i've got some general questions about filesystem permissions/users/groups for a webserver. i've read several orielly books but none seem to address this specifically.
i'm relatively new to linux administration and am migrating to fedora 3 from win2k (both running apache 2, php, perl, and mysql). installation was much easier than i anticipated, and the only major snag i've run into is file permissions. i understand them (i have experiece with *nix as a user), but don't know how i'm supposed to properly setup htdocs ownership, group, and permissions.
very few users (<5) will actually log in to the shell, but i have several virtual hosts (most maintained by me, but several not). the other people who i'm hosting i only want to give them access via ftp.
my existing directory tree looks like:
ideally, where should htdocs be? i put it in /home/htdocs so that i can simply backup /home and get everybody's stuff
what permissions should give to /htdocs (nothing is in there except the directories for virtual hosts)? keep in mind i run a lot of cgi/php that adds/modifies various files.
can i leave the external users' virtual host directory in the htdocs tree or is it substantially better to move it to their home directory?
what groups should i use for the users? fedora creates a unique group equal to the username for each user. is it better to use "users" and/or "webusers"?
what group should i set the html/php/cgi docs to? and the htdocs directory?
what owner/group should mysql databases be set to? i copied them from my previous db and it inhereted 'root', which prevents mysql from accessing them. i chown'd/chgrp'd them to mysql/mysql.
i GREATLY appreciate any and all thoughts on the matter!
i'm relatively new to linux administration and am migrating to fedora 3 from win2k (both running apache 2, php, perl, and mysql). installation was much easier than i anticipated, and the only major snag i've run into is file permissions. i understand them (i have experiece with *nix as a user), but don't know how i'm supposed to properly setup htdocs ownership, group, and permissions.
very few users (<5) will actually log in to the shell, but i have several virtual hosts (most maintained by me, but several not). the other people who i'm hosting i only want to give them access via ftp.
my existing directory tree looks like:
htdocs
--vaxlan.net
----www.vaxlan.net (default site)
----photos.vaxlan.net
----turtle.vaxlan.net (other user site)
----jsk.vaxlan.net (other user site)
--tamuphotoclub.org
----www.tamuphotoclub.org
----new.tamuphotoclub.org
--jscottkelley.com
----www.jscottkelley.comideally, where should htdocs be? i put it in /home/htdocs so that i can simply backup /home and get everybody's stuff
what permissions should give to /htdocs (nothing is in there except the directories for virtual hosts)? keep in mind i run a lot of cgi/php that adds/modifies various files.
can i leave the external users' virtual host directory in the htdocs tree or is it substantially better to move it to their home directory?
what groups should i use for the users? fedora creates a unique group equal to the username for each user. is it better to use "users" and/or "webusers"?
what group should i set the html/php/cgi docs to? and the htdocs directory?
what owner/group should mysql databases be set to? i copied them from my previous db and it inhereted 'root', which prevents mysql from accessing them. i chown'd/chgrp'd them to mysql/mysql.
i GREATLY appreciate any and all thoughts on the matter!
