I have newly installed Debian Wheezy (nginx, BIND, Dovecot, ISPConfig 3) ISPCONFIG 3.0.5.3 all time directories are locked (and I do not know when they are relocked again when I set -i attribute) Code: [[email protected] clients]# lsattr client1 lsattr: Operation not supported While reading flags on client1/xxx.xxx.bg ----i--------e-- client1/web4 lsattr: Operation not supported While reading flags on client1/xxxx.info lsattr: Operation not supported While reading flags on client1/xxxxx.info ----i--------e-- client1/web2 ----i--------e-- client1/web5 ----i--------e-- client1/web1 lsattr: Operation not supported While reading flags on client1/xxxxx.com lsattr: Operation not supported While reading flags on client1/xxxx.net -------------e-- client1/test.txt ----i--------e-- client1/web6 [[email protected] clients]# lsattr client3 -------------e-- client3/web3 lsattr: Operation not supported While reading flags on client3/xxxxx.de [[email protected] clients]# lsattr client4 ----i--------e-- client4/web7 lsattr: Operation not supported While reading flags on client4/dr-xxxxx.com this is not yet proportional server , I want to move from other panel to ispconfig ...
This is a new security setting in ISPConfig 3. You could disable this in the server config with setting the security level to low in the web tab of server config. The setting is useful, though, as you can not (accidently) delete directories like "web" "logs" "private" etc. that are essential for the websites.
They are locked because folder protection feature under System > server config is enabled. If you remove the locks, then your clients or someone that hacked a single website are able to attack your apache server by removing e.g. the webroot directorys of the sites. So you can disable this feature, but I wont do it if this is my server.
thank you for fast reply, about hacking other user directories , how about GRSECURITY ? is it possible to use it with ispconfig ? (or I must open new topic for it?)
