Hey all,

I host a few smaller websites for people and I'm having some trouble working out how I want my permissions setup... I'm planning on setting them up with a SCP-only shell, as to prevent them from actually running commands.

The end goal is for every user to not be able to read ANY of the files of any other user's web directory. The exception being root of course.

I've heard good things about setting up users with their own directory in their home folder. This solves the problem of users seeing eachother's files. Each user could potentially have multiple domains names (meaning multiple htdocs folders), is it feasible to create the following folder structure?

/home/
`--- user1/
     `--- domain1.com/
          `--- htdocs/
          `--- logs/
          `--- random_aliased_folder/
     `--- domain2.com/
          `--- htdocs/
          `--- logs/
          `--- random_aliased_folder/
`--- user2/
     `--- domain3.com/
          `--- htdocs/
          `--- logs/
          `--- random_aliased_folder/
     `--- domain4.com/
          `--- htdocs/
          `--- logs/
          `--- random_aliased_folder/
     `--- domain5.com/
          `--- htdocs/
          `--- logs/
          `--- random_aliased_folder/
     `--- domain6.com/
          `--- htdocs/
          `--- logs/
          `--- random_aliased_folder/

Obviously apache needs full write permissions for logs/ and read permissions for htdocs/ and random_aliased_folder/... It may also need write permissions to certain files (think htdocs/config.inc.php), if only temporarily. Will this make log rotation hard? IE logs/access_log -> logs/access_log.0908.gz...

How involved will something like this be? I'm planning on moving my /home directory over to my second partition, so I don't have to move stuff around if I redeploy.

Any light anyone could shed on this project would be helpful.

Thanks,
Smark

You should be able to do all that with proper configuration of apache. Though you should be aware that if you have a single instance of apache running all these web sites, it will be possible for your users to write php or perl scripts that could be invoked by apache to read data in other user's folders. That because the user "apache" that is running one users scripts is the same user that can read all the apache related files for all users.

You can get around that by having a different instance/copy of apache running for each user, each under a different apache ID. I don't think that puts much strain on the server.

But I think you can do what you want. See the VirtualHost directive.

Alternatively, you can use suPHP or run PHP under CGI/FastCGI - which is much simpler than having a different apache instance for each user!

Use chroot?