FTP public_html folder only???

16 posts / 0 new
Last post
#1 Wed, 02/03/2010 - 08:30
southtucky

FTP public_html folder only???

I've just installed virtualmin/webmin and I must admit I'm impressed!

The only problem I'm having as of now is when creating a new virtual server, I want to restrict FTP access to the virtual server's PUBLIC_HTML FOLDER only. I've tried adding the --Add a website FTP access user-- and this doesn't work. Also under --FTP Directory Restrictions-- I have included the path to the public_html folder and this doesn't work either. I would greatly appreciate any advice.

Thanks.

Wed, 02/03/2010 - 08:40
andreychek

Howdy,

I'm not sure how I'd do exactly what you're after.

The best thing I can think of would be to simply disable FTP for the primary account, and to create a second FTP account for each Virtual Server, that would be restricted to public_html,

In Limits and Validation -> FTP Directory Restrictions, you can set a restriction up for "Users' home directories" (make sure the "Active" checkbox is checked too).

Once you do that -- users would be restricted to whatever their home directory is.

From there, you could could create a new FTP account for the Virtual Server, and then set it's home directory to be the public_html folder.

-Eric

Wed, 02/03/2010 - 08:47
southtucky

I tried adding a new FTP user, and listing website subdirectory as home/account/public_html, but keep getting this error....Failed to save mailbox : Home directory must be an existing directory for website FTP users -- what am I doing wrong? Thanks again!

Wed, 02/03/2010 - 08:51
andreychek

Howdy,

If you go into Mail and FTP Users, and click "Add a website FTP access user", that will actually default to using the public_html folder as the home directory.

You wouldn't actually need to change what the home directory is, you could just go with the default.

I believe you're getting the above error because it's trying to add that path onto the /home/USERNAME/public_html that it's using already.

-Eric

Wed, 02/03/2010 - 09:00
southtucky

OK. I did as you said, but now Filezilla won't connect using the new FTP user. I appreciate your patience.

Wed, 02/03/2010 - 09:03
andreychek

What kind of error are you getting?

Can you log in, but not display any directory contents?

Or does it prevent you from logging in at all?

Also, do you see any errors in the logs in /var/log relating to the issue?

Lastly, which distro are you using?

-Eric

Wed, 02/03/2010 - 09:27
southtucky

I'm using centos 5.4. The only error I'm getting is from file zilla. Nothing in var/log.

--Status: Connecting to 98.................... Response: fzSftp started Command: open "michael@98...................." 22 Command: Pass: ****** Error: Authentication failed. Error: Critical error Error: Could not connect to server Status: Waiting to retry... Status: Delaying connection due to previously failed connection attempt... Status: Connecting to 98....................... Response: fzSftp started Command: open "michael@98....................." 22--

Wed, 02/03/2010 - 11:25
andreychek

Hrm, whenever you attempt to log in via FTP, what entry shows up in /var/log/secure?

Also, do you know what shell the user you're attempting to log in as is using? The user would have to have a supported shell, one of the ones listed in /etc/shells.

A typical FTP user might have the /bin/false shell... and a typical email user might have the /dev/null shell.

The email user isn't expected to ever log into Webmin or FTP, so a shell is chosen for it that would prevent access. However, if you're trying to log in using FTP to a user with /dev/null as a shell, you might get the error you're seeing (and that would likely show up in /var/log/secure).

-Eric

Wed, 02/03/2010 - 11:37
southtucky

I found the problem. I needed to go to Webmin->Users and Groups, click on users and change shell to bin/sh.

Wed, 02/03/2010 - 11:42
andreychek

Do you know what shell it had been?

Typically, you wouldn't need to modify anything in Users and Groups unless a default had been changed somewhere along the way.

That is, when creating an FTP user, it should be using a shell that exists in /etc/shells.

If not, you may want to add the shell in there (or change what shell is used when creating an FTP user).

Glad you got it working though!

-Eric

Tue, 01/04/2011 - 04:39
mcongosto

ok i create a new ftp user, by default is in its own folder. If i login in the ftp and go back to public_html and try to ceate a folder i get a permission denied error. So i go back and try to put public_html in the Subdirectory of server's home field and get this error:

Failed to save mailbox : Home directory /home/xxxxx/public_html already exists

However virtualmin help says:

Home directory

This field can be used to choose a custom home directory for a mailbox user. For example, you may want his home to be under the public_html directory, so that he can easily create web files.

This looks like a bug. Very surprising in such a basic feature.

Tue, 01/04/2011 - 05:00
Locutus

What exactly did you put in the Home Directory field when creating (or editing) the new user? You should not put public_html itself there, otherwise that directory is considered the user's home and will e.g. be deleted alongside with the user if you delete the user.

As the help says, the user home directory should be "automatic", thus creating one under "homes", or a subdirectory of (being "under") public_html.

Tue, 01/04/2011 - 08:20 (Reply to #12)
mcongosto

ok thanks, and how does an FTP user gets write access to publick_html?

Tue, 01/04/2011 - 08:28
andreychek

Are you by chance just trying to create an FTP user who's sole purpose is to publish website information?

If so, you might want to create that user by going into Edit Mail and FTP Users, and select "Add a website FTP access user".

That would add a user who's home directory is public_html, and where the permissions are automatically setup so that they can write to that dir.

-Eric

Tue, 01/04/2011 - 12:07
Locutus

Yepp, Eric is quite right. In that case, the public_html also will not get deleted along with the user, even though it's their home directory. So that's indeed the way to go.

Sun, 10/23/2011 - 10:01
abis

i was just start to play with virtualmin and i must to say is a very nice control panel.

Ok, i was start to use it on CentOS 6.0, after the user was created (test), i go it to System -> Administration -> Users and Groups there i was change the Home Directory from /home/test to /home/test/public_html

seems to work...

Topic locked