Announcement

Collapse
No announcement yet.

Cloudlinux and custom virtualhost

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Cloudlinux and custom virtualhost

    Hello all,

    We have server with Centos 6.8 + cPanel v62 + Cloudlinux + Cagefs.
    We have added custom vhost to the system in /etc/apache2/conf.d/includes/post_virtualhost_global.conf with the following content:

    Code:
    <VirtualHost IP_ADDRESS:80>

ServerName domain.example.com

DocumentRoot /var/www/test

<IfModule suphp_module>

suPHP_UserGroup user1 user1

</IfModule>

<IfModule suexec_module>

<IfModule !mod_ruid2.c>

SuexecUserGroup user1 user1

</IfModule>

</IfModule>

<Directory /var/www/test>

AllowOverride all

Options Indexes FollowSymlinks

DirectoryIndex index.php index.html

Require all granted

</Directory>

</VirtualHost>
    This vhost is executed with user1 permissions.

    We need this vhost/user have access to /home/*/public_html dirs via web (read and write files there). Is this possible and how can be achieved if possible?

    Thanks.
    Tags: None
  • #2
    Hello,

    Do you mean you would like to have a virtualhost that can browse all other users public_html directories? Why you need it?

    Comment

    • #3
      Yes, something like this. Ita project that need access to them.

      Comment

      • #4
        Its not possible to do so by means of apache vhosts. I even do not think it is possible at all without some additiona --bind mounts.. But you are making great security hole which overall goes in a contrast to what CageFS was designed for.

        If I were you, I would try finding other solution to match what project need.

        Comment

        • #5
          Can you offer some alternative? This particular user/vhost have to read and write files somewhere where all other vhosts/users can read and use them.

          Comment

          • #6
            There is no nice solution for this, you will still need to disable some security part of CloudLinux like symlic owner protection.

            If other users just need to read files I see a way to do it with:
            1. Create vhost for that user, with document root like /var/www/test/ . With this a test vhost will be able to write/read files into it.

            2. Mount that directory to each user with /etc/cagefs/cagefs.mp , just add /var/www/test/ in it and run cagefsctl --rmeount-all. http://docs.cloudlinux.com/index.html?mount_points.html

            3. Create a symbolic link inside every virtualhost like:

            Code:
            ln -s /var/www/test /home/user/public_html/shared_content
            This have to be done automatically with some cPanel hooks.

            Comment

            • #7
              Thanks Bogdan. I managed to do this the same way as you suggested. Thanks.

              Comment

              Previous template Next
              Working...
              X