|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Best way to do webserver permissions for multiuser?
I have a webserver with multiple users, nginx runs as www and php-fpm runs scripts as particular users. Users sites go in /var/www/sites/username and this works. I'm wondering what the most secure way to do permissions is.
|
|
|||
Are you referring to "permissions" as folder/file permissions?
If you want individual user files to be owned only by the users then chmod -R 600 and chown -R user.wheel /var/www/username? |
|
|||
I want files owned by users, but accessible by the webserver for reading. I think having them owned by the user but with the group www as I'm doing now works. However I'm not quite sure if new files will be owned by group www without the user in that group. fpm runs as users, so php config files can be set readable only by the user to prevent other users screwing around in the database.
If files in a directory owned by a user but with group www can be created and whatnot (for everything a user would want to do with their website), and I don't need to put users in the group www it would be great. That way users can only see their files, and nginx can see everything it needs. |
|
|||
I just realized I can put www in the users groups. This should do the job, I think.
|
|
|||
Just for the record the best way actually seems to have directories owned by www in with the users group for example chown www:john /var/www/sites/johntate.org and chmod 570 /var/www/sites/johntate.org
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
howto provide webserver access from internet | frcc | OpenBSD General | 3 | 20th June 2012 02:00 AM |
openbsd webserver redirecting | hack2003 | OpenBSD General | 2 | 10th August 2010 09:58 PM |
openBSD webserver tutorial | werwer | OpenBSD Packages and Ports | 2 | 29th May 2010 04:20 PM |
Maintenance free webserver | Yuka | FreeBSD General | 1 | 29th November 2008 10:36 PM |
Webserver email queue | Yuka | FreeBSD General | 5 | 12th November 2008 12:52 AM |