TurnKey Linux Virtual Appliance Library

I want to set up internal web hosting for a couple of our teachers

Hi,

A couple of our teachers want to set up their own web sites to teach the pupils web design .

I have installed the Turnkey lamp appliance and everything is working fine.

I am not a linux user and would like to know how use Webmin to to give a user(s) the following:

1. Their own folder on the server to be used as the root of their web site.

2. SFTP access to that folder so that they can upload their sites.

3. Access to their own Mysql database to use php etc.

4. imited access to phpmyadmin so that they can a manage their database.

Really its a cut down version of what a web hosting company would offer.

Jeremy's picture

Easiest way I can think of

Is to just create new users with their home directory in the default web root folder. To allow the webserver access to the files, add the users to the www-data group. If you are happy for them to be able to read each other's files (no harm in that IMO as they'll be able to access them anyway) then that should do it. If you want it so they can't browse out of their home when connected via SFTP then you'll need to set each user in a chroot jail. It's a bit of mucking around but you should be able to get it going.

As for MySQL, AFAIK if you create a database for each user and a user with ownership of each database then they should be able to log into phpMyAdmin using their username and password.

Each user's web space will be found by browsing to http://<ip-name>/<uesrname> so for user joe on a serverwith IP of 192.168.1.100 it'd be http://192.168.1.100/joe

If they have an index file (ie index.htm/index.html/index.php/etc) then the above address will load it by default, otherwise you will also need to specify the file (or it will just load a list of the files contained).

If you aren't sure of any details, if you keep in mind that TKL v11.x is based on Ubuntu 10.04 (aka Lucid) then google will get you going in the right direction. If you get stuck post back, no promises but I'll try to help.

Good luck.

Worked fine!!

 

Brilliant... got everything working exactly as you stated. The explanation was so precise and easy to follow.  Many thanks!

 

Bit unsure about that chroot jail though.  It would be better if they couldnt browse to any parent folders using sftp! 

Is there a utility that can do this or a really easy tutorial?

Keith W

Jeremy's picture

Glad that worked for you.

Firtly just rereading my advice - so users can't make changes to other's files you'll need to make sure that permissions of /var/www/user (ie each user's) dir are set to 0755 (ie user: read/write/execute - group: read/execute). IIRC this should happen automatically (users files should automatically be set in this fashion when created) but it would probably pay to check.

As for chroot jails, there is a fair bit of info about. AFAIK there are a few shortcomings but if you are patient you should be able to work it out. Here is some pretty basic instructions which will hopefully get you going.

Only catch is that I think the root of the chroot jail needs to be owned by root and you'll need to do some fiddling to work around that. If the user accounts are hosted in /var/www and it's owned by root then the webserver won't be able to read any of the files. You'll need to do a bit of research there.

I'm not sure if it'd work but perhaps one way to go would be to put the user home directories somewhere other than /var/www (like /home which is default location) and put symlinks to each user's working dir in /var/www (IIRC symlins are created with ln -s /folder/file /folder/link).

The end result hopefully will be the same as my other post but users will be jailed when they login via SFTP.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)