1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Map /home/userdir into apache-jail

Discussion in 'Web and Network Services' started by bsus, May 1, 2012.

  1. bsus

    bsus New Member

    Messages:
    299
    Likes Received:
    0
    Hello,

    Is there a way to mount/map the user data into an (ezjail) so that apache (php) can have access to the files? How do I do this secure (ZFS writeable snapshot?)? How do I handle the permissions (home files must be writeable for apache)?

    Regards
     
  2. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,375
    Likes Received:
    1
    Use nullfs(5) and mount it read-only.

    For example:
    # mount -t nullfs -o ro /home/myhomedir /jails/web/storage/

    Then configure Apache to show the /storage/ directory.
     
  3. bsus

    bsus New Member

    Messages:
    299
    Likes Received:
    0
    I am failing with configuring Apache:

    httpd.conf:
    Code:
    <Directory "/usr/local/www/apache22/data/owncloud/data/bodo/files" />
        AllowOverride None
        Order allow,deny 
    </Directory>
    
    Code:
    # /usr/local/etc/rc.d/apache22 restart
    Performing sanity check on apache22 configuration:
    Syntax error on line 172 of /usr/local/etc/apache22/httpd.conf:
    Multiple <Directory> arguments not (yet) supported.
     
  4. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,375
    Likes Received:
    1
    Remove that last slash.

    Code:
    <Directory "/usr/local/www/apache22/data/owncloud/data/bodo/files">
     
  5. bsus

    bsus New Member

    Messages:
    299
    Likes Received:
    0
    Thank you this was it :)

    I now decided to mount -t nullfs a cloned zfs snapshot because I need write access. Unfortunatly (I am using some WebDAV) I can access my data over the url without authentication but there should only be access through the application. Is there a quick fix or do I have to play around with the apache authentication modules?
     
  6. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,375
    Likes Received:
    1
    I'd add some authentication to it.
     
  7. bsus

    bsus New Member

    Messages:
    299
    Likes Received:
    0
    Hi,

    Had to change "AllowOverride All" so that the .htaccess gets used.

    Thank you for the support :)