This is an old revision of the document!
Configure Group-managed Content
General Information
Group managed content for collaboration.
Lab Setup
The following virtual machines will be used:
- server1.example.com (192.168.1.150) → Perform all connectivity tests from here
- server2.example.com (192.168.1.151) → Install Apache Web Server here
Basic Apache Directory Setup
Create directory to use
mkdir /var/private
Create group that will have access to the directory
groupadd dbadmins
Add users to the group
usermod -G dbadmins user1 user2
Set permissions of new directory
chown :dbadmins /var/private chmod 771 /var/private
Create index file
echo "Group dbadmins index file" > /var/private/index.html
Create SELinux file context and restore the context
semanage fcontext -at httpd_sys_content_t "/var/private(/.*)?" restorecon -Rv /var/private/
Group Protected Setup
Allow htaccess override for the new group directory
vim /etc/httpd/conf/httpd.conf <Directory /var/private> AllowOverride AuthConfig </Directory>
Create htaccess file
vim /var/private/.htaccess AuthType Basic AuthName "Password Protected DBADMIN - Enter Credentials:" AuthUserFile "/etc/httpd/conf/.grouppassworddb" AuthGroupFile "/etc/httpd/conf/.groupdb" Require group dbadmins
Create groupdb file
vim /etc/httpd/conf/.groupdb dbadmins: user1 user2
Set ownership and permissions
chown :apache /etc/httpd/conf/.groupdb chmod 640 /etc/httpd/conf/.groupdb
Create group password db file
htpasswd -c /etc/httpd/conf/.grouppassworddb user1 htpasswd /etc/httpd/conf/.grouppassworddb user2
- Prompted for password each time
- -c → Create the file
- No “-c” the second time because it would overwrite the file instead of add to it.
Restart httpd
systemctl restart httpd
View group protected directory
elink http://testsite.example.com/private
- Prompted for username/password