Proftpd Permissions html folder

Discussion in 'Installation/Configuration' started by belapirher, Mar 30, 2019.

  1. belapirher

    belapirher New Member

    Hi huys :)
    I have Armbian Stretch on Banana pi M1
    I have working proftpd for ftp group and users in that group, but i have problem with /var/www/html folder if i chmod for user then i can upload and delete files, but then i have to chown www-data for website to function properly.
    So my question is how can i make it work so that folder is owned by www-data and i still have perm to upload, delete, modify files?
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I would say better to setup web server to work as the user and group that owns that website. That is the way ISPConfig does it.
    Unfortunately I am spoiled by ISPConfig and do not know how to setup this kind of web server running as website user manually.
     
  3. belapirher

    belapirher New Member

    Thanks, I will look into that.
    Previously i was using OMV and this was all done with gui, but banana pi is little slow so thats why im using just proftpd.
    The problem is that if apache folder is owned by someone else than www-data i get You dont have permissions to view this page...
     
  4. belapirher

    belapirher New Member

    I just managed to do it I guess i just needed some push and account on howtoforge :)
    Thats what i did:
    Added new user to www-data group
    Code:
    useradd -g www-data webroot
    Set password for new user
    Code:
    passwd webroot
    Set permissions for new user in /var/www
    Code:
    chown -R webroot:www-data /var/www
    Then edited apache envvars
    Code:
    nano /etc/apache2/envvars
    Then changed apache run user from www-data to new user
    Code:
    export APACHE_RUN_USER=webroot
    Then finaly i restarted apache2 service
    Code:
    systemctl restart apache2
    Also i added this to the end of proftpd.conf
    Code:
    <Directory /var/www>
        <Limit ALL>
            DenyALL
        </Limit>
    
        <Limit DIRS READ WRITE>
            AllowUser webroot
        </Limit>
    </Directory>
    So far this works but still have to test it
     
    Last edited: Mar 30, 2019

Share This Page