Thank you very much for this forum that is dedicated to your supporters! I am working to migrate my custom CMS, Piece Builder, to ISPConfig 3. It looks like I'm going to be running into permissions issues when trying to write a users pages to their domain. OS: Debian Squeeze ISPConfig: v3.0.5.2 I'm currently faced with two large hurdles: Creating folders in a client web# folder. I'm currently logged in as root, and I'm trying to create a new folder in /var/www/clients/client#/web#/, and I get "permission denied". I don't understand how this can be permission denied for root. How can I solve this problem, please? Piece Builder (pb) under one client needs the ability to write to other clients folders web folders. Under the web# folder there will be a symbolic link to the primary pb library that contains all the PHP files to allow operation of the CMS. On my current server, I made apache the owner of files/folders that pb needs to write. I would like to maintain the setting that a user becomes owner of the files in their folder on update, because that helps me with quota concerns. What is the best way for me to allow pb to do it's job? Thank you for your help... Darin
That happens because the immutable bit is set on the web# folder: http://www.aboutlinux.info/2005/11/make-your-files-immutable-which-even.html You can change this behaviour under System > Server Configuration > Web > Permissions. This is difficult and maybe only possible with mod_php because it runs as the Apache user (whereas FastCGI, CGI, etc. run as the web user), but I would advise against using this on a shared server because of security reasons.
Thank you for taking the time to reply. I appreciate it. I have updated the immutable bit setting. I'm not familiar with mod_php, so I'm going to need to do some research on that. I own the hardware node, and have setup a virtual server just for pb clients. None of them have ftp access to the server, they can currently only modify their websites through the pb interface. I was hoping that I might be able to enable permissions by: System > CP Users > pb > Groups and checking each of the other user's. If there's not a good way to do this, maybe I should setup this virtual node w/o ISPConfig, and configure Apache manually. I'd prefer to manage all with ISPConfig 3, but if it cannot be done without big architectural changes to pb, I will have to look at alternatives. I have promised clients to have the migration completed this week. Once I have permissions issues resolved, it will probably take one day to perform all of the migrations. What do you recommend? Thank you, Darin
If you use this hardware node only yourself and have no FTP accounts on it, you can use mod_php and chown all web sites to www-data:www-data (that's the user/group Apache runs as under Debian/Ubuntu), and it should be fine. You might have to adjust the open_basedir setting on the Options tab so that your software can access scripts outside of its own web site.
