Sounds to me like you should draw yourself a diagram of what each group of files has for permissions, what are all the users and groups involved and their effective permissions. Quite possibly you may just need to add the virtual domain admin users to some group or add user apache to the virtual domain group so the apache process can write. Do the php pages have to write anything to the virtual domain directories? Even if it's just a log file, then that user is denied. Do all of the virtual domains wrote to the database? I didn't understand that part. If so, then for one I wouldn't do it that way. They should each have their own database. Also, if you have this: rw-r--r--, then the group can't write only the specific user, but you may need to add the user you run the database as or the php process in somewhere. Hell, I'm confused now.
User Group Apache apache web process and /var/www/html Virtual1 virtual1 Domain1 Virtual2 virtual2 Domain2 Virtual3 virtual3 Domain3 Database database database files
Hint: Don't refer to them as one domain or another, use more concrete terms. You've got so much going on, I'm confuse now. Back to my nap.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jack Sent: Monday, June 13, 2005 6:41 PM To: Jonathan Hutchins; [email protected] Subject: Re: PHP safe mode on virtual hosts
Apache is running as apache. The file permissions are rw-r--r-- on all the directories accessed by apache or php. Each virtual webspace has it's own user and the group is the same as the user. So website-1 has file ownership of say admin1.admin1 and this is in the user and group as defined in the chrooted apache httpd.conf. AS I said, I compared two sites and have yet to see any configuration difference. In either the httpd.conf or it's included files or in the php.ini files.
--- Jonathan Hutchins [email protected] wrote:
On Monday 13 June 2005 01:22 pm, Jack wrote:
... one site works if the files in the chrooted /var/www/html directory are owned by a authorized admin for the virtual host, the other works only if that
directory
and the files are owned by root.
Who's apache running as? What are the file permissions? User? Group?