Advice on setting up a stage environment

abliss at brockport.edu abliss at brockport.edu
Sun Jun 22 12:42:33 UTC 2008 

Nabeel 
There is not a way to force the creation of a file to be owned by a particular user, however you can control the group ownership of files and directories by setting the sgid bit.  So, you can create a web group for example, add your developers to that group, set the sgid of your web directory, then grant group ownership of all the web content to the web group.  You'll need to pay attention to the permission set of newly created content though (ensure that the web group can always rwx content).

Aaron

----- Original Message -----
From: Nabeel Moidu <nabeelmoidu at gmail.com>
Date: Sunday, June 22, 2008 8:26 am
Subject: Advice on setting up a stage environment
To: General Red Hat Linux discussion list <redhat-list at redhat.com>

> Hi
> 
> I'm trying to setup a server that will be used by multiple users in my
> department. some of them are java developers, while some are php
> developers.
> 
> The server needs to run both tomcat and apache. I need to setup the
> servers such that
> 
> 1) Users should be able to upload files to the apache and tomcat root
> ( of course without upsetting the default permissions on the folder (
> 644 ) and ownership apache.apache and tomcat.tomcat )
> 2) Any code uploaded( I'm using ftp here) by the php developers should
> be automatically owned by apache user. And that uploaded by java
> developers should be owned by tomcat user.
> 3) The  tomcat and apache users should not be used for the ftp logins
> ( I don't think its a secure practice, if anyone has other opinions
> pls let me know)
> 
> I was able to do this with one user using virtual users on ftp. I gave
> the developer a login and set chown_upload to apache user. But it does
> not work for multiple users.
> Another option is add users to the tomcat or apache groups and set 664
> on the document root folders but I'd prefer something better.
> 
> How do you normally setup development environments while maintaining
> the security policies of the company ?
> 
> -- 
> Thanks and Regards
> Nabeel Moidu
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list