linux_wiki:configure_group-managed_content

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
linux_wiki:configure_group-managed_content [2018/04/07 23:59]
billdozor [Basic Apache Directory Setup] 		linux_wiki:configure_group-managed_content [2019/05/25 23:50] (current)
Line 12: Line 12:
   * server1.example.com (192.168.1.150) -> Perform all connectivity tests from here   * server1.example.com (192.168.1.150) -> Perform all connectivity tests from here
   * server2.example.com (192.168.1.151) -> Install Apache Web Server here   * server2.example.com (192.168.1.151) -> Install Apache Web Server here
 +
 +
 +**Previous Sections Completed**
 +  * [[linux_wiki:network_services_overview_apache_web_server|Install/Configure]]
 +    * Except leave listening on port 80/tcp
 +  * [[linux_wiki:configure_a_virtual_host|Virtual Host Config]]
 +  * [[linux_wiki:configure_access_restrictions_on_directories|Access Restrict Directory]]
  
 ---- ----
Line 19: Line 26:
 Create directory to use Create directory to use
 <code bash> <code bash>
-mkdir /data/redsite/group+mkdir /data/redsite/devel-group
 </code> </code>
  
 \\ \\
-Create group that will have access to the directory+Create users and a developers group that will have access to the directory to manage the content
 <code bash> <code bash>
-groupadd dbadmins+useradd robert 
 +useradd steve 
 +groupadd developers
 </code> </code>
  
Line 31: Line 40:
 Add users to the group Add users to the group
 <code bash> <code bash>
-usermod -G dbadmins user1 user2+usermod -G developers robert 
 +usermod -G developers steve
 </code> </code>
  
Line 37: Line 47:
 Set permissions of new directory Set permissions of new directory
 <code bash> <code bash>
-chown :dbadmins /data/redsite/group +chown :developers /data/redsite/devel-group 
-chmod 771 /data/redsite/group+chmod 771 /data/redsite/devel-group
 </code> </code>
  
Line 44: Line 54:
 Create index file Create index file
 <code bash> <code bash>
-echo "Group dbadmins index file" > /data/redsite/group/index.html+echo "Developers index file" > /data/redsite/devel-group/index.html
 </code> </code>
  
Line 51: Line 61:
 ====== Group Protected Setup ====== ====== Group Protected Setup ======
  
-Allow htaccess override for the new group directory +**Help**: Available if you installed 'httpd-manual'<code bash>elinks /usr/share/httpd/manual/howto/auth.html</code
-<code bash> +  * Then follow the "Letting more than one person in" link
-vim /etc/httpd/conf/httpd.conf +
- +
-<Directory /var/private+
-  AllowOverride AuthConfig +
-</Directory> +
-</code>+
  
 \\ \\
-Create htaccess file+Create the groupdb file (list group members)
 <code bash> <code bash>
-vim /var/private/.htaccess+vim /etc/httpd/conf/groupdb
  
-AuthType Basic +developersrobert steve
-AuthName "Password Protected DBADMIN - Enter Credentials:+
-AuthUserFile "/etc/httpd/conf/.grouppassworddb" +
-AuthGroupFile "/etc/httpd/conf/.groupdb" +
-Require group dbadmins+
 </code> </code>
  
 \\ \\
-Create groupdb file+Create the user entries in the userdb password file
 <code bash> <code bash>
-vim /etc/httpd/conf/.groupdb +htpasswd /etc/httpd/conf/userdb robert 
- +htpasswd /etc/httpd/conf/userdb steve 
-dbadmins: user1 user2+htpasswd /etc/httpd/conf/userdb monty
 </code> </code>
 +  * Prompted for password each time
 +  * Give 'htpasswd' the -c argument if the userdb file does not exist to create it.
 +    * No "-c" the second time because it would overwrite the file instead of add to it.
  
 \\ \\
-Set ownership and permissions+Edit the vhosts.conf and add a directory auth section for the new devel-group directory
 <code bash> <code bash>
-chown :apache /etc/httpd/conf/.groupdb +vim /etc/httpd/conf.d/vhosts.conf
-chmod 640 /etc/httpd/conf/.groupdb +
-</code>+
  
-\\ +<VirtualHost *:80> 
-Create group password db file +  ServerName redsite.example.com 
-<code bash+  DocumentRoot /data/redsite 
-htpasswd -/etc/httpd/conf/.grouppassworddb user1 +  #....SNIP....# 
-htpasswd /etc/httpd/conf/.grouppassworddb user2+ 
 +  <Directory /data/redsite/devel-group
 +    AuthType Basic 
 +    AuthName "Group Auth Enter Credentials" 
 +    AuthGroupFile "/etc/httpd/conf/groupdb" 
 +    AuthUserFile "/etc/httpd/conf/userdb" 
 +    Require group developers 
 +  </Directory>
 </code> </code>
-  * Prompted for password each time +  * Now only users in the userdb file AND in the "developersgroup are allowed to view the content. 
-  * -c -> Create the file +    * robert and steve should be allowed in, monty should be denied.
-  * No "-c" the second time because it would overwrite the file instead of add to it.+
  
 \\ \\
Line 106: Line 113:
 View group protected directory View group protected directory
 <code bash> <code bash>
-elink http://testsite.example.com/private+elinks http://redsite.example.com/devel-group
 </code> </code>
   * Prompted for username/password   * Prompted for username/password
  • linux_wiki/configure_group-managed_content.1523159944.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)