Additional FTP User with proper rights

4 posts / 0 new
Last post
#1 Tue, 06/30/2015 - 14:50
Joshko

Additional FTP User with proper rights

Greetings,

I am maintaining a virtualmin installation with a couple of websites. One of our marketeers needs FTP access to one of the websites. I refused to give out the main users credentials, so I created an additional Website FTP user. login works, but reportedly the user is not able to change or overwrite files, which he should.

Is there anything I have missed?

Regards Johannes

Tue, 06/30/2015 - 15:07
Diabolico
Diabolico's picture

File ownership is probable cause. One user cant modify files of other user what if you think make full sense. Now root can do everything so you can always edit whatever you need and you should give him FTP details from virtual server admin. But before that check if all files/folders inside virtual server folder have that admin as owner and group. For example if you manged all files until now as root probably some files will have root as owner and prevent to be edited by anyone else aside you, e.g. root user. There is no reason to prevent your client to have admin login to his virtual server.

If you are "afraid" that he could do something wrong in Virtualmin then spend few minutes and see what options you will turn on or off for specific admin. But watch out what functions you must keep, for example MySQL because without access his site could stop working.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Tue, 06/30/2015 - 16:27
Joshko

Yes, it´s a file ownership issue, but I was assuming if I add another user for that site, they belong to the same group and should be able to alter their files. I have never worked with root, always with the corresponding admin user for these webs. I have checked, ownership is always this particular user. I also checked, and for my understanding this new user is a member of the same group as the website admin is. additionally, it is a member of www-data (i am running on Ubuntu).

Any advice?

Thanks Johannes

Tue, 06/30/2015 - 20:20
Diabolico
Diabolico's picture

Well to start you should read and try to understand how permissions works. To make it short give permission for the group to write. In case your client must/want to create a new file then the folder where this new file will be created must have write permission for him or his group.

Usually when you install some software (like Wordpress) or copy new files they will be set as "-rw-r--r--" or "-rwxr--r--" that means read/write (optional execute) for the owner and read for the rest. You must change that to "-rw-rw-r--" or read/write for the owner and group, read for others.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.