Need help setting up user that will have FTP access
Hi,
Sorry folks but getting help on a simple matter on Linux is like passing a kidney stone. And yes, I've done a million Google searches and I do have 2 Linux books and still having trouble. I may be new to Linux but sure am not a newbie when it comes to IT. Been in the industry for 20 years. My simple question is how do I create a user account and give it FTP access to a web site running on Fedora? Now, the problem is there are a million shell commands I find on the net. However, none of them really explains what in the world is going on in a simple language. Here's my thinking... Correct me if I'm wrong. 1. Create a user account, set its password and home directory 2. Give this user FTP access to the directory of the web site 3. Give this user read and write privileges so that he/she can both read the contents of the folder and be able add new files and delete existing ones. I know how to do step 1. I'm stuck in steps 2 and 3. Please let me know if this is not the logic I need to follow when creating a user account that will have FTP access to a web site on the server. |
2/ Which ftp server are you using? For proftpd, read this :http://www.proftpd.org/localsite/Use...ed/chroot.html ; Usually make the directory of the web site the home of the user in /etc/passwd.
3/ The command is chmod. man chmod for more info. |
use vsftp - it's the most secure ftp you can find and it's easy to configure as you need.. I've used WuFTP and ProFtp and would definitely recommend vsftp over the others.
christo |
Don't get it
I just don't understand why people answer what they want to answer and not the question being asked????
|
Quote:
Since you didn't tell us how you are going about this task (users with normal home directories (/home/user?) or /var/www, and you also didn't mention what ftp server you are running, we are left with an incomplete picture of how you are accomplishing things. We need to know how you want to go about doing things, so we can help. For the most part, it is all in the way you configure the ftp server, and then the way you set apache to deal with the relative home directory. Since you gave no information about either of those points, we somewhat filled in the blanks with suggestions. Write back with the info I asked for, and we can help you beyond making very generalized suggestions. Peace, JimBass |
Specifics
Jim,
Thanks for your response. I was getting frustrated w/ "recommendations" but I didn't have the basic answers. I'm using vsftpd and want to continue to use it. Doesn't it make more sense for me to setup the site in /var/www/web_site and give specific local users access to that directory? This way if a web site has multiple webmasters, local users can still have their local directories. If it's not too much trouble though, I'd appreciate it if you could give me the solution for both approaches i.e. setting the web site under /home/user as well as giving local users ftp read/write access to /var/www/web_site Again, thanks for your help and sorry about venting out of frustration. |
No problem man. I know all about being frustrated at something not working. Here are the relavent sections of the vsftpd.conf file:
Code:
local_enable=YES It is fine to have the sites be in /var/www/web_site, but then if you use the chroot_local_user option in vsftp, you HAVE to make the user's home directory be /var/www/web_site, as they will be locked into their home directory. Doing this means you'll have to be doubly careful with permissions. You will probably make the /var/www/web_site owned by the user of it, and will mainly need to watch out on permissions of things like cgi scripts within the site. If it is just simple html with nothing but displayed info it won't be much work at all, but the more functionality you have on the sites the more work may come into getting it running correctly, as the apache user (www-data by default) will also need to be able to read and execute in many places, and you don't want the permissions too wide open, or somenbody that finds an exploit can have a field day with your box. It doesn't seem to me that either way I mentioned of doing it has an advantage over another. The users don't have to be people. You couldmake crappysite.org a user, with home directory of /home/crappysite.org, and then all the crappysite.org webmins get access to the home directory. Really seems to be 6 of one, half dozen of another. If you were to put the sites in /home/user, the part of the /etc/apache2/apache2.conf that needs to be uncommented is this: Code:
# UserDir is now a module Good luck with everything, and post back if you hit problems you can't solve. Peace, JimBass |
Still stuck
I set the web site's home directory to public_html within my directory i.e. /home/sam/public_html
I set the access privileges to 744 so that I the owner have full rights and public has read only right to the /home/sam/public_html folder. When I run ls -l, this is what I'm getting: drwxr--r-- 2 sam root 4096 Mar 24 13:28 public_html I'm getting the following error trying to access the web site: Forbidden You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. When I try to ftp into the site, it takes me into a folder I think is the default FTP folder. There's a folder in there called PUB. I don't get it. In the httpd.conf file, I set the settings to point the web site to /home/sam/public_html I'd appreciate another push bere. Thanks. |
Several things to check out. First and foremost, don't go windows style and do things as root that aren't necessary. The file you pointed to has root listed as the group. That isn't causing it not to appear, but again, only become root when absolutely necessary.
Check the permissions within /home. It is quite possible that /home/sam has 700 permissions, making it invisible. Since you changed your mind and put the files in home rather than /var/www, you need to have all the directories above be visable. Another thing to do is to look in /var/log/apache/error.log and see what is happening. The great thing of *nix is the excellent logs. You can look in there and see what is happening. Yes, if you are getting to ftp/pub, then you don't have the chroot option enabled I mentioned. You would either need to move the website root to ftp/pub/whatever or get the chroot happening. Peace, JimBass |
All times are GMT -5. The time now is 06:39 PM. |