Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a web root containing a wordpress installation. When a some_user uploads new source code and over-writes files (e.g., .htaccess or index.php) or creates new files, I need for the ownership of the files to be apache:some_user.
I understand that umask determines the permissions of newly created files. Is there some command that determines ownership of newly created files?
You can use the setgid bit on the top level directory to enforce group ownership of files, but actual owner is not affected. If the method for updating files on the site was to upload via ftp then you can force the ownership, vsftpd can do this with the chown_uploads and chown_username directives, other ftp servers may have similar options.
You can use the setgid bit on the top level directory to enforce group ownership of files, but actual owner is not affected.
Could you be more specific? I'm not familiar with setgid, but it sounds like you are saying this only affects group ownership of new files and not their user ownership. Please clarify.
Quote:
Originally Posted by kbp
If the method for updating files on the site was to upload via ftp then you can force the ownership, vsftpd can do this with the chown_uploads and chown_username directives, other ftp servers may have similar options.
I don't have any FTP server installed. Access to the server is accomplished via certificated-authenticated SFTP. I assume the mechanism of file transfer is SCP.
The ssh pkg includes 3 tools
a) ssh - encrypted terminal access
b) scp - encrypted cp
c) sftp - encrypted ftp http://www.openssh.com/manual.html
HTH
Thanks for the links. From the Wikipedia, this disappointing tidbit:
Quote:
The setuid permission set on a directory is ignored on UNIX and Linux systems.
which suggests that I'm out of luck.
I might, on the other hand try and alter some configuration of ssh or scp or sftp such that I can apply a setuid setting to *one specific user* but I've got no idea where to do that -- or if it's even possible.
I see from this url that sftp supports chown (I figured as much) but I have never had any luck at all changing the owner of a file without root permissions -- even if I own the file.
Although you can't force newly created files to have some specifc owner, but using setgid you can force newly created files/directories to inherit group of parant directory.
Code:
~$ chmod g+xs /path/to/dir
On the other hand, set sticky bit permission on parant directory to protect it from unauthorized modifications, as:-
Code:
~$ chmod a+t /path/to/dir
It will then allow only root, owner of parant dir. or onwer of file/sub-directory to modify contents.
Don't forget that sshd is owned by root, so sftp can change owners for you, if that's what you really want.
Generally webpages are owned by the apache (acct name might be www or some such) user; wordpress is probably the same/similar.
Don't forget that sshd is owned by root, so sftp can change owners for you, if that's what you really want.
Generally webpages are owned by the apache (acct name might be www or some such) user; wordpress is probably the same/similar.
Chris, it had not occurred to me that sshd is owned by root but that makes complete sense. The question is then "how do I alter my sshd config such that all files uploaded by user foo to directory /var/www/html are owned by apache:foo" ? I've checked 'man sshd_config' and find no mention of setuid in there. I tend to doubt such a specific configuration option is available.
In case anyone is wondering, the reason I ask is due to the way that Wordpress checks file ownership. It attempts to create a temporary file in the webroot somewhere and then checks the owner of that file. If the owner is not apache, then it resorts to prompting the user for FTP/SFTP credentials. Not the end of the world, but an unnecessary extra step IMHO.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.