RHEL7: Configure Apache group-managed content.

Share this link

Note: This is an RHCE 7 exam objective.


First, follow the instructions to install an Apache web server.

Note: Don’t forget to install the httpd-manual package. This could help you a lot with any syntax issue.

Main Configuration

To allow only a group of users (here nikos and steve from the team) to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:

<Directory "/var/www/html/private">
AuthType Basic
AuthName "Password protected area"
AuthGroupFile /etc/httpd/conf/team
AuthUserFile /etc/httpd/conf/passwd
Require group team

Check the configuration file:

# apachectl configtest
Syntax OK

Create the /var/www/html/private directory and assign the correct SELinux context:

# mkdir -p /var/www/html/private
# restorecon -R /var/www/html/private

Create the /etc/httpd/conf/team file and paste the following line:

team: nikos steve

Create the /etc/httpd/conf/passwd file, add the nikos and steve accounts with their own passwords:

# htpasswd -c /etc/httpd/conf/passwd nikos
New password: nikos
Re-type new password: nikos
Adding password for user nikos
# htpasswd /etc/httpd/conf/passwd steve
New password: steve
Re-type new password: steve
Adding password for user steve

Restart the httpd service:

# systemctl restart httpd

Configuration Check

To check the configuration, type:

# yum install -y elinks
# elinks http://localhost/private/
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
11 comments on “RHEL7: Configure Apache group-managed content.
  1. chamambom says:

    @certdepot, thanks for such an awesome blog for Redhat preparation. I will be taking my exam soon and have one grey area with regard to these 2 objectives :

    – configure access restrictions on directories
    – configure group-managed content

    Correct me if I am wrong but this is how I am understanding them:

    Configure group-managed content——this one seems to be similar to setting up group authing using this config below just like how you explained it

    AuthGroupFile /etc/httpd/conf/team

    It also overlaps with this objective Configure access restrictions on directories

    on the group managed content, I have seen others doing the same configurations we do when setting up samba or nfs group collaborations

    using the chmod 2770 and chmod g+t

    I am against the chmod 2770 as the objectives seem to be in relation to access via apache not via the filesytem but I might be wrong.

    • CertDepot says:

      I think you are correct.

    • Lisenet says:

      Configure group-managed content – this is chmod 2770 (content that is managed by a group).

      Configure access restrictions on directories – this is AuthGroupFile /etc/httpd/conf/team.

      • chamambom says:

        @Lisenet, the reason why I am saying that is because htpasswd users don’t exist in the file system and the group also doesn’t exist in the filesystem [and by filesystem I mean via useradd command] … so what group would you create the users for since the auth userfile and the authgroup file have users and groups that don’t exist in /etc/passwd or group?

        • Lisenet says:

          It’s very simple, therefore I’m a bit puzzled on what you don’t understand with these objectives. Group managed content is for web developers to upload files to a webserver. We do that in production all the time, configure chmod 2770 so that devs can push changes to webroots.

          Access restrictions on directories are purely for web users to require login to be able to see content. These users don’t need nor don’t have to have Linux accounts. An example would be a WordPress login page which you want to configure restrictions on.

          • chamambom says:

            I understand them perfectly, only they seem intertwined…and as you can see @lisenet , on this post it only validates what I have been saying and while what you are saying is true ….I guess I’ll have to take the RHCE and try to read between the lines on that kind of question.

          • Lisenet says:

            This post has a misleading headline – it covers access restrictions on directories, but the title says “Configure Apache group-managed content”. This is not correct.

            By adding Apache users to the group file (AuthGroupFile) does not grant any management permissions for content, it only allows access on directories.

            There is no reading between the lines, the fact that the post has an incorrect headline doesn’t validate your statement 🙂

            CertDepot, can you fix the headline please?

          • CertDepot says:

            I understand you concern. However, can you let me what you want to change?
            The content of the tutorial or the title of the tutorial?

          • Lisenet says:

            I think that changing the title of the tutorial is sufficient.

          • CertDepot says:

            What are you proposing for the title?

          • chamambom says:

            @Lisenet ,yes group managed content is how you are explaining it ,but i guess a lot of people like me are confusing it with the apache group restricted access.I am just glad that the exams are usually explicit about what they want you to do ….. so yes ,the way you explain it is the same way that works for samba ,nfs collaborative shares .

Leave a Reply

Upcoming Events (Local Time)

There are no events.

RHCSA7: Task of the day

Allowed time: 10 minutes.
Create two new user accounts "steve" and "oliver".
Create a group "team". Create a directory "shared".
All files put into the "shared" directory by "steve" or "oliver" should belong to the "team" group and be only visible by them.

RHCE7: Task of the day

Allowed time: 10 minutes.
Set up a caching-only DNS server.

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...