Erik Norgaard wrote:
>> How can i do this? I am trying but im getting permission denied...while
>> trying to create a file...
> NFS is insecure (No File Security) since there is no authentication. You
> get access with the user id of your current user.
I didn't want to touch the security problems with this as I assumed that
the original poster knows about them. Just the same I'm assuming that
webserver:/etc/exports has a line like:
/usr/local/www/data/mysite -maproot=nobody:nogroup 192.168.233.17
which would tighten down the mount to just the one machine. As a
developer, without even looking at security I think that direct access
to the webroot tree is a bad idea. However I'm giving the original
poster the benefit of the doubt. Perhaps he's just trying to learn HTML
> One security measure is implemented though: root user on client is
> treated as nobody on the server. There is an option you can add to the
> exports file (forgot which), to override this see the exports manpage.
>> Also if you have a different solution for updating the site..they are
> Unless you have problems with diskspace, why not just use rsync? Do it
> manually and you get time to correct blunders before they become public,
> or do it as a cronjob.
*** cvs ***
When I work on a website I tend to start with the site directory in cvs
to protect me from the damage caused by fat fingers. I'm an old C
programmer and CVS and Make are tools that I'm used to so I usually add
a really simple make file to the web tree...
***** Typical Makefile for web project *****
-- cut from here --
cvs -PAd .
MYWEBUSER = www
MYHOST = webserver.example.com
MYWEBROOT = /usr/local/www/data/webserver.example.com/
rsync -auv ./ $(MYWEBUSER)@$(MYHOST):$(MYWEBROOT)
-- to here --
$ make update
on the webserver from within the webtree will refresh the site from the
latest copy in CVS. In my opinion this is the best way because with a
little CVS knowledge you can back out any mistakes. This is also nice
since it only depends on the ability for both your development machine
and webserver to be able to reach the cvs server. A final nicety is that
there are CVS clients for FreeBSD, Windows, and Mac OS X. On the
downside you do have to setup a cvs server.
Add a little magic with ssh-keygen and the command:
$ make publish
will push the current state of the web project, N.B. whatever it may be,
onto the webserver. This is a lower overhead way of publishing that has
the danger of no fallback position in case something is screwed up.
Honestly I think that the publish tag is better used for testing than
production but not every is willing to go to the overhead of using
revision control (CVS, SVN, what have you) on this stuff.
__o "All I was doing was trying to get home from work."
_`\<,_ -Rosa Parks
Christopher Sean Hilton <chris | at | vindaloo.com>
pgp key: D0957A2D/f5 30 0a e1 55 76 9b 1f 47 0b 07 e9 75 0e 14