Re: Web site users, and ftp
On Wed, 2002-11-06 at 15:31, Debian User wrote:
> Thanks for the help Mark.
>
> Ok, what I would like to is web/email hosting for friends and a few
> clients. (so far email works fine with postfix)
>
> So, they need to have their own private domain name/web site/email per user.
>
> This means they need to have their own container. (presently I store
> all these folders in /var/www)
> The users need to be able to upload files into their container without
> the help of me. (one user per account).(with ftp they login to their
> user directory, they won't know where /var/www is. Should I add a
> symlink to /var/www/user_html in their home directory to solve this).
> Samba works great on the network here, but that won't work accross the
> Internet for file transfer will it?)
>
> Presently I only use (1) ip address, so far so good.
>
> My Debian box is pretty plain, everything is apt-get installed, nothing
> compiled yet.
>
> Ok, so FTP is bad to use, so what do all these web hosting companies
> tell their users to use to upload files? from what I am finding out,
> they all use different procedures with different file transfer clients?
>
> It just seems like I setup this stuff like the majority of other new
> Debian users, and it would seem that I am not pioneering anything here,
> so why all the diffferent ways of doing things with such a simple setup.
Well, actually, it's not a simple setup. It would have been, but then
you had to go throw in that "multiple domain names" bit.
You'll need to set up Apache "virtual domains"; if you want to keep on
with only 1 IP address, you'll need to set up "name-based virtual
domains", which needs HTTP/1.1 in order to work. I haven't done this
yet, but there have been a couple of threads about this recently. When
you set up a virtual domain, the <VirtualDomain> block in the apache
configuration file includes a line which specifies where to look for the
content for that virtual domain.
Your problem appears to be that
a) You need virtual domains and you just don't know it yet, and
b) You're worried about where to put things.
The first problem is a google search away - search on "virtual domain
Apache HOWTO"; the documentation you need is in the first page of hits.
Where you put the content is irrelevant, so long as the place where your
users put it and the place where Apache looks for it is the same.
/home/user*/www is just fine, so long as your users know to put the
content in ~/www and each virtual domain in Apache is set to look there.
Each domain name needs to be pointed at your server; if you do it all
with just 1 IP, Apache needs to be told to use name-based virtual
domains; if you get 1 IP per domain name, then you need IP aliases
(search google for "Linux IP alias").
If you're still having permission problems, it's because your ftp server
isn't set up properly for your situation. You want to publish new
files, so you need to make sure that the umask that the ftp server uses
is 022; check the configuration file for your ftp server. For
reference, I use proftpd, and the configuration file is in
/etc/proftpd.conf.
One last thing that I would recommend is blocking these users from
having shell access if they don't need it. Given the fact that they
aren't already clued into the fact that ftp sends passwords over the net
in plain text, ready to be grabbed by anyone between them and the server
with a packet sniffer, they probably don't need shell access. Make sure
that /bin/false is listed in /etc/shells, then change the shell of each
user who is going to be using ftp to be /bin/false. If you haven't done
that before, it's (as root):
# chsh <<user to be blocked>>
/bin/false
HTH,
--
Stephen Ryan Debian Linux 3.0
Technology Coordinator
Center for Educational Outcomes
at Dartmouth College
Reply to: