Granting access to your HTML documents

The final step involving your Web page is to make it accessible to "the world". In other words, your Web page must reside in a place where others can access it to read your information, but not be able to change or delete this information. This next section covers placing information online in your Unity home file space. There are other ways to place information online if you are doing work for your department or administrative unit on campus.

Questions about placing information online should be directed to a consultant at 515-3035 or send e-mail to help@ncsu.edu.

Sections covered in this tutorial:

Changing the access permissions

 Because your Unity/Eos account allows only you, the owner, to look at and read the files inside it, you must specifically grant the rest of the world access to your files in order to publish your HTML documents.

To give the world access to only your HTML files, you'll do several things:

  1. Grant 'lookup' permissions to your home directory.
  2. Create a new directory called 'www'.
  3. Change directories to your 'www' directory
  4. Grant 'lookup' and 'read' permissions to your new 'www' directory.
  5. Move all HTML files you want public into your 'www' directory.
Below are step by step instructions on how to do these things.

  1. Grant 'lookup' permissions to your home directory

    First, you're going to alter the AFS file permissions for your home directory so that "system:anyuser" (which is everyone in the world) has "l" (which means "lookup") access. Think of your directories as a series of boxes inside each other. Before someone can 'lookup' and 'read' what's in the 'www' box, they have to be able to 'lookup' what's in your 'home directory' box first. Be aware that when you grant system:anyuser 'lookup' access to your home directory, anyone will be able to see the file and directory names in your home directory. They won't be able to read the files or move into subdirectories, just see the names.

    Here is the syntax for the fs command:

         fs sa directory [access list entries]
    And here is what you should type:

         cd
     fs sa . system:anyuser l
    Explanation: The cd command simply makes sure you're in your home directory. The fs stands for "file system" while the sa stands for "set access." The period means the current directory (the one you're in). The moniker system:anyuser means any person, and the l means that anyone can 'lookup' file and directory names.

    If you would like to limit access to users within the NCSU computing realm, you can grant "rl" access to system:authuser. If you use this user name, only people with Unity/Eos computing accounts at NCSU will have read/lookup access to your document.

  2. Create a new directory called 'www'

    Second, create a directory called 'www'. All your HTML documents which you want to let others view will reside in this directory. The name of the directory will be a continual reminder that anyone can read what's inside.

    To create the 'www' directory type the commands

         cd
     mkdir www

    Explanation: The cd command simply makes sure you're in your home directory. The mkdir command actually creates the subdirectory.

  3. Move into your 'www' directory

    Now move into the 'www' directory by typing the command

         cd www

  4. Grant 'lookup' and 'read' permissions to your new 'www' directory

    Once inside the www directory, you're ready to change its permissions to grant system:anyuser 'read' access.

    Here is what you should type:

         fs sa . system:anyuser rl
    Important: never give system:anyuser any more rights than 'read' or 'lookup'.

  5. Move all HTML files you want public into your 'www' directory

    Use the mv command (move) to move your HTML files into the 'www' directory. The synax for the move command is:

         mv [what] [where]
    For example, to move the file first.html from your home directory to the subdirectory www, you'd type

         mv test.html www
    Warning: if the destination directory doesn't exist (in this case the directory would be www), the mv command will rename the file as the directory.

Your new URL

 The URL (address) for your page will follow the convention

http://www4.ncsu.edu/system/directory_path/filename
All "users" are on the www4 server. To figure out what the system and directory_path are, do the following:

  1. Using the cd command, change to the directory that holds your page.

  2. Type pwd at the prompt. This command will show you the full path to your document. For example, if you are on the Unity system, you might see a path name that looks something like this:

         /afs/unity.ncsu.edu/users/s/smitty/www/

    (Instead of unity.ncsu.edu, you might see another system (such as eos.ncsu.edu), depending on where your home file space is.)

  3. To figure out your URL, replace system with the name of the system you're using. For instance, if the first part of the path is /afs/unity.ncsu.edu/ you're on the unity system and would substitute unity for system.

    So far your URL looks like: 

         http://www4.ncsu.edu/unity/
    Now use the rest of the path (everything after the unity.ncsu.edu part) as it appears. Using the path above, the URL would be:

         http://www4.ncsu.edu/unity/users/s/smitty/www/

  4. Now all that's missing is the filename of the page. Put the filename at the end of the URL. The full URL of the example would be:

http://www4.ncsu.edu/unity/users/s/smitty/www/homepage.html
Note: You can use this method to figure out the URL of a document in a locker EXCEPT lockers will be on www2 rather than www4 (they are on different servers). Naturally, the locker must have the correct permissions set.

For example, to link to a document in a locker you'd use 

http://www2.ncsu.edu/unity/lockers/users/s/smitty/file.html

Shorter URL for NCSU student and faculty personal pages

The WWW4.NCSU.EDU server (the one with student and faculty personal pages) can now deliver URLs that use the ~userid/path construction, thus making them shorter and easier to type. For example, if your personal web pages are stored in a subdirectory named "www". The tilde-style URL would be

http://www4.ncsu.edu/~userID/file.html

Listing access rights

 To list the access rights for a directory, move to that directory and type the command:

fs la .

You should see something like this:

[rmnixon]...>fs la .
Access list for . is
Normal rights:
  system:administrators rlidwka
  system:anyuser l
  rmnixon rlidwka
  jehrlich rl

Explanation: the fs part stands for "file system," the la stands for "list access," and the period stands for the current directory.

If you see something else, such as a user you don't know, you might consider contacting a Computing Services consultant at 515-3035.

Removing access rights

 To remove someone from the access list, simply set their access to "none." For example, to remove access rights for user jehrlich, user rmnixon would type:

fs sa . jehrlich none

Directory inheritance

 Setting your home directory to allow system:anyuser 'lookup' access creates a slight problem. Anytime you create a new subdirectory in your home directory, the new directory will inherit the access permissions of the home directory.

Since your home directory has 'lookup' permissions for system:anyuser, the new subdirectory will automatically have the same rights. Be sure to remove system:anyuser rights on new directories if you don't want people looking at the file and directory list.

Return to Table of Contents