iTP Secure WebServer System Administrators Guide (Version 7.5+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

251

252

253

254

255

256

257

258

259

260

User

Syntax

User user-name

Description

Use the User directive to specify the OSSuser name that the server is to run under. This directive

is effective only if the server is started as root (super-super). If the server is started as other than

super ID, the server sends a warning message.

The argument user-name must be a valid user name on the system hosting the server. For security

reasons, you should create an account other than super ID specifically for your server to run under.

For more information about creating a user name, see your system administrator or your system

documentation.

Only one User directive is allowed in the configuration file.

Default

None. If you do not set the User directive, the server runs under the user name that starts the

server.

Example

User httpd

NOTE: Only httpd processes are switched by the User directive. Consequently, httpd processes

might encounter a Pathsend error 904 when communicating with the Pathway or generic-CGI

server if the application server's security value is not set correctly. To avoid this problem, be sure

that you configure the Pathway or generic-CGI server to use the appropriate security values. For

information about security values, see “Server” (page 247). For information about Pathsend error

904, see the NonStop TS/MP Pathsend and Server Programming Manual.

UserDir

Syntax

UserDir [-symlink-disable] [-symlink-owner] user-dir

Description

Set the UserDir directive to the name of theuser directory (user-dir) that is to be accessed

whenever a URL begins with a tilde (~). When UserDir is set, any access to aURL beginning with

a tilde (~) is mapped to the specifieddirectory within the indicated local user's home directory.

The options include the following:

-symlink-disable

This option disables symbolic links to files in the specified directory. As a result, the

iTP Secure WebServer returns "not found" in response to any attempt to access a

path that contains a symbolic link.

-symlink-owner

This option is similar in function to the -symlink-disable option: it also disables

symbolic links, but only if these symbolic links are owned by someone other than

the owner of the files to which the symbolic links point.

This directive also has a corresponding Region command, which if found within a region, overrides

this directive. For further information about using the UserDir command in a Region directive,

see “Region Commands” (page 234).

For example, if UserDir is set to hypertext, and a Web client accesses the URL

258 Configuration Directives