to connect to the outer world so right at the beginning http_proxy is used to set that environmental variable. And for the root user it all works fine after that but it seems as if the apache user is not allowed to access the internet. Just to make a remark our web server can be accessed from the outer world so its a one way street for now.
I have a requirement related to the apache access log file format: When a user access my local site, http authentication will be displayed:
Code: username: saagar password: 123 I wish to have the LogFormat in the configuration file in such a way that the username and password (saagar/123 in this case) will be logged in the /var/log/apache2/mysite_access_log file. I used the %u parameter as follows: Code: LogFormat "%h %u "%r" %>s %b" common CustomLog /var/log/apache2/mydreamhome_access.log common and it works, similarly I wish the password too to be displayed in the access_log file.