This is an old revision of the document!
First make sure to set quotas
Second, make sure to change file permissions for
/home/username
We symlinked /htdocs inside each user's home folder to /var/www/htdocs/<username>
We installed
Inside /etc/httpd.conf:
location "/~username/*" {
root "/htdocs/username"
request strip 1
}
Packages installed:
curl-7.66.0 get files from FTP, Gopher, HTTP or HTTPS servers intel-firmware-20191115v0 microcode update binaries for Intel CPUs irssi-1.2.2 modular IRC client with many features mutt-1.12.2v3-sasl tty-based e-mail client nvi-2.1.3p2 ex/vi text editor with wide character support php-7.3.12 server-side HTML-embedded scripting language python-2.7.16p1 interpreted object-oriented programming language python-3.7.4 interpreted object-oriented programming language quirks-3.182 exceptions to pkg_add rules vim-8.1.2061-no_x11 vi clone, many additional features
Seems like there is no way to hide processes from users:
http://openbsd-archive.7691.n7.nabble.com/KERNEL-PATCH-add-process-hiding-fixed-td309339.html
# chmod 750 /var/www/logs/ # chmod 640 /var/www/logs/* # chmod 750 /var/log # chmod o-rx /var/log/*
to turn accounting on.. only users love making use of it too
add login.conf rules
For each new user:
# adduser
# chmod 700 /home/username /home/username/.ssh
# chmod 600 /home/username/{.Xdefaults,.cshrc,.cvsrc,.login,.mailrc,.profile}
# mkdir /var/www/htdocs/username
# ln -s /var/www/htdocs/username /home/username/htdocs
# chown username:username /var/www/htdocs/username /home/username/htdocs