new install, virtual host directory not allowed?

[fusionhosting]

I'm trying to setup a virtual host using the default example VH/config files.

The example was in:
/opt/lsws/DEFAULT

I tried pointing the path to my new web dir:
/home/testing/html

I had an error that it didn't exist or couldn't not be found.

So I tried making a symbolic link of TESTING in /opt/lsws/, and entering that into the virtual hosts configuration to replace the DEFAULT directory. Again, I had an error.

Is it even possible to host files outside of the LSWS's root directory?

I've tried changing permissions as well from nobody, to the user, all with no luck.

This is with the Enterprise 30 day demo.

 

[mistwang]

There should be no problem to host files outside the LSWS' root directory.

I thought it is a permission problem, but you said that you had tried changing ownership and permissions on the vhost root directory.

I wonder if you are using the chroot feature? If yes, you have to place the root directory for a vhost under the chroot jail, symbolic link does not work.

 

[fusionhosting]

I didn't install chroot. Unless there's a permission problem I haven't seen, I'm pretty much stuck as the error msg doesn't say anything specific.

 

[mistwang]

It might be a bug in the web admin interface.
You can modify the configuration file directly, restart lsws, see if it works.
Have you tried to access files under the document root, with command like

sudo -u nobody ls /home/testing/html

If you don't mind, PM me the login to admin interface, I can take a look.
You can try 2.1RC3 Enterprise as well, just replace 'std' with 'ent' to download the package.

 

[fusionhosting]

I did go ahead and edited the conf file, and that seemed to help but I was still getting an error.

So I started changing permissions to straight nobody.nobody and the sample index.html was coming up fine after that, however now my permissions aren't setup correctly.

Any advice?

The way I had it setup was a user account such as:

/home/user1

/home/user1/conf
/home/user1/ .. etc - other lsws DEFAULT directories
/home/user1/html (the lsws directory to hold the website)


/opt/lsws/testing (symbolic link to the /home/user1/html directory)


I setup lsws to user the nobody user/group.

 

[mistwang]

You need to test permissions with the command I recommended, if it does not report permission denied, then it is fine, at least for serving files.

To the minimum, user "nobody" needs read permission to the target directory. So, usually permissions for /home/user1 can be set to "0755", which means everyone can ready files there.

For better security, you can do as following.

Let each user has its private group, 'user1' has its own group 'group1', '/home/user1' is owned by 'user1/group1', set permission of "/home/user1" to "0750" or "0770" with command like "chmod 0750 /home/user1", so this directory is not world readable. Then add "nobody" user to "group1" by editing "/etc/group" file, this way, nobody user will have at least read permission to '/home/user1'.

Do not use symbolic link, just pointing to the target directory directly.

 

[fusionhosting]

Ok, I followed your advice, checked and re-did permissions. Using the sudo command I verified I could read all the files.

The user account I made, also had it's own group created, so I just added 'nobody' in /etc/groups to it at the end after the group#.

I checked the GUI, no errors with the paths seemed to show up.

However when I try to access the website I just get the http 404 - error. LSWS server's log is showing the attempted access, but the virtual host is not having anything written to it's file (permissions seem fine).

Still seems like it doesn't like the direct path. :/

 

[mistwang]

Please check lsws/logs/error.log, the missing file should be logged. Make sure the directory index file has been configured properly.

 

[fusionhosting]

I did get it working again last weekend, I just need to go tighten down the directory/file permissions again.

I think part of the problem may have been the 'apply' link in the admin gui, where I was submitting changes, but may not have applied them several times?

Seems a little confusing to submit/save, then have to apply, then restart or reload.