Hello, I'm trying to figure out how I can have the permissions on /var/www (I'm running ubuntu 14.04) be 750 and still have my FTP users be able to read/write to the /var/www/clients/client0/web3/ dir. Currently if I set the /var/www dir to 750 I'm not able to list files with FTP. Thank you for your assistance.
Hello till. Which user does it run as because I want to restrict my normal shell uers who login with ssh from being able to view the contents of /var/www. Like I said if I chmod 755 -R /var/www it makes the folder writeable and readable by the ftp user. How can I achieve this?
The FTP user is run under the same user then the shell of the respective website. e.g. on web1, the user is web1, on web2, the user is web2 etc. Ok, thats not related to FTP user permisions at all. If you want to restrict your shell users, then you have to create them as chrooted shell accounts.
No these will be separate accounts from the ISPConfig3 config system, just normal shell accounts on the system that I add manually for some people I know. I want to be able to restrict all other users except the standard FTP users and shell users from accessing their web dirs. That's why I was trying to chmod the dir(s) to 750.
Btw. Never try to run this command: it will destroy the setup in a way that ist completely insecure and it can only be fixed by restorng a full backup of /var/www or a complete reinstall. So never run this command if yu want to be able to further use your server securely. The above command opens up the ability that every user of your server and every script can hack all other sites, so thats really bad.
I guess I'm a tad confused, how can the user not be able to read/write to their own dir when they login with FTP when I chmod 750 -R /var/www but if I chmod 755 -R /var/www listing and writing works? 5 is only write and execute permissions...
I found a solution, I'm just going to place the normal system ssh users in the group users, chgrp -R users /var/www and then chmod 2705 -R /var/www.
you are warae that all websites of your system are in /var/www and that they have different and much stricter permissions then 755 or 75o. by running a chmod -R you set these permission recursively and destry the fine tuned permissions etup of all websites.