Virtual Private Server User Guide

The Apache Web Server

approach then would be to make all of your Web files owned by the user who 

created them and by the correct virtual host group. The files would be write able to 

both the user and to the group, so that anyone in the group could modify them. 

They would also be readable by the world, so that Apache can serve the files, but 

not write able to the world so as to protect against unauthorized page editing. 

For example, if my domain name were iexample.com,i and both the users 

"msmith" and "jdoe" were to create and manage my Web content, my files in /

www/vhosts/example.com/htdocs might look something like the following:

 rw rw r    1 msmith  example.com   430 Sep 13 07:45 index.html

 rw rw r    1 jdoe    example.com    17 Nov 14 05:28 info.html

 rw rw r    1 jdoe    example.com  1496 Sep 14 05:50 

contact.html

Remember that to change ownership and permissions on files or directories, the 

following commands are available to you and your users:

chmod: If you own a file and need to change its file permissions, the chmod 

command should be used. If you are the superuser, this command can also be 

used to change the permissions of any files, regardless of its owner.

vchown: Users in the sysadmin group can use this command to change the 

ownership of files and directories that don't belong to them as long as they do not 

belong to the superuser. For example, vchown can be used to change a file so 

that it is owned by the inobodyi user, or to take ownership of a file that someone 

else has created. Also, vchown can be used to change the group that a file 

belongs to. This command cannot be used to change the ownership of a file that 

belongs to root, or to make a file be owned by root if it belongs to someone else.

vchmod: Users in the sysadmin group can use this command to change the 

permissions of files that are owned by someone else as long as they do not 

belong to the superuser. For example, if one of your normal users uploads a file 

but doesn't know how to use the chmod command to change the file permissions, 

a member of the sysadmin group can use vchmod to do it for them. This 

command cannot be used to change the file permissions of files that are owned by 

root.

chown: This command, when run by the superuser, can change the ownership 

and group that a file belongs to regardless of who owns the file.

For example, let's assume that your administrative user account were "msmith," 

and the index.html file that you placed in the document root of your Web site had 

the following ownership and permissions:

 rw r       1 msmith msmith  430 Sep 13 07:45 index.html

If someone were to try to view this file through their Web browser, they would 

receive a "Permission Denied" (500) error, because the nobody user, which 

Apache runs as, is not allowed to view the file. In order to correct this, you would 

need to use the chmod command to give read permissions to the world:

> chmod 644 index.html

Technical Training Department

August 2004

6 5