View previous topic :: View next topic |
Author |
Message |
turtles Veteran
Joined: 31 Dec 2004 Posts: 1658
|
Posted: Sat Apr 15, 2017 1:56 am Post subject: Apache log files for public_html |
|
|
I am setting up a user account on a Gentoo server to do some testing of a web application.
the user does not have root access, and will be running the applications from ${home}/public_html
I got the .htaccess and the web app working but how can I give him his own apache error.log? _________________ Donate to Gentoo |
|
Back to top |
|
|
sebaro Veteran
Joined: 03 Jul 2006 Posts: 1141 Location: Romania
|
|
Back to top |
|
|
turtles Veteran
Joined: 31 Dec 2004 Posts: 1658
|
Posted: Sat Apr 15, 2017 5:31 pm Post subject: |
|
|
Thanks sebaro, if I add that the the users .htaccess file
Apache barfs and says Quote: | /home/chris/public_html/.htaccess: ErrorLog not allowed here |
I think I need to do some kind of system wide setting?
EDIT I tried a few more things:
Quote: | /home/chris/public_html/.htaccess: Directory not allowed here |
This is my my 00_vhost.conf
Code: |
<Directory /home/*/public_html>
#AllowOverride All
AllowOverride FileInfo Indexes Authconfig
Options Indexes FollowSymLinks MultiViews
</Directory>
|
_________________ Donate to Gentoo |
|
Back to top |
|
|
sebaro Veteran
Joined: 03 Jul 2006 Posts: 1141 Location: Romania
|
Posted: Sat Apr 15, 2017 7:14 pm Post subject: |
|
|
http://httpd.apache.org/docs/current/mod/core.html#errorlog
Quote: | Context: server config, virtual host |
Directives that can be added in the htaccess file must have the ". htaccess" context, ErrorLog doesn't have it.
So you have to put ErrorLog directive in the apache virtual host config file, not in the <Directory> directive. |
|
Back to top |
|
|
turtles Veteran
Joined: 31 Dec 2004 Posts: 1658
|
Posted: Sat Apr 15, 2017 7:33 pm Post subject: |
|
|
sebaro wrote: | http://httpd.apache.org/docs/current/mod/core.html#errorlog
Quote: | Context: server config, virtual host |
Directives that can be added in the htaccess file must have the ". htaccess" context, ErrorLog doesn't have it.
So you have to put ErrorLog directive in the apache virtual host config file, not in the <Directory> directive. |
I see Yeah I am struggling with the apache docs I see now the "Context"
My goal is for each persons home directory to contain a .apache_error.log
So thats back to what I tried first
Code: | <Directory /home/*/public_html>
Options Indexes FollowSymLinks MultiViews
#AllowOverride FileInfo Indexes Authconfig
#AllowOverride All Options
AllowOverride All
Require all granted
#ErrorLog "/home/*/.apache_error_log"
</Directory> |
EDIT getting closer:
I believe the %1 will use the home dire name:
Code: | <Directory /home/*/public_html>
Options Indexes FollowSymLinks MultiViews
#AllowOverride FileInfo Indexes Authconfig
#AllowOverride All Options
AllowOverride All
Require all granted
ErrorLog "/home/%1/.apache_error_log"
</Directory> |
this does not throw a syntax error but says its not allowed here _________________ Donate to Gentoo |
|
Back to top |
|
|
sebaro Veteran
Joined: 03 Jul 2006 Posts: 1141 Location: Romania
|
Posted: Sat Apr 15, 2017 7:59 pm Post subject: |
|
|
Directory is not in ErrorLog's Context list, so you can't use it there. You have to put it outside.
To get what you want you have to use a script instead of file, the script will append to the log for each user.
Code: | ErrorLog "|/path/to/script" |
|
|
Back to top |
|
|
turtles Veteran
Joined: 31 Dec 2004 Posts: 1658
|
Posted: Sat Apr 15, 2017 8:25 pm Post subject: |
|
|
sebaro wrote: | Directory is not in ErrorLog's Context list, so you can't use it there. You have to put it outside.
To get what you want you have to use a script instead of file, the script will append to the log for each user.
Code: | ErrorLog "|/path/to/script" |
|
That's getting complex and I imagine I would slow down the server to call bash every time?
I was just playing around with
Code: | SetEnvIf Request_URI "^/~([^/]+)/.*$" username=$1
CustomLog /home/${username}/.apache2.log combined |
Or perhaps the 'adm' group could be used to give users read permission.
EDIT: I am testing out
Code: | chgrp -R adm /var/log/apache2/ |
Then adding users to that group that have a reason the view the log files.
The potential security issue is that all users can view the entire log. _________________ Donate to Gentoo |
|
Back to top |
|
|
sebaro Veteran
Joined: 03 Jul 2006 Posts: 1141 Location: Romania
|
Posted: Sun Apr 16, 2017 6:58 am Post subject: |
|
|
Try this:
https://serverfault.com/questions/441421/per-user-vhost-logging
Create two scripts like in the page, one for requests (CustomLog), one for errors (ErrorLog):
Code: |
CustomLog "|/path/to/apache-requests-logger"
ErrorLog "|/path/to/apache-errors-logger"
|
Or use the group solution or you can put the logs in a user readable directory (eg: /opt). |
|
Back to top |
|
|
|