Create A Symlink Between Different Users That Targets To PHP
Jul 5, 2009
I’ve been working on a project for weeks and I can not solve this, hope you can give me an idea. I am working on a dedicated server, and I need to create some symlinks between different accounts and users...
Both accounts are on the same partition of the server (home) and I have root access and SSH access for everything.
If I create a symlink to a directory of another account and on that directory there is any HTML file (e.g. Index.html), that symlink works great and it shows the content on that file.
HOWEVER if the symlink targets to a directory in which there is a file in (e.g. Index.php) or any script programmed in PHP (e.g. Joomla) it does not work and gives...
“Internal Server Error” + Additionally, a 404 Not Found error was encountered...
When I go to Cpanel the “error log” says...
[Sun Jul 05 09:15] [error] [client zz] File does not exist: /home/zzz/public_html/ 500 shtml
[Sun Jul 05 09:15] [error] [client zz] SoftException in Application.cpp:367: Mismatch between target UID (123) and UID (123) of file "/home/zzz/public_html/my-dir/my-symlink/ index php"
However, If go to SSH and edit server owner of the symlink, so both symlink and target file has the same owner (chown user:user directory_name) the problem is the same, but on the “error log” the UID Mismatch disappear and I only find...
File does not exist: /home/zzz/public_html/500 shtml
I’ve also tried modifying suexec by changing... “domain . tld ” for “domain - tld ” on the server alias, and does not work.
Here I give you more info about server file structure...
System Linux
Apache Version 2.2.11 (Unix)
PERL Version 5.8.8
PHP Version 5.2.8
So the question is... HOW can I create a symlink between different users on the same dedicated server partition, that target to PHP scripts or how can I allow the server to execute PHP scripts through symlinks of different accounts?
I've tried Google for the following, but not getting many results, so maybe someone could help.
I'm looking to offer users on one of my websites the ability to have their own email account which would be related to the same domain.
Is there an easy way that would require no administration from myself that would allow them to choose a username and password, and then do all the cpanel setup behind the scenes?
I want to create a webpage where users can make a SRV record. I thought this is possible with the Plesk API but i dont have any expierance with the API. How to create it?
I'm trying to create a symlink (ln -s) in SSH with the goal of having a php-file to be able to be reached from my wildcard subdomains "username.domain.com". The reason is because of XMLHttpRequest that resides in the php-file. When trying to access it from username.domain.com I only get an error, because of the cross-domain issue.
Anyway, I got the suggestion of creating a symlink on the file system, but I can't really get the symlink right... Where should I place it on the file system?
This is the path to the script;
Code: /home/web2753/domains/domain.com/public_html/ajax/status.php I tried creating the symlink in various places, like in the /domains/ directory;
Code: ln -s /home/web2753/domains/domain.com/public_html/ajax/status.php But I don't seem to get it right! If I have understood everything correctly, I'm supposed to create a symlink for status.php so the Subdomains can access it as if it was placed directly under the subdomains.
This is what my .JS file looks like (with the XMLhttprequest, this might not matter..?)
Code: var cururl = 'htp domain com'; // this forum didn't like this url?
function createRequestObject() { var req;
if (window.XMLHttpRequest) { req = new XMLHttpRequest(); } else if (window.ActiveXObject) { req = new ActiveXObject("Microsoft.XMLHTTP"); } else { alert('Problem creating the XMLHttpRequest object'); }
return req; }
function handleDivTag(divtag) { var divtag; return divtag; }
var http = createRequestObject(); var divhandler = new handleDivTag(null);
function sendRequest(ua_id,show,series) { http.open('get', cururl+'ajax/status.php?ua_id='+ua_id+'&show='+show+'&series='+series+'&dummy=' + new Date().getTime()); http.onreadystatechange = handleResponseTwo; divhandler.divtag = ua_id; http.send(null); }
function handleResponseTwo() { if (http.readyState == 4 && http.status == 200) { var response = http.responseText; if (response) { document.getElementById('editinfo'+divhandler.divtag).innerHTML = response; } } } Everything works except of the cross-domain issue which I'm trying to overcome by creating a symlink.
A client hacked another client of mine using the following Perl code:
#!/usr/bin/perl
symlink ("/home/john/public_html/config.php","/home/carole/public_html/forums/includes/config.php"); After the hacker got the DB name, username and password it's very easy to change anything in the forum using PHP.
I installed Apache2. In the the folder "var/www/html" I created a symlink to a different HDD that holds a number of movie files. My thinking is that it would be easy to access the movies through a browser from any computer on my local network.
I used the following command string while in the html directory, and created the symlink:
ln -sd /media/guy/movie1/Movies test
While sitting at the server, when I click on "test" it opens the correct directory and exposes the files. If I surf to apache from another machine it does not show the symlink.
Here the permissions on the symlink
lrwxrwxrwx 1 root root 24 May 11 19:56 test -> /media/guy/movie1/Movies
Code: TMPS="/tmp/sim_cj" Line 399, file sim-2.5-3/install/sim
Code: cat $TMPS >> /etc/crontab
If a local user creates a symlink to that file, then writes to the sim_cj file being linked to, as SIM is being installed, they can influence the contents of /etc/crontab.
Contacted the vendor via email on 04/17/07, email bounced. Opened a ticket via their helpdesk ~5 days ago, no response.
Again, this is only an issue during the install, which is an extremely small window of time. Any bug that could lead to root access should be fixed, however.
The upgrade has an error when manage the users database.
PRODUCT, VERSION, VERSION OF MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE OS Microsoft Windows Server 2008 R2 Service Pack 1 x64 Panel version 11.5.30 Update #13, last updated at Sept 1, 2013 03:30 PM
PROBLEM DESCRIPTION In a costumer panel have a one database MSSQL, and assign to this DB 3 users, but the tab option "Users" don't work fot his costumer and show this error:
Error Javascript: TypeError: template is null this.template = template.toString(); in protototype.js 8472831 (lÃÂnea 807)
ACTUAL RESULT Error Javascript: TypeError: template is null this.template = template.toString(); in protototype.js 8472831 (lÃÂnea 807)
EXPECTED RESULT Show users in the tab users for database.
On my server, users can connect to any database as long as they have the database user and password. This makes it easier to hack any database on the server. What I want to do is to make the users can only connect to their own databases and not other's.
I tried changing the localhost ip address but it didn't work ( I assume I didn't do it the right way)
"Create a zend id for your machine." This is apparently for them to create a product key for their software and have to bind to it?!
I have never heard of this and have been unable to locate any information on it.
This is a Centos box with php 5.2.5 installed: Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies with Zend Extension Manager v1.2.2, Copyright (c) 2003-2007, by Zend Technologies with Zend Optimizer v3.3.0, Copyright (c) 1998-2007, by Zend Technologies
I have a few system administrators having full access to the Windows 2003 servers. I fear some of them might be messing up with the server like opening websites on the server or downloading files on the server. I want to create unprivileged users to login to the server so that they can do the basic tasks like reading the log files etc. Can anybody give me the steps for the same?
we have a WHM account... we have different accounts on that...and for each account, there are add-on domains underneath that. (i hope you know what i mean)
and we set it up to use only SFTP to connect to server. no FTP.
after we have set it up that way, it seems that we can only connect to SFTP using 1 user/pass for each account... that is the same user/pass we use for Cpanel of each account.
say, i have Account A... under Account A, i have addon domains: A1.com, A2.com, A3.com... setting SFTP only on that server, all those addon domains of Account A, can only use 1 user/pass to login to SFTP which is the cpanel access also of Account A.
question is.... is this behavior correct??
how can we create a different user for each add-on domain?
with webmin can I use it to add FTP users to say pure ftpd? and does it work with lighttpd? If I'm thinking about it right webmin just allows us to control the service and modify the configuration files right?
I hope this is in the correct section. Secondly, here is my issue that I am hoping someone can help with. I run a fairly successful video streaming site with several thousand members, and several thousand videos. I am trying to determine how many users I have online at any given time. Does anyone know of a piece of software/code out there that can provide me with this information in real time?
Does anyone have an experience with this host? In my search I found several favorable comments. I've been collecting different hosts names to consider from those of you kind enough to post them on your signatures. I'm with A Small Orange and am looking for a backup host, or will change the DNS to the backup if they are better.
Others I am considering are Aspire and Known Host. I'll need a shared plan. My site is anywhere from 350 to 450MB's. I try to get twice the space I need because I can have a spike here and there since clients are always downloading my voice files for their projects.
I will generally have around 1-70 people browsing my forums at one time. I would like to know if 128mb of ram would be good enough for average performance?
My user said he can not view his site from his IP address. His friend from the same ISP also canot access the site.
But i can access from my ISP. So I think probably his IP address has been baned. Therefore, how can I check that? and how can i make his IP range available back?
Does anybody have a working Blurstorm number? I've tried 850-445-6937 which I found on the internet, but no answer.
Long story short. Signed up to host my website. Credit card charged and approved, but I never received a user name/password confirmation. I'm not able to log on to anything. It has been 4 months and they charge my cc every month which I dispute with the cc company. I can't cancel the web account. My next step is to cancel my credit card.
I have emailed 4 times, left messages at the above number, talked with the chat line. No response. This company is a scam.
Number one rule in chosing a host company, always make sure they have a working customer service number (call it and talk with someone).
I have a web server on my dedicated server with several web sites owned by a friend and myself. I am now wanting to setup a gameserver on the same box and will need to give someone I don't know or trust ssh access so that they can kill the gameserver and/or re-execute it as well as modify the configuration files.
We have a small Hosting reseller account at eNom. We have a new customer that moved his website from another hosting company to ours. The website is on a shared IP. Enom also uses a internal IP for internal use associated to the domain.
The problem we have is that AOL users can not see the website. As far as we can tell no other ISP's are having this problem. Everyone can see it except AOL users.
When AOL users go to the site they get "Page can not be found". After several calls to enom support and them triple checking the DNS we still have the problem.
Of course I have tried about 15 different phone numbers to AOL and I get the same automated service that wants an account name or number. Without it they won't let me talk to a real person.
Can anyone offer some suggestions before we loose a new customer?
