Creating and setting AFS permissions on your public_html directory
In order to serve your pages, the Web server must have at least read
permissions on your public_html
directory and at least lookup
permissions on your home directory. By default, home directories are created with appropriate
permissions for read-only access, and the public_html
directory will
inherit those defaults, but if you change the permissions on either,
here are the minimum requirements:
- If you need to keep some of the data in your site private using
.htaccess files or other Web-server access control, you need to
change the permissions on the
~/public_html
directory, or the subdirectory of~/public_html
where those files are located, using the following command:fs setacl DIRECTORY-TO-PROTECT system:anyuser none www read
- If you want to restrict access to the data to authenticated CSAIL
users (which includes the Web server) you can instead use:
fs setacl DIRECTORY-TO-PROTECT system:anyuser none system:authuser read
For other information about permissions in AFS, see our AFS Intro or the more detailed OpenAFS site.