wrongly created a user that screwed webmin or virtual min file permissions with apache

2 posts / 0 new
Last post
#1 Tue, 05/06/2014 - 10:34
grandinitc

wrongly created a user that screwed webmin or virtual min file permissions with apache

Hi all,

Thanks for reading this. I did something that messed up our webmin/virtualmin server. I know it has to do with file-permissions somehow, i just don't know how to fix it the Webmin/Virtualmin way. So any help is apreciated!

We are basically moving away from Webmin/Virtualmin to migrate into a standard apache/*nix setup but withot the webmin/virtualmin GUI.

To do so we created a "superuser" that we were going to use to download all our files hosted in the /home folder (where the virtualservers are hosted etc).

We did so by clicking Webmin->System->Users and groups -> create a new user.

typed the username and password, changed the home directory to /home. added it to the secondary group "adm".

Now to the messy part, what we forgot was these settings at the bottom....

Create home directory? Yes No Copy template files to home directory? Yes No Create user in other modules? Yes No

Which by default was YES! so by mistake they screwed with permissions in the /home folder, and of course created the shell (bin/sh).

This new user was created in the group "users" and secondary "adm", but the owner of /home was of course now this new user and the group "users". Whereas /home/subfolders had their file-permissions intact.

Problem is, validation fucntion within Webmin says everything is OK and yet no web-pages works giving a 403-forbidden message. I know it HAS to do with how we created this user and not something else.

Problem is, i can't find any decent documentation of how to reverse it. So any suggestions? (if this would not have been with webmin/virtualmin i have a fairly good idea how to fix this but i just don't know how to fix whatever happened and whatever scripts ran in the background that messed with the permissions)

Thanks!

This is how EVERY single virtual--server responds after that user was created.

"Forbidden

You don't have permission to access / on this server. Apache/2.2.9 (Debian) DAV/2 SVN/1.5.1 PHP/5.2.6-1+lenny9 with Suhosin-Patch mod_ruby/1.2.6 Ruby/1.8.7(2008-08-11) mod_ssl/2.2.9 OpenSSL/0.9.8g Server at ..*** Port 80"

Tue, 05/06/2014 - 12:36
andreychek

Howdy,

Well, none of those options should break all your current sites.

I'm wondering if maybe another domain in Apache is superseding your current domains.

When receiving that Forbidden error, do you see a corresponding entry in $HOME/logs/access_log? Or aren't there any messages in that log?

-Eric