Users, groups and apache2 + svn/git
I've been running a linode for a while now, but is has been a simple single user system - Me
And now more users are going to be hosted on my linode, mostly just web and version control. But how do i manage that in a secure way for everyone so no one gets access to the wrong libraries.
I thought that one location for everything
/srv
was the most logical thing to do, makes it easier to backup.
For each company / friend i make a set of folders
Single user
/srv/friend1/www
/srv/friend1/svn
/srv/friend1/data
multiple users
/srv/company1/www
/srv/company1/svn
/srv/company1/data
/srv/company2/www
/srv/company2/svn
/srv/company2/data
/srv/friends2and3/www
/srv/friends2and3/svn
/srv/friend2and3/data
But how do i make groups and assign users to these groups, and then limit the user or group to their /srv location?
People are going to use scp to upload files and etc, and when i log in with my normal user today, i can go into any directory and copy files etc - I really don't want ppl to be able to access other ppls files. How do i secure them from eachother?
And is there anything else I've forgot thats crucial?
Hope someone can share some wisdom
1 Reply
Then you can have /home/user1/web, /home/user1/svn, etc. Be sure to make it so /home/$user/web can be read by others so apache can see it. (Unless you're going to run each domain as a different user, there's some apache module for that, too.)
Each user gets a group with their own name. And if you need to create a /home/grouping1 that has multiple people who need access, create a group called grouping1 and then add user1 and user2 to it.
Then you just backup /home and /etc (which has all of your configs) and /root (which, for me contains nothing, but who knows what you're doing).