domain_create_post.sh --- session.save_path under user directories

[markus]

Hi!

I need help on setting correct chown/chmod settings for the PHP session.save_path created under the user directories.

Goal is to allow Apache to read/write sessions files, allow the domain user read access, but deny read/write access to other domain users.

I have created the following file under /usr/local/directadmin/scripts/custom

#!/bin/sh

# domain_create_post.sh - Runs AFTER a domain is created

#
# Create the PHP session.save_path under the user/domain directory.
#

mkdir /home/${username}/domains/${domain}/sessions

I have also added the following line to the files virtual_host_sub.conf and virtual_host_secure_sub.conf under /usr/local/directadmin/data/templates:

php_admin_value session.save_path '/home/|USER|/domains/|DOMAIN|/sessions'

So that new domains now have their own PHP sessions directory.

It works, but as you probably have already noticed, I get an error as soon as PHP sessions are started. It fails because I need to chown and/or chmod the session dir correctly. I know how the commands work, but I don't know the correct settings.

Can anyone give me a hand here. I do not know much about *nix.

TIA

 

[markus]

Hi!

I have tried several things. The last one being:

# owner: apache
# group: username
chown ${username}:apache /home/${username}/domains/${domain}/sessions

# chmod 750
chmod -R o= /home/${username}/domains/${domain}/sessions

And it seems to work, however I'm not sure if it's a correct security setting.

 

[markus]

Please, can anyone confirm if my chown/chmod are correct?

I do not have much experience with Unix/linux. Any feedback would be much appreciated.

 

[markus]

Well, I get confirmation from my own VPS provider.

I posted it in the form of a How-To here:
http://www.tektonic.net/forum/index.php/topic,56.0.html

I hope that helps someone else.


Cheers