Good day, I set up a AWC EC2 : Ubuntu 20.04.1 LTS (Focal Fossa) ISPConfig 3.2 I can't use root (and don't want to either). The default user is ubuntu. I'm having a problem with rsync and I noticed I can't access the web folders content. Code: $ ls -l /var/www/clients/client0/web1/web ls: cannot open directory '/var/www/clients/client0/web1/web': Permission denied I am able to list the folder above (/var/www/clients/client0/web1/) and with sudo obviously. I looked at /etc/group and noticed this: Code: sshusers:x:5002:web1,web2,web3,web4 Can I make the ubuntu user be part of specific group? (web1 for example) Code: -rw-r--r-- 1 web1 client0 15 Nov 1 19:44 testJP.txt Can I create the web groups (web1,web2,web3,web4) and do something like: Code: usermod -a -G web1,web2,web3,web4 ubuntu I need the ubuntu user to be able to read all of /var/www/ on server1 and write all of /var/www/ on server2. (I'm actually starting server2, sync' it and then shutdown server2 - from server1). What is your recommended way of resolving this challenge? Thanks ahead as always, JP
Yes. Create a shell user for that website (with jailkit) and use that user to rsync. Then it works. Those groups are already created by ISPConfig when you create the websites. Root user is the usual way to do this. Do you have an actual reason to not use root account? On Ubuntu, the default user should have sudo privileges, so if that user does sudo -i the session is run with root user permissions, and can access the desired folders.
root login are disabled by default on AWS. I'll still have the issue of trying to write on the second if I execute as root. Opening root acces for a sync seems too much The web1-web4 groups aren't created by ISPConfig (in /etc/group). I guess my challenge, simply put, is to sync all sites. in one shot. Might not want to create 5 users for 5 environements. This works fine: rsync -a --progress /home/ubuntu/ [email protected]-central-1.compute.internal:/home/ubuntu/ How can I make ubuntu user be able to access the /web/ content. I can with sudo, but rsync with sudo on another machine is not working for me so far.
I have to figure out a way to gibe the ubuntu user read+wrote rights on the /web/ folders. (without sudo). Add ubuntu to the right group I guess? I'll try to create a web1 group and add ubuntu user to it to see if I can even 'ls -l /web'. It's not a complicated thing I'm sure, once figured out, we'll laugh at it!
The web1, web2, etc. are users that own the website files. The website files are group owned by client1, client2, etc. Adding the ubuntu user to those groups allows ubuntu user to read the website files. ISPConfig creates the websites so that group does not have write access, so you would have to change the permissions if write access is needed for group. Adding user to a group is done with command adduser ubuntu client1, more info reading man adduser. If your filesystem and OS supports ACL, that gives precise control who can do what with which file.
First thank you for your patience and explanations Sir Taleman. Throughout your reading I realized I was complicating things... I must keep things simple. We can now laugh about it. - ISPConfig is a great tool to create ssh users (with the right rights). No need to pimp up another user - I generated a key pair, added the .pub ket to the user - On machine1 I can run rsync as root and rsync to machine2 with a ssh user (defaultstguserssh here) Code: rsync -alK --progress --delete-after /var/www/clients/client0/web1/web/ [email protected]:/var/www/clients/client0/web1/web/ (I will probably remove the --progress) I'll repeat this for 4 sites (4 ssh users) I hope this can help someone some day. --- Also a shout out to nhybgtvfr a no subscription user that took tome to help here also.
