You are not logged in.
- Topics: Active | Unanswered
#1 2008-12-24 06:37:34
- Xyne
- Administrator/PM
- Registered: 2008-08-03
- Posts: 6,965
- Website
[SOLVED]Apache: sharing folders and path permissions.
Is there any way to have an Apache DocumentRoot on a path without granting read permissions for every directory along that path? I have a few local repos in my home directory that I would like to host on a local Apache server but I want to keep my home dir set to 700. From what I can tell, through both searching and experimenting, the answer is no, but I'd like to get confirmation before I abandon the idea entirely and settle for another setup.
Thanks.
Last edited by Xyne (2009-01-08 18:07:04)
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
#2 2008-12-24 19:50:31
- rine
- Member
- From: Germany
- Registered: 2008-03-04
- Posts: 217
Re: [SOLVED]Apache: sharing folders and path permissions.
No. It's just another unix user. When you can't read a directory, you can't read anything that's in subdirs 
Offline
#3 2008-12-25 00:41:37
- Xyne
- Administrator/PM
- Registered: 2008-08-03
- Posts: 6,965
- Website
Re: [SOLVED]Apache: sharing folders and path permissions.
Thanks for the reply, rine.
Is there any way to trick the system using links so that I can keep the files where they are without opening up permissions and without copying them somewhere else? Maybe some clever use of a loop device could do it.
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
#4 2009-01-08 16:34:04
- Profjim
- Member
- From: NYC
- Registered: 2008-03-24
- Posts: 658
Re: [SOLVED]Apache: sharing folders and path permissions.
The intervening directories don't need read permission. They do need execute permission. Execute permissions on a directory means you can cd "through" it to subdirs.
And yes, you could also have root rebind the directory in question to someplace else in the filesystem where there are no intervening directories. You'd do something like this:
sudo mount -bind old/dir/with/many/intervening/dirs/that/only/root/can/read /mnt/newdir/mnt/newdir has to already exist. Once you do this, your Apache process only needs read/execute permissions on the /mnt/newdir.
Offline
#5 2009-01-08 18:05:20
- Xyne
- Administrator/PM
- Registered: 2008-08-03
- Posts: 6,965
- Website
Re: [SOLVED]Apache: sharing folders and path permissions.
Thanks Profjim.
That's exactly what I ended up doing but I forgot to come back and mark the thread as solved. I also found the "clever use of a loop device" that I asked about before:
http://aur.archlinux.org/packages.php?ID=22920
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline