[PLUG] Ownership of /var/www on Ubuntu 8.04
Carlos Konstanski
ckonstanski at pippiandcarlos.com
Tue Nov 25 22:36:35 UTC 2008
On Tue, 25 Nov 2008, Richard C. Steffens wrote:
> Date: Tue, 25 Nov 2008 14:22:07 -0800
> From: Richard C. Steffens <rsteff at comcast.net>
> Reply-To: "General Linux/UNIX discussion and help; civil and on-topic"
> <plug at lists.pdxlinux.org>
> To: PLUG List <plug at lists.pdxlinux.org>
> Subject: [PLUG] Ownership of /var/www on Ubuntu 8.04
>
> I installed Apache with synaptic on my Ubuntu Hardy system and have get
> "It works!" page when I surf to localhost localhost. I find the file
> that produces "It works!" in /var/www/index.html. The current ownership
> of /var/www is root:root. Should I change that to root:(some-web-group)
> and add myself to the group, or is there a another preferred approach to
> allowing myself to edit files for my local web site?
>
> --
> Regards,
>
> Dick Steffens
There are probably a lot of different answers to this question. My
answer is to never use the default apache DocumentRoot directly.
Instead, I always make VirtualHost directives that point to
DocumentRoots that lie deeper than /var/www. For instance, here is my
"default" web location on my workstation:
<VirtualHost *:80>
ServerName sphinktoo.pippiandcarlos.com
ServerAdmin ckonstanski at pippiandcarlos.com
DocumentRoot "/var/www/html/site/sphinktoo.pippiandcarlos.com"
<Directory "/var/www/html/site/sphinktoo.pippiandcarlos.com">
Options Indexes Includes FollowSymLinks ExecCGI
AllowOverride Limit
Allow from all
Order allow,deny
</Directory>
</VirtualHost>
In gentoo, you get /var/www/html for free. I built the rest of the
path. /var/www/html is still owned by root on my system. So is
/var/www/html/site. (There is a /var/www/html/users that gentoo
provided for UserDir, but I have that disabled. I created the site/
directory so that this directory level would remain uncluttered.)
/var/www/html/site/sphinktoo.pippiandcarlos.com is the first directory
in this tree that is owned by a normal user.
I like this aproach because you might want to put other things in
/var/www/html (or the equivalent on your system), like a cgi-bin
directory, a webdav permissions directory, or a subversion repo. I
would keep this from being browseable.
Carlos Konstanski
More information about the PLUG
mailing list