Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Synchronizing public web server and samba

From: Paul Robertson <proberts () patriot net>
Date: Thu, 29 Aug 2002 11:49:35 -0400 (EDT)
On Thu, 29 Aug 2002, John McDermott wrote:


I have what cannot be too unusual a situation, but I cannot seem to find 
the "best" solution.  I have an internal network behind a firewall and 
on that network is a Samba server acting as a PDC for a group of 
workstations. In a classic DMZ outside the firewall behind the router is 
a web server.  The users on the Samba server waant to have individual 
areas on the www server to post content.  I can do the Apache work no 
problem.
What I want is to make it as easy for them to publish as possible, while 
minimizing the administration and trying to have good security as this 
is a school.
I've considered scp and ssh, but that requires duplicating the accounts 
and quotas on the web server.  That's doable, but hard to automate, 


It's not that difficult- rsync over SSH for the Web directory is the usual 
method- I'd probably clean out symlinks, hard links, and files that start 
with a dot before copying them though, or sync to a non-Web directory, 
clean then move files over.


AFAIK.  If the web server were 100% for internal use, I'd just automount 
the student directories and share out each one's http-public or 
whatever. The problem is that I don't necessarily trust file sharing 
through a fw.

Any ideas?


Give them each a public_html directory on the SAMBA server, and rsync 
those over SSH from an account that has access on the Web server to their 
content directories that Apache is configured to serve up.  

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: