[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] OT: need help configuring web server on Ubuntu Server to allow file uploads



In order for apache to be able to read (and therefore server) files,
they much be either readable by the apache user or readable by by
everybody.  You can't really get around that.

apache's DocumentRoot is normally set to /var/www.  That means that any
files in /var/www will be visible to the apache system (but only
readable if the permissions are set appropriately).  apache can also
follow symlinks (if properly configured), so it can serve files that are
not in /var/www -- for instance, /mnt/public_files.  However, there needs
to be a symlink:  /var/www/somename which points to /mnt/public_files.

If you let your faculty and students drop files into /mnt/public_files,
it's almost certain that they'll be accessible through apache.  The only
thing that would prevent it is if there were no read permissions on the
file.  But most Linux systems default to creating files with 755
permissions (rwxr-xr-x), so you should be ok.  Still, there will be
occasions where the permissions aren't right.  I've experience a default
of 700 permissions (rwx------) when moving files from my digital camera
to my computer.  But a cron job could periodically fix all the
permissions with this command:

chmod -R o+rx /mnt/public_files/*

or something similar.

-Rob

On Mon, Apr 23, 2007 at 10:37:55AM -0400, David Whitmer wrote:
> Our school has a small public web server (Ubuntu Server 7.04 with its
> LAMP setup), separate from our main web site, just to play around with
> learning Apache and related things.
> 
> I want to configure this web server to allow one of our teachers to
> easily manage files in one of the web server's folders (e.g.
> /var/www/classprojects ).  By "easy", I mean being able to open up a
> graphical SSH connection (whether with WinSCP in Windows or "Connect
> to SSH server" in Gnome) and just drag-and-drop files/folders to copy
> them to the designated web server folder, and have all the file
> permissions automatically work so that the general web browsing public
> would not have any problems viewing whatever this teacher uploads.
> 
> I have already done a lot of searching, both with Google and in the
> Ubuntu forums, and feel like I'm getting the runaround, in that the
> advice I have found so far typically sounds like "just install vsftp"
> or "just set the file permissions" and then "everything will just
> work".  But it doesn't for me.  At least, not so that the file
> permissions work automatically, i.e., telling the teacher that after
> uploading the files, their permissions would then need to be changed
> so the public can view them, would not be acceptable.
> 
> I'm sure I'm overlooking something obvious.  But I do not know what.
> 
> Does anyone have any ideas on what I can or should do to be able to
> implement my goal?
> 
> Or maybe a better question might be... What would you all consider to
> be a "best practice" when configuring a public web server on which you
> want to allow specific users to be able to upload whatever files they
> want to the web server, but without requiring that they execute
> chown/chmod post-upload so the public can view those files?
> 
> Even just pointing me to an Internet site that would answer my
> questions would help immensely.
> 
> Thanks!
> 
> David Whitmer
> Director of Media & Technology
> Calvary Schools of Holland (Michigan)
> web: www.calvaryschoolsholland.org
> email: thewhitmers gmail com
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN redhat com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]