[ngw] OT: SLES Apache management advice

Jim Gosney jgosney at genesco.com
Wed Aug 12 15:00:28 UTC 2015


Sorry, these are pure SLES -- no OES involved.  :( 

Get some sleep! 



>>> Mark Currie <MCurrie at laserfast.com.au> 8/12/2015 9:53 AM >>>
If your licensed for OES, install OES and then you could overlay the Apache file structure with an NSS virtual volume, and then use LUM to control logins and ACL's on the server.

Just a theory.. have not tried it..  TO THE LAB! (Well maybe tomorrow - its 1am here - I'm going to bed!)

Mark Currie

-----Original Message-----
From: ngw-bounces+mcurrie=laserfast.com.au at ngwlist.com [mailto:ngw-bounces+mcurrie=laserfast.com.au at ngwlist.com] On Behalf Of Jim Gosney
Sent: Wednesday, 12 August 2015 10:28 PM
To: ngw at ngwlist.com
Subject: [ngw] OT: SLES Apache management advice

We've got a SLES server running Apache and we want to give certain individuals the rights to fully manage the apache part of the server.
Problem is that the ownership of apache seems to be ROOT/ROOT for EVERYTHING,

I've set up SUDO so the user can start and stop the apache server using
/etc/init.d/apache2 script.  And I've given full rights (recursively) to
/etc/apache2 to the user using an ACL.  But I'm wondering if there is an easier/better way to do this.  I'm hesitant to make the user a member of the ROOT group as I don't want to give them too many rights but I also don't want to be nickel and dimeing it where I have to keep giving the explicit rights to other files as they come across the need.

Any advice would be appreciated.


~+~^~+~^~+~^~+~^~+~^~+~^~+~^
Jim Gosney
* Linux System Engineer
* Groupwise System Engineer
* Mobility Server Admin
Genesco, Inc.
Nashville, TN
615-367-7850






CONFIDENTIALITY NOTICE: This e-mail and any attachments are confidential and may also be privileged. No waiver of any legal privilege or proprietary right is intended or shall be deemed to have occurred by the transmission of this e-mail or its contents or attachments to any person other than the originally intended recipient.  If you are not an intended recipient of this e-mail, you are hereby notified that any unauthorized use, dissemination, storage or copying of this e-mail or the information contained in it or attached to it is strictly prohibited. If you have received this e-mail in error, please delete it and immediately notify the sender by telephone. Thank you.
_______________________________________________
ngw mailing list
ngw at ngwlist.com
http://ngwlist.com/mailman/listinfo/ngw




CONFIDENTIALITY NOTICE: This e-mail and any attachments are confidential and may also be privileged. No waiver of any legal privilege or proprietary right is intended or shall be deemed to have occurred by the transmission of this e-mail or its contents or attachments to any person other than the originally intended recipient.  If you are not an intended recipient of this e-mail, you are hereby notified that any unauthorized use, dissemination, storage or copying of this e-mail or the information contained in it or attached to it is strictly prohibited. If you have received this e-mail in error, please delete it and immediately notify the sender by telephone. Thank you. 


More information about the ngw mailing list