README for rac (Restricted Apache Config)
rac is a system for shared hosting environments that allows individual users to configure their virtual host configs for apache more or less freely, and to reload apache in a controlled fashion when doing changes, while maintaining security of the overall system.
rac consists of two parts:
The client (racc) allows hosting users to check and/or install virtual host configurations, and to reload apache when needed.
The daemon (racd) runs as the root user, and listens on a Unix socket for requests from hosting users made via racc.
For maintaining security, vhost configurations are checked against a set of policies freely configurable in racd. Also, to maintain the stability of the web server, reloading the apache config is only allowed once for a configurable amount of time.
racd and racc read a configuration file, usually /etc/rac.conf.py, that specifies, among others,
- the location of the Unix socket for communication
- the directory name containing users' vhost files
- the apache server directories
- the minimum time between reloads
- the vhost configuration policies
rac is written and maintained by Georg Brandl.