Hi, I has 1 client which kann make his own clients, its a kind of reseller. Now when i create for a user an ftp account, which is a customer from him, the correct user syntax like ftp[CLIENTID]_# was set. But when he made an ftp coount the CLIENTID from the him was picked. It works correctly when i set the flag admin, but then he can show all webs. Please, i need urgently help for this problem. THX, Dominik
try this You need choose a client from combobox. If you need a reseller you need create reseller acount not end user account to reseller.
not a solution Sorry i has try every workflow. A post at this forum say i must insert in "Client > Limit > Max. number of Clients greater 0. The Client/Reseller can create clients but no correct FTP oder SSH accounts. If the admin or the client create a account and the reseller like to edit this account - the client has lost his password - the field Username was shown ftp[CLIENTID]_[ftp20_01]. 20 was the Client ID, the customer has create this account self. Now the reseller set an new password an the account was show with the Username ftp5_ftp20_01. I think its a Bug or i musst sleep longer. GN an THX for your help
Possible BUG. Im using [CLIENTNAME]_ for all and and c[CLIENTID]_ only for database username because mysql user limitations on 16 chars. It´s appers bug report it on http://bugtracker.ispconfig.org/ send-me a link back to bug. i will folow it. I need make testing enviroment to reproduce this error. actually im using ispconfig 3 on prodution enviroment, and not allows user use site features only mail accounts.
One side note to moglia: Do not use underscores in mysql users or prefixes, underscores are interpreted as wildcard by mysql. Regarding the other issue: Post it to the bugtracker and we will try to reproduce it. But I did not see that yet.
Works normal to me. mysql> select user from user; +------------------+ | user | +------------------+ | root | | root | | c1_educom | | c3_site | | debian-sys-maint | | intwmail | | ispconfig | | root | +------------------+ 8 rows in set (0.00 sec) Including console operations: #mysql -uc1_educom -pPASS interatia_educom mysql> show tables; +-----------------------------+ | Tables_in_interatia_educom | +-----------------------------+ | educom_aprendizagem_objetos | | educom_aula_questoes | | educom_aulas | | educom_cursos | | educom_disciplinas | | educom_enquetes | | educom_grupos | | educom_likert_itens | | educom_pessoas | | educom_questao_opcoes | | educom_questao_tipos | | educom_questoes | | educom_respostas | | educom_respostas_enquetes | | educom_tipos_objetos | +-----------------------------+ 15 rows in set (0.00 sec) mysql> \q Bye
Sure, it seems to work at the beginning. But as soon as you have a user e.g. like uc10_.... or uc100_, then the user uc1_educom has access to all of the databases of the uc1* users. Take a look at the mysql documentation, the problem is described there. http://lists.mysql.com/mysql/186085
Thank Till and Moglia for your help. The problem with the mysql _user is solved. I will try to fix it self in my DEV Enviroment. Till please can you tell me which files i have to edit for fix. I think i lock the Field on "Edit". After this the Customer can not Edit the name but this is not necessary. I will post the solution after my first 5 free days this year on mid of next week. Another question. We wrote at this time Customer Manual for ISP3 and i will get you a little back, where can i post it that the community has a benefit. regards, Dominik
Look this ... If i will create 2 users like: c1_login1 and c1_login2 fact if using _ on user name login1 can see database of login2 and login 2 can see database of login1. _ works like wildcard for user name? allow all c1_* users can view all c1_* databases? it´s is the question? please confirm it to me.
Yes. Thats a known thing with mysql. Some call it a bug, the mysql poeple call it a feature. You will find a lot of threads in all kind of lists and forums if you search with google. Please see the link I posted above.
Fixes The page says: The “_” and “%” wildcards are allowed when specifying database names in GRANT statements that grant privileges at the global or database levels. This means, for example, that if you want to use a “_” character as part of a database name, you should specify it as “\_” in the GRANT statement, to prevent the user from being able to access additional databases matching the wildcard pattern; for example, GRANT ... ON `foo\_bar`.* TO .... _ for \_ It´s Simple str_replace foo_bar for foo\_bar on user and database creation time. How ispconfig works to grant? you can modify mysql database tables direct insted use grant commands, and before flush privileges. I belive if Modify table direct alows long usernames but grant commands at console will be not work and need change username for more then 16 chars at mysql user table. Idea but php cli script to manipulate user rights. Im using _ on database names and user names. like cpanel and others. it´s interessant checks how ispconfig works.
