User Tools

Site Tools


system:balug_webserver

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
system:balug_webserver [2007-05-06T14:22:52+0000]
198.144.194.236
system:balug_webserver [2007-05-28T08:50:06+0000] (current)
198.144.194.236
Line 6: Line 6:
     ***/​etc/​rc.d/​init.d/​httpd-balug** (with relevant argument(s))     ***/​etc/​rc.d/​init.d/​httpd-balug** (with relevant argument(s))
     ***/​usr/​local/​sbin/​*-balug*** (but the above should generally be used instead)     ***/​usr/​local/​sbin/​*-balug*** (but the above should generally be used instead)
-    ***FAILURE TO USE THE ABOVE MAY CLOBBER THE WRONG WEBSERVER OR WEB SERVICES** +    ***FAILURE TO USE THE COMMANDS NOTED ABOVE MAY CLOBBER THE WRONG WEBSERVER OR WEB SERVICES** 
-  *Along those non-interference regards, the **BALUG webserver ​sould only use its designated IP address(es) - see: [[system:​ip_addresses|IP Addresses]]**+  *Along those non-interference regards, the **BALUG webserver ​should ​only use its designated IP address(es) - see: [[system:​ip_addresses|IP Addresses]]** 
 +  *The BALUG webserver runs using user:group balugwww:​balugwww. ​ Note that **for security reasons**, to the extent feasible (and as appropriate),​ **user balugwww and group balugwww should not have access to alter any content on the host or have any special privileges on the host**. ​ Note that it //may// be permissible for user balugwww or group balugwww to alter content only where that is explicitly desired (e.g. perhaps certain wiki pages). ​ Note also that in general, user balugwww or group balugwww needs read access to web content to be served (generally read access on files, and read and "​execute"​(/​search) on directories and ancestor directories). 
 +  *to the extent feasible (we're not there yet) and where there isn't a conflicting security reason, it **should be made feasible for non-superuser** (i.e. other than user "​root"​) **to be able to alter BALUG web content** (e.g. via suitable ID(s) and/or group(s) - such as user and/or group balug). 
 +  *Note that version control (RCS) has been put in place for at least some key file(s), it should be appropriately used to track changes and note the reason(s) //why// change(s) were made.  It is also generally advisable to preserve mtimes, e.g.:\\ # ci -d -l -M file
system/balug_webserver.1178461372.txt.bz2 · Last modified: 2007-05-06T14:22:52+0000 by 198.144.194.236