Am Do, den 02.06.2005 schrieb Matthew Miller um 20:29:
On Thu, Jun 02, 2005 at 11:13:39AM -0700, M E Fieu wrote:
> How to settle this issue. Use apache to run cron job
> to generate those file ? But my apache user account
> has no shell configured. /bin/nologin I need to
> enable its shell ?
Make a group named "mysecret". Put apache in that group -- `gpasswd mysecret
-a apache`, and create a non-privileged user account and put that in same
group, and have that user run the cron job and make the data mode 640
(That's "-rw-r-----"). And restart apache.
Matthew Miller mattdm(a)mattdm.org <
http://www.mattdm.org/>
That is of course a good solution.
Just another comment on permissions: files to be displayed by Apache (if
they are not scripts) don't need the x-bit and one should avoid giving
too much permissions! This is a base rule.
Besides the file's own permissions see that the permissions of the
directory too matter:
$ ls -ld /var/www/html/test
drwx--x--- 2 root apache 72 2. Jun 20:43 /var/www/html/test
$ ls -al /var/www/html/test/test.html
-rw-r--r-- 1 root root 12 2. Jun 20:44 /var/www/html/test/test.html
Those permissions allow Apache to display the test.html file but will
not allow system users other than root or apache not to spot into the
"test" directory.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG
http://pgp.mit.edu 0xB366A773
legal statement:
http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp
Serendipity 20:57:36 up 9 days, 19:35, load average: 0.36, 0.40, 0.64