User Tools

Site Tools


system:balug_webserver

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
system:balug_webserver [2007-05-14T02:17:53+0000]
198.144.194.236 typo fix(es)
system:balug_webserver [2007-05-28T08:50:06+0000] (current)
198.144.194.236
Line 1: Line 1:
 +====== BALUG webserver ======
  
 +The care and feeding of the **BALUG webserver** (on this host system).
 +  *The **BALUG webserver should not interfere** with other webserver(s) or other non-BALUG services on the host (and vice versa)
 +  *To **avoid accidentally shutting down, signaling, etc. the incorrect webserver or web services, use the proper -balug commands/​pathnames/​scripts**,​ e.g. for most normal operations one should only need to use:
 +    ***/​etc/​rc.d/​init.d/​httpd-balug** (with relevant argument(s))
 +    ***/​usr/​local/​sbin/​*-balug*** (but the above should generally be used instead)
 +    ***FAILURE TO USE THE COMMANDS NOTED ABOVE MAY CLOBBER THE WRONG WEBSERVER OR WEB SERVICES**
 +  *Along those non-interference regards, the **BALUG webserver should only use its designated IP address(es) - see: [[system:​ip_addresses|IP Addresses]]**
 +  *The BALUG webserver runs using user:group balugwww:​balugwww. ​ Note that **for security reasons**, to the extent feasible (and as appropriate),​ **user balugwww and group balugwww should not have access to alter any content on the host or have any special privileges on the host**. ​ Note that it //may// be permissible for user balugwww or group balugwww to alter content only where that is explicitly desired (e.g. perhaps certain wiki pages). ​ Note also that in general, user balugwww or group balugwww needs read access to web content to be served (generally read access on files, and read and "​execute"​(/​search) on directories and ancestor directories).
 +  *to the extent feasible (we're not there yet) and where there isn't a conflicting security reason, it **should be made feasible for non-superuser** (i.e. other than user "​root"​) **to be able to alter BALUG web content** (e.g. via suitable ID(s) and/or group(s) - such as user and/or group balug).
 +  *Note that version control (RCS) has been put in place for at least some key file(s), it should be appropriately used to track changes and note the reason(s) //why// change(s) were made.  It is also generally advisable to preserve mtimes, e.g.:\\ # ci -d -l -M file
system/balug_webserver.txt ยท Last modified: 2007-05-28T08:50:06+0000 by 198.144.194.236