From owner-freebsd-questions@FreeBSD.ORG Mon Mar 10 12:20:15 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E65406DA for ; Mon, 10 Mar 2014 12:20:15 +0000 (UTC) Received: from mail-oa0-f54.google.com (mail-oa0-f54.google.com [209.85.219.54]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AEE83102 for ; Mon, 10 Mar 2014 12:20:15 +0000 (UTC) Received: by mail-oa0-f54.google.com with SMTP id n16so6951576oag.13 for ; Mon, 10 Mar 2014 05:20:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=qqCDbAYyrXbWwYfjEp0NWREP5lt0CP4ppsq58bA98Wc=; b=RzNz87M/76dDx63woOzyWst/h7jysklcFvE6vyTyWSbFmFy6CjGYXl7URwdTzqfdNc XGBmzeVvC6aYZNQ/Ovo6p0jgUxsJaJoQRnGTKhFLRuD49lUaBZvoR3PCbvp61ijRLWRE X+Et3aPrdy75+eKFbAte6lUr/xXf8CFjYcZduQzP0lD3aeGqVYZVtwTDJo+i1B/aPVCS ReLJzzx5UmoM9tdwxsfI6cJFdjfWByyb3qctMskviOJf8LtibTPAzwx/2ONFGgixlkDL G89DlRyeetqwp1fB4fyEbQDBOSnYHwWrtd/P77lHBTWb8DLJ7eU9VLCnmsV7zsySVTIR kGtA== X-Gm-Message-State: ALoCoQl5Ejr3RMbjU09F0H6W9f7ouTZtNS//vuUfB+CMifvFVTtMylOdDikHCz8GOagDLiyaAxLa MIME-Version: 1.0 X-Received: by 10.182.19.164 with SMTP id g4mr892685obe.58.1394454014830; Mon, 10 Mar 2014 05:20:14 -0700 (PDT) Received: by 10.76.144.136 with HTTP; Mon, 10 Mar 2014 05:20:14 -0700 (PDT) In-Reply-To: <20140310115929.eb304369181268388c84b851@sohara.org> References: <20140310115929.eb304369181268388c84b851@sohara.org> Date: Mon, 10 Mar 2014 13:20:14 +0100 Message-ID: Subject: Re: ACL questions From: "BONNET, Frank" To: "Steve O'Hara-Smith" Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: "freebsd-questions@freebsd.org" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Mar 2014 12:20:16 -0000 Not possible , the user need to have access to all The other solution is to setup a virtual host for each user , but I have 2500 users so it will need a really big server to support 2500 vhosts , anyway maybe has already done this ? Thank you *Frank BONNET* Systemes UNIX et Reseaux ESIEE PARIS 01.45.92.66.17 - 06.70.37.37.69 2014-03-10 12:59 GMT+01:00 Steve O'Hara-Smith : > On Mon, 10 Mar 2014 12:51:50 +0100 > "BONNET, Frank" wrote: > > > Hello > > > > I have ACL question , for internal purpose I need to let some users > access > > to their home directory > > through the WEBDAV protocol with RW access rights.( apache22 ) > > > > Authentication is done with LDAP and works fine > > > > As the webdav processes are owned by the "www" user it cannot access to > > the user's homedir > > > > Is it possible to add an ACL to the users's homedir to give the www user > > RW access to the homedir ? > > > > I KNOW this is a security risk , this is just a test for now on a small > > set of users > > > > Any other solutions welcome :-) > > Would a www writable subdirectory do instead of giving full access > to the home directory. It would be simple and safer. > > -- > Steve O'Hara-Smith >