Announcement

Collapse
No announcement yet.

Cloudlinux and custom virtualhost

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cloudlinux and custom virtualhost

    Hello all,

    We have server with Centos 6.8 + cPanel v62 + Cloudlinux + Cagefs.
    We have added custom vhost to the system in /etc/apache2/conf.d/includes/post_virtualhost_global.conf with the following content:

    Code:
    <VirtualHost IP_ADDRESS:80>
    
    ServerName domain.example.com
    
    DocumentRoot /var/www/test
    
    <IfModule suphp_module>
    
    suPHP_UserGroup user1 user1
    
    </IfModule>
    
    <IfModule suexec_module>
    
    <IfModule !mod_ruid2.c>
    
    SuexecUserGroup user1 user1
    
    </IfModule>
    
    </IfModule>
    
    <Directory /var/www/test>
    
    AllowOverride all
    
    Options Indexes FollowSymlinks
    
    DirectoryIndex index.php index.html
    
    Require all granted
    
    </Directory>
    
    </VirtualHost>
    This vhost is executed with user1 permissions.

    We need this vhost/user have access to /home/*/public_html dirs via web (read and write files there). Is this possible and how can be achieved if possible?

    Thanks.

  • #2
    Hello,

    Do you mean you would like to have a virtualhost that can browse all other users public_html directories? Why you need it?

    Comment


    • #3
      Yes, something like this. Ita project that need access to them.

      Comment


      • #4
        Its not possible to do so by means of apache vhosts. I even do not think it is possible at all without some additiona --bind mounts.. But you are making great security hole which overall goes in a contrast to what CageFS was designed for.

        If I were you, I would try finding other solution to match what project need.

        Comment


        • #5
          Can you offer some alternative? This particular user/vhost have to read and write files somewhere where all other vhosts/users can read and use them.

          Comment


          • #6
            There is no nice solution for this, you will still need to disable some security part of CloudLinux like symlic owner protection.

            If other users just need to read files I see a way to do it with:
            1. Create vhost for that user, with document root like /var/www/test/ . With this a test vhost will be able to write/read files into it.

            2. Mount that directory to each user with /etc/cagefs/cagefs.mp , just add /var/www/test/ in it and run cagefsctl --rmeount-all. http://docs.cloudlinux.com/index.html?mount_points.html

            3. Create a symbolic link inside every virtualhost like:

            Code:
            ln -s /var/www/test /home/user/public_html/shared_content
            This have to be done automatically with some cPanel hooks.

            Comment


            • #7
              Thanks Bogdan. I managed to do this the same way as you suggested. Thanks.

              Comment

              Working...
              X