www.bonsaiframework.com
Page tree

Versions Compared

Old Version 15

changes.mady.by.user Tin Pham

Saved on

compared with

New Version Current

changes.mady.by.user Tin Pham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Warning

I am not happy with the private share portion of this article.

Table of Contents

Introduction

I often find I need to quickly share files with the general public or selected friends. As such I have setup Online Shares with Apache. Continuing our example I will put put a public and private share on krypton as follows,

...

Assuming you are logged in as a Staff User created in the Setup Ubuntu Linux Base Server,

Shared - Public Share Folder

Code Block
langlanguagehtmlbash
cd /home/www.krypton.com
sudo mkdir shared # Browseable folder to drop content to share with others
sudo mkdir shared.private # Browser password protected folder to drop content to share with others via .htaccess
sudo mkdir keys # Place to store keys for protected folder

cd /home

sudo chown -R serveradmin:wgkryptonian ./www.krypton.com/shared/

sudo chmod -R 775 www.krypton.com/shared/ # Only svradm and users in the kryptonian group can manage. Apache(other's) still need to be able to read and browse.

Add to the website host file,

Code Block
langhtml
    Alias /shared/ "/home/www.krypton.com/shared"
    Alias /shared "/home/www.krypton.com/shared"
    <Directory /home/www.krypton.com/shared>
        /# Make this folder browseable
        Options +Indexes
    </Directory>

The final host file will look like this,

Code Block
langlanguagehtmlxml
<VirtualHost *:80>
    ServerAdmin webmaster@localhost

    ServerName www.krypton.com
    ServerAlias www.krypton.com

    DocumentRoot /home/www.krypton.com/www

    # This restrictive a precedence for ALL directory blocks.
    <Directory />
        Options FollowSymLinks
        # This prevents use of .htaccess
        AllowOverride None
    </Directory>

    # Main location of static content for the websites.
    <Directory /home/www.krypton.com/www/>
        Options +MultiViews
        Order Allow,Deny
        Allow from all
    </Directory>

    Alias /shared/ "/home/www.krypton.com/shared"
    Alias /shared "/home/www.krypton.com/shared"
    <Directory /home/www.krypton.com/shared>
        # Make this folder browseable
        Options +Indexes
    </Directory>

    ErrorLog /var/log/apache2/www.krypton.com.error.log

    # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/www.krypton.com.access.log combined
</VirtualHost>

Reload the Apache configuration file,

Code Block
langlanguagehtmlbash
sudo /etc/init.d/apache2 reload

shared.private - Private Folders

kalel wants to have a private place to store his documents that can only be access by accounts he sets up.

...

kalel logs in as himself he would do the following one time setup,

Code Block
langlanguagehtmlbash
cd /home/www.krypton.com/shared.private
mkdir kalel
chmod 750 kalel

cd /home/www.krypton.com/shared.private
mkdir keys
cd keys

# Create the initial password file with the first user being kalel
htpasswd -c ./kalel-www.krypton.com.shared.private kalel
New password:
Re-type new password:

# Create addition accounts. Notice NO "-c"
htpasswd .htpasswdkalel-www.krypton.com.shared.private cclark
Note

One caveat, this also prevents Apache's Index program from viewing the directory so you must know about the directory or put a link to the directory. Consider using .htaccess definition one level higher, but then it's easy to break.... hmmmm...

...

To make his folder more private, kalel makes a request to serveradmin (who has sudo privileges) to make the following changes,

Code Block
langlanguagehtmlbash
# assuming the user is serveradmin or any other account with sudo privileges
sudo chmod -R 750 /home/www.krypton.com/shared.private/kalel/
sudo chown -R kalel:www-data /home/www.krypton.com/shared.private/kalel/

...

Update the virtual host as follows,

Code Block
langlanguagehtmlxml
    Alias /shared/ "/home/www.krypton.com/shared"
    Alias /shared "/home/www.krypton.com/shared"
    <Directory /home/www.krypton.com/shared>
        # Make this folder browseable
        Options +Indexes
    </Directory>

    Alias /shared.private/ "/home/www.krypton.com/shared.private"
    Alias /shared.private "/home/www.krypton.com/shared.private"
    <Directory /home/www.krypton.com/shared.private>

        # Allow website admin to use .htaccess - http://httpd.apache.org/docs/2.2/mod/core.html,
        #     AuthConfig - Authentication
        #     Indexes - Makes directory browseable
        # As soon as I introduce Indexes it breaks with error, ".htaccess: Options not allowed here".
        #AllowOverride AuthConfig Indexes

        # This works but allowing all is a security risk
        # AllowOverride All

        # Start TEMP solution

        # Allow the .htaccess file to allow authentication.
        AllowOverride AuthConfig

        # For some reason allowing override of indexes does not work in .htaccess so set it manually here.
        Options +Indexes

        # End TEMP solution

    </Directory>

    ErrorLog /var/log/apache2/www.krypton.com.error.log

Reload the configuration file,

Code Block
langlanguagehtmlbash
sudo /etc/init.d/apache2 reload

...