Apache symlinked to home directory - Permission Errors
im having a few problems symlinking my /var/www/
to a new Webroot
directory inside my home folder. I think these stem from my lack of understanding of linux permissions.
As far as im aware, symlinks should take the form of the directory you want to linked and the directory you want to be linked to, so in my case, i ran:
sudo ln -s ~/Webroot/* /var/www/
this has sort of worked, if i run ls
on /var/www/
i can see all of the files in my Webroot
directory.
Whenever i try to run a file that is in my Webroot
folder, i get a 403 permission error, is this because the files in my Webroot directory are created by me, and the apache instance is being run as www-data?
if this is the case, would this mean i need to change the permissions on every file i create in order to run it?
I have previously run a local apache instance my pointing the directory root of my default vhost to the Webroot
folder, in this instance i did not need to alter any permissions. Any help would be appreciated.
This is not a good practice, I agree with Weboide. But there is a simple way to achieve this goal.
1). enable the apache userdir module.
sudo a2enmod userdir
this will enable apache userdir module. Now you can put the contents of website in ~/Webroot/
or whatever inside your home directory.
Note: The default folder is ~/public_html
2). Make necessary changes to /etc/apache2/mods-enabled/userdir.conf
.
3). Restart the apache
sudo /etc/init.d/apache2 restart
Now you can access the site by navigating your browser to http://ip-address/~username. You can also set a virtual host for this site.
If you are looking to run php files you need to do one more step
edit the /etc/apache2/mods-enabled/php5.conf
and comment the following lines:
<IfModule mod_userdir.c>
<Directory /home/*/public_html>
php_admin_value engine Off
</Directory>
</IfModule>
</IfModule>
Then restart the apache.
Thats it. You are done.
Ref:https://wiki.ubuntu.com/UserDirectoryPHP
Hope this helps. If you face any difficulties feel free to post it here.
This is not a good practice to achieve what you want.
If you are using PHP, you might want to take a look at suexec, suphp or php-fpm and fastcgi.
You are right about your issue, this is a permission issue in the fact that your Webroot
files are owned by a different user than www-data
.
Here is a not-so-bad solution to workaround your problem. Note that you will probably need to use sudo or login as root. Make sure you fully understand all of the commands you will be executing!!
Change your Webroot
folder and subfolders and files to have the group ownership set to www-data
and set the proper permissions:
# set the group ownership to be www-data
chgrp -R www-data /path/to/home/Webroot/
# make sure www-data has read & write permissions (change it to `g=r` if you want to only give read-only access)
chmod -vR g=rw /path/to/home/Webroot/
# make sure www-data can access the folders by adding the group execute bit field to directories
find /path/to/home/Webroot/ -type d -print0 | xargs -0p chmod -v g+x
Edit: Note that you will certainly need to run those commands again if you add files/folders using your regular user account.
I did near the same thing with Debian Lenny, but I changed to non-hax mode, I've configured apache correctly. But with symlink:
$ ll /home
drwxr-xr-x 8 root root 4,0K nov 14 14.59 .
drwxrwxrwx 7 root root 4,0K nov 14 21.24 www -> /var/www
I think you should check the permisson of the ~ and the ~/Webroot, I think your dir(~) is read protected, I mean, you have to run this:
$ ls -la /home
To set the right permissinons, use:
# chmod 755 /home
# chmod 755 /home/<YOURNAME>
# chown <YOURNAME>:www-data -R /home/<YOURNAME>/Webroot
# chmod 775 -R /home/<YOURNAME>/Webroot
I think, it should help, but give me more info about this. I suggest you, to get out the Webroot from your dir, ex. to /home like me, because it can be security problem.
"#" means root permisson, ex. write sudo before the commands; "$" means single user permisson