I've installed ProFTPd with MySQL support and have a working setup. My virtual user's home directories are /home/vftp/domain.tld/username. The home directory is owned by ftpuser:ftpgroup with file permissions dr-x------ so that the user may not write files in the directory. Inside the home directory I have symlinks owned by root that point to /www/domain1.tld and every other domain I want the user to have access to. All folders in /www/ have permissions of 777 and are owned by apache:apache so that apache can write log files and temp files in each directory (PHP has open_basedir in effect). The 777 permissions are so my ftp users can write files inside these directories which work fine. The ProFTPd umask is 022. Any way I can do this so apache and ftpuser have access to the directory without chmoding 777? Any way to prevent users from chmoding something as executable? Any other things I should change?
You can either make the Apache user a member of the ftpgroup or the other way round. That way, permissions of 775 should work. Users cannot chmod files if they don't own them or are members of the group.
I added ftpuser to group apache, and groups ftpuser confirms this. However, I can no longer create or delete files with FTP. I chmodded everything to 775. Code: Command: DELE test.html Response: 550 test.html: Operation not permitted test.html is owned by ftpuser:ftpgroup and has the permissions 777 but I cannot delete it
Code: [root]/etc # groups ftpuser ftpuser : ftpgroup apache Yes, I've tried restarting the proftpd daemon With the owner apache:apache on /www/domain.tld and the permissions 775, I get permission denied for everything. My Virtual FTP user's home directory is /home/vftp/domain.tld/<user> with a symlink to /www/domain.tld and the VRoot Engine is on to allow this. EDIT: I just tried something new. I set the owner to apache:ftpgroup and permissions 775 and it works fine. Will ProFTPd or Apache have issues with this? Because right now ProFTPd and Apache should both have full access to the directory. Also, would it hurt to chmod the directory to 770?