>>>>> Sven Joachim <svenj...@gmx.de> writes: >>>>> On 2011-09-24 08:21 +0200, Mark Panen wrote:
[A kind of follow-up to an old news:comp.unix.shell thread [1].] [1] news:87pr9pzgjl.fsf...@violet.siamics.ipv6.uusia.org From: Ivan Shmakov <oneing...@gmail.com> Newsgroups: comp.unix.shell Subject: non-FHS hierarchies: /var/home, /var/public, /var/public/storage Date: Thu, 17 Sep 2009 23:23:26 +0700 (Somehow, Google Groups knows nothing about it.) >> What is the out the box permissions for /home/* on Squeeze? > 0755, adjust the DIR_MODE variable in /etc/adduser.conf if you like > to change that. My current preference is to have the following layout under /home: /home |-- … |-- private | |-- … | `-- users | `-- USERNAME — user's home directory (mode: 0700); `-- public |-- … |-- users | `-- USERNAME — user's public directory (0755); `-- storage |-- … `-- users `-- USERNAME — user's “storage” directory (0755.) (As could be seen from the above, I no longer advocate the use of a single filesystem for all the variable content; I now prefer to use separate filesystems for /var and /home.) In principle, the arrangement above could be extended with some ‘groups’ directories as well, though it seems to me that the concurrent access may generally be error-prone. For the “hardlinks” to work, it's advisable for /home/private/ and /home/public/ to share a single filesystem. The storage/ hierarchy (residing on a separate filesystem) is indented for the (typically larger) content of lower backup priority. There, one could put, e. g., the copies of anything readily available for download over Internet. It a typical setup, the public/users/ directories will also be accessible via HTTP (via Apache's mod_userdir; with UserDir set to /home/public/users/.) If CGI is also desired, a ‘public_html’ link pointing to the respective public/users/ directory could be put into the user's home directory, in order to satisfy the suexec(8)'s constraints. (FWIW, I prefer to have an HTTP server installed on all the hosts, unless there's a very good reason not to install it.) --cut: /etc/apache2/sites-available/example -- <IfModule mod_userdir.c> UserDir /home/public/users </IfModule> <Directory /home/public/users> AllowOverride FileInfo Indexes AuthConfig Limit Options Indexes ExecCGI SymLinksIfOwnerMatch IncludesNoExec </Directory> --cut: /etc/apache2/sites-available/example -- It's also an option to have /home/public/ accessible via Rsync just as well, but it should be noted that while user can easily control HTTP access by placing .htaccess files where necessary, Rsync couldn't be controlled in such a way. --cut: /etc/rsyncd.conf -- [public] path = /home/public comment = Public directory --cut: /etc/rsyncd.conf -- -- FSF associate member #7257 -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/86wrcyjncv.fsf...@gray.siamics.net