After creating new website, web17 all files in web11 (except its root) and all files in web3 (including its root) are now owned by web17 along with all of the website redirects (e.g. all of the domain.com -> /var/www/clients/client99/webxxx ). chown doesn't appear to work. I welcome advice.
In fact deeper inspection shows that web17 also owns its client and almost all (but not all) of the client's websites' files
You have to remove the immutable attribute if you want to manually chown a folder: chattr -i /var/www/clients/client99/webxxx The only reason that I can think of is that the website path variables under System > server config > web have been set to wrong values.
Thanks TIll. It looks like I will have to change ownerships on files of every website as well as the client. Is there a way to automagically reset all of the file ownerships back to their correct client and web values? There is nothing obviously wrong with website path variables in System >server config > web - currently /var/www/clients/client[client_id]/web[website_id] Anything else I should look for? The only two changes immediately prior to this change in file ownerships were creation of a new domain/website for the main client and, separately, creation of a new client also with a new website.
You should save the changes on that settings page even if they show up right, just to be sure. Then, enable debug mode https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/ and create another website and run server.sh to see if the same thing happens again and to find out why this happened. What you can try is to enable the option under System > server config > web to set file and folder permissions on update. then use Tools > resync to resync the sites. But don't do this before you verified that the system is operating normally again. There must be something else causing this, basically the only way that something like this could potentially happen is when there are wrong path defaults for a new site, or there must be some symlinks or similar that where manually created in place which causes a similar result.
Dear Till, Thank you for the suggestions. I'll first repair the ownerships. I have a memory this ISPCOnfig instance crashed badly a couple of years ago. It was patched back into functioning and has run since then with no changes except updates and the changes within each website. I'll check back in the notes. It may be some of the config was corrupted then.
www-data user and group is nowhere used in ISPConfig sites. it's always either root or webID:clientID, depending on the directory.
Thanks Till. That makes things simpler. I've now got one site back up working using ownerships guidance from https://www.howtoforge.com/communit...ct-settings-of-owner-group-for-var-www.84394/ I'll work on the rest of the sites and then follow your earlier advice after doing another backup.
Btw. Maybe you can look up in the web_domain table which document root is set there for the offending newly created site that caused these issues? This might help to narrow down things.
One webuser/ website site appears to have a rudimentary selection of linux software stored in it in various sub-folders including /run, /alternatives, /etc, /home, and including version of bash, systemd, vim, resolve.conf with stub-resolv.conf pointing to 127.0.0.53 and other linux related code. Incidentally, this is one of the new websites using Joomla 4 that has only recently been installed from scratch. Thoughts?
When I try to rename the top-level web directory for this site (after using chattr -i) I get 'operation not permitted'. When I try to change the name of the folder holding the systemd/resolve folders, I get 'Device or Resource Busy'. I'm beginning to get concerned....
that's ok, its called jail environment and used by ISPConfig if you have jailed shell users or jailed cronjobs or chrooted php-fpm.
On which directory you ran chattr on? You must run it on /var/www/clients/client99/webxxx and not on e.g. /var/www/clients/client99/webxxx/web
Thank you. That's good to know. I was getting concerned it might have been hacked. However, nothing for that user/website has been jailed or chrooted. I ran chattr -i as root@mail:/var/www/clients/clientXX# chattr -i webZZ