[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Apache/PHP/FTP and user rights



Dear all,

I'm facing a problem I thought would be fairly easy to deal with, but
haven't found a proper solution. Here it is :

We have a web werver hosting a few tens of customers using
VirtualHosts. We have mod_php and use FTP for updates, each customer
having its own UID.

Thus :
- customers files are uploaded with user.user rights.
- Apache runs as www-data.www-data

The problem is that with that kind of setup, Apache can't create files
in dirs owned by user.user. Even by switching files from user.user to
user.www-data, if a file is created by Apache it won't be deletable by
FTP.

What we consider the "right" solution would be to have Apache run as
user.user in each virtual host. This seems to be doable with
User/Group directives. Unfortunatly :
- mod_php doesn't honor that
- using a CGI php requires the use of suEXEC, which in turn requires
  that the php4 parser be installed in /var/www (hardcoded
  documentroot) and that it belongs to user.user, which is quite
  annoying.

I tend to think that what I want to do is not something quite
unusual. Maybe I missed a straightforward point somewhere. I hope
somebody will be able to point me to the right direction.

-- 
Nicolas Bougues
Axialys Interactive



Reply to: