1

I have a perl server which needs the ability to read user's files and data, and write to them. The users are authenticated via LDAP, so I can verify passwords and learn their home directory.

From here I need some way for this webserver (running as www-data) to access their files. I've thought about running every command through su/sudo but that's really not optimal when I just need to open/write/close/glob files in their home directories.

Is there standard practice for this? I haven't been able to turn up anything so far.

Notes

  • I want the files in their home directory, as the users will be SSHing in and running other commands on them that won't be available via the web
  • The web connection is made over HTTPS of course.

Related

Community
  • 1
  • 1
EricR
  • 1,487
  • 2
  • 21
  • 42
  • 2
    I would write actions to database or file and use root crontab job to do actual changes on user files. – mpapec Jun 14 '13 at 17:40
  • Interesting. That's certainly one solution but we're looking for more real-time interaction than that. We will have user credentials passed to us, it seems strange that it wouldn't be possible to impersonate a user for the purposes of these interactions. – EricR Jun 14 '13 at 19:30

2 Answers2

2

Are you running Apache? This sounds like a job for WebDAV.

The trouble is that your web server is running as www-data. By design, it won't be able to change the owner of any file. Some other privileged process will need to change ownership on the webserver's behalf.

You could write a minimal set UID script to handle changing the ownership of files and deleting them, but this path is fraught with peril (especially if you've never written a setUID program before.)

Rob Flickenger
  • 551
  • 5
  • 6
  • Yes, I have used setUID before, but never for anything so benign :P. That may indeed be the best solution. I had wanted to avoid that if it was at all an option but now that you've mentioned it, it may be the best option. I haven't used webDAV outside of dav2fs on linux, could you elaborate on how that solution to my problem might work? – EricR Jun 14 '13 at 19:56
2

You might want to reconsider your architecture. This sounds like a job for virtual hosts in an ISP-like configuration.

First, read "Dynamically configured mass virtual hosting" page in the Apache VirtualHost documentation. Then read about how to run each virtual host as a different user

Under this approach you would have a vhost for each user running as $user.example.com; when Apache forks off a worker for the vhost, the fork runs suid as the appropriate user. Then you set up docroot and scriptalias for the vhost which point to the site code.

Long story short, it's probably better to use Apache's (well-tested and well-documented) features for managing user identity than it is to do it in Perl or whip up your own suid wrapper. It's notoriously difficult to get it right.

Professor Photon
  • 132
  • 3
  • Well, that's a very interesting solution. Thank you! Marking this as the answer since it solves the problem as described, though I'm not sure I'm going to implement this for a few reasons outside of my control. Agreed, I'd really rather have someone else's code handle this sort of thing and suid and my own perl. – EricR Aug 16 '13 at 14:38