We are using ISPConfig 3 on our servers of our webdevelopment company. We are the only user on the server, customers don't have access to their websites. Does ISPConfig 3 has an option to add a SSH user which can access all sites on the server ?
Thats not possible as every site runs under its own Linux user. The only user that has access to all files on a server is the root user.
No, at least not one that will work. You can create a user with root priveliges that has access to all files or use the root user. But as soon as you use the user to upload files, you will have to chown every file and folder to the owner of the web afterwards. If you dont do this, then suexec and suphp wil deny access to these files.
I regularly work on my sites as root simply because I work on multiple sites at the same time. Have written some small scripts that chown the appropriate files as needed.
We just chown -R user:www-data web12 or whatever the directory name is. Works great. The problem is that updates on the site in ispconfig often results in a change back to the default directory owner. The web directory usualy stays the same and its not that big a deal to repeat the action. It would be nice removing that chown on site update - but I havent find that line in the code.
Thats makes the sites insecure, if a site gets hacked then the hacker can damage the whole server easily and each customer has access to all other customers sites. I wont do that on a server that is connected to the internet. For a intranet or local dev system it miht be ok. Regarding the permission updates, thats configurable under system > server config.
That realy depends on how you do it. Since youre not giving the group www-data write access, any php-injections and so on can not harm the system. Only "user"(in my example) has writing permisions. We usualy dont give clients shell access - but if we would they would not be a part of the www-data group, so even if they would get out of the root-jail they would not acces the sites controled by "user". A normal ipsconfig account could coexist with such webmaster-controled accounts - and in fact the ownership can be reverted even if it has never been requested. Of course is the webmasteraccount ("user") a weak point - I admit that. But the alternative is using the root account a lot - and that is even worse - and with proper security routines that should not be a problem. The permisions updates - I don't find them. I guess they are under "system > server config> my.server -> Webb" - but I dont find such variable.
Patch for no-users option Im waking this old thread instead of starting a new one. As I wrote earlier we have no need for clients accessing the server. The whole point of the suExec/user for each account model does not apply for those like us - witch clients that owns (an get billed for, owns mail addresses and so forth) is important - but when file-ownership on the server get messed up making site-management a mess there must be another way. Im considering making a patch for the apache2-module making it possible to have a option of a standard user+group for all virtual webservers. When turning suExec off your group have to be www-data but the user might be the website manager account for example. Browsing the code I dont think its so complicated.
That should be possible, but you have to be aware of the details e.g. when you use one central user, then you have to take care that it does not get deleted when a website or ssh user gets removed.
I made a patch making an option for a standard web owner. (I placed the options at web/permissions). This is a patch for the apache2 plugin - I do not have any nginx servers. Works as far as I can tell. The operations web_folder_user, web_folder_delete and web_folder_update has not been altered - perhaprs theys should but I have not been able to generate any faults jet. Keeping the "user" (web1) and "group" (client1) in the database seem to bee the only way to keep the client/site hierarachy working - i change the user/group in the plugin instead. This makes the Website->Options saying Linus user web1 and Linux Group client1. In this case those are more of designators. Any feedbacks or testing would be appreciated
Made a new version. Now the user+group is in the database. That resulted in some errors that I disposed of by setting the test of the username to false in the server_config.tform.php - a test of a uneditable value didn´t seem that important. Then the Linus user and Linus Group is correct. This should also make updates more stable.
Im continue on the in database solution. Now I have added support for cron jobs (the cron jobs for sites with standar-user belongs to the standard-user) and a block for creation of ssh-users (in the interface the vhosts on servers with the fixed-owner: on are omited from the list of sites to chose from).
