BLOG ESPERANCA

CentOS 6.3 사용자별 apache서비스 하기 본문

OS/Linux

CentOS 6.3 사용자별 apache서비스 하기

yobuce 2013. 1. 9. 01:56

기존에 인터넷에 있는 방법으로 사용자별 서비스가 안되길래 외국 사이트를 뒤졌더니..

setsebool  명령어를 써서 옵션을 변경하는 부분이 있습니다. 참고하세요.





This is quick guide howto enable Apache userdirs with SELinux on Fedora 17/16/15/14/13/12, CentOS 6.3/6.2/6.1/6/5.8 and Red Hat (RHEL) 6.3/6.2/6.1/6/5.8. This guide assumes that you haveApache (httpd) server installed on your system. This guide uses separeted userdir.conf without touching httpd.conf so later default httpd.conf can be overrided or whole configuration moved simply. This guide uses user called testuser and should be replaced by real user name(s).

Enable Apache Userdirs

1. Change root user

su -
## OR ##
sudo -i

2. Create /etc/httpd/conf.d/userdir.conf file

Open file, with our favorite editor, like:

nano -w /etc/httpd/conf.d/userdir.conf

Add something like following content to file:

<IfModule mod_userdir.c>
    #
    # UserDir is disabled by default since it can confirm the presence
    # of a username on the system (depending on home directory
    # permissions).
    #
    UserDir enabled testuser
 
    #
    # To enable requests to /~user/ to serve the user's public_html
    # directory, remove the "UserDir disabled" line above, and uncomment
    # the following line instead:
    #
    UserDir public_html
 
</IfModule>
 
<Directory /home/*/public_html>
        Options Indexes Includes FollowSymLinks
 
        AllowOverride All
        Allow from all
 
        Order deny,allow
</Directory>

And save file.

Note:
To allow a few users to have UserDir directories, but not anyone else, use the following:

UserDir disabled
UserDir enabled testuser1 testuser2 testuser3

To allow most users to have UserDir directories, but deny this to a few, use the following:

UserDir enabled
UserDir disabled testuser4 testuser5 testuser6

3. Start/Restart Apache (httpd)

/etc/init.d/httpd start
## OR ##
/etc/init.d/httpd restart

4. Create public_html directory/directories

Make public_html directory/directories on user/users home dirs.

mkdir /home/testuser/public_html

5. Change the correct permissions to home and public_html directories

## home directory ##
chmod 711 /home/testuser
 
## public_html directory ##
chown testuser:testuser /home/testuser/public_html
chmod 755 /home/testuser/public_html

6. Set proper SELinux settings for Apache homedirs (httpd_enable_homedirs)

setsebool -P httpd_enable_homedirs true

Looks like older SELinux versions needs also following (example CentOS and Red Hat):

chcon -R -t httpd_sys_content_t /home/testuser/public_html

Test Enabled Apache Userdir

Go to url http://localhost/~testuser/

Should look something like following:
Testuser Apache Homedir

Test HTML and PHP under Apache Userdir

Create following files ~/public_html/test.html and ~/public_html/test.php
~/public_html/test.html content

<html>
  <head>
    <title>Testing Apache Userdir</title>
  </head>
  <body>
    <h1>Testing Apache Userdir!</h1>
  </body>
</html>

~/public_html/test.php content

<?php
  phpinfo();
?>

Reload browser:
Testuser Apache Userdir Test Files Added

Check test files:
Testing apache Userdir
Testing Apache Userdir PHP