你可以从$ remote_user中检查用户组吗?
location ~ ^/dav/(.*)$ { alias /home/$remote_user/$1; auth_pam "Restricted"; auth_pam_service_name "nginx"; dav_methods PUT DELETE MKCOL COPY MOVE; dav_access group:rw all:r; create_full_put_path on; } location ~ ^/home/(.*)$ { alias /home/$1; #check the group of the $remote_user; } curl -T test.txt'http :// gert:[email protected]/dav/ '
curl'http:// friend:[email protected]/home/gert/test.txt '
/usr/local/nginx/conf/nginx.conf
location / { auth_pam "Restricted"; auth_pam_service_name "nginx"; } location ~ ^/dav/(.*)$ { alias /home/$remote_user/$1; dav_methods PUT DELETE MKCOL COPY MOVE; dav_access group:rw all:r; create_full_put_path on; } location ~ ^/home/(.*)$ { alias /home/$1; }
/etc/pam.d/nginx
auth required pam_listfile.so onerr=fail item=group sense=allow file=/usr/local/nginx/conf/nginx.group auth required pam_unix.so account required pam_unix.so
/usr/local/nginx/conf/nginx.group
home
curl -T test.txt'http :// gert:[email protected]/dav/ '
curl'http:// friend:[email protected]/home/gert/test.txt '