Need help setting up user that will have FTP access
 

Hi,

Sorry folks but getting help on a simple matter on Linux is like passing a kidney stone. And yes, I've done a million Google searches and I do have 2 Linux books and still having trouble.

I may be new to Linux but sure am not a newbie when it comes to IT. Been in the industry for 20 years.

My simple question is how do I create a user account and give it FTP access to a web site running on Fedora?

Now, the problem is there are a million shell commands I find on the net. However, none of them really explains what in the world is going on in a simple language.

Here's my thinking... Correct me if I'm wrong.

1. Create a user account, set its password and home directory

2. Give this user FTP access to the directory of the web site

3. Give this user read and write privileges so that he/she can both read the contents of the folder and be able add new files and delete existing ones.

I know how to do step 1. I'm stuck in steps 2 and 3.

Please let me know if this is not the logic I need to follow when creating a user account that will have FTP access to a web site on the server.

2/ Which ftp server are you using? For proftpd, read this :http://www.proftpd.org/localsite/Use...ed/chroot.html ; Usually make the directory of the web site the home of the user in /etc/passwd.
3/ The command is chmod. man chmod for more info.

use vsftp - it's the most secure ftp you can find and it's easy to configure as you need.. I've used WuFTP and ProFtp and would definitely recommend vsftp over the others.


christo

Don't get it
 

I just don't understand why people answer what they want to answer and not the question being asked????

The guys who responded to you were pointing you in the right direction. You are integrating the functions of 2 daemons/processes on your box. You want to give a new user ftp access to the machine, and also the ftp access should be to their website. This can be done any number of ways. Your logic isn't wrong necessarily, but you are stuck in getting things put together. The 2 simplest ways to get this to work would be to configure apache to use the home directory of the ftp user as the location for the root of the corresponding website. That is not enabled by deafault. Peeking through the apache.conf file should hunt the relavent options down. Once that is done, you should lock the user into their home directory through the ftp program. I whole heartedly agree that vsftp is the best ftp server, and suggest its use. Another option would be to make the users home directory be something like /var/www/(sitename), and then you would just have to play with the ownership of each of those directories so the user can upload files, but also make sure what is uploaded is visable through apache.

Since you didn't tell us how you are going about this task (users with normal home directories (/home/user?) or /var/www, and you also didn't mention what ftp server you are running, we are left with an incomplete picture of how you are accomplishing things. We need to know how you want to go about doing things, so we can help. For the most part, it is all in the way you configure the ftp server, and then the way you set apache to deal with the relative home directory. Since you gave no information about either of those points, we somewhat filled in the blanks with suggestions.

Write back with the info I asked for, and we can help you beyond making very generalized suggestions.

Peace,
JimBass

Specifics
 

Jim,

Thanks for your response. I was getting frustrated w/ "recommendations" but I didn't have the basic answers.

I'm using vsftpd and want to continue to use it.

Doesn't it make more sense for me to setup the site in /var/www/web_site and give specific local users access to that directory? This way if a web site has multiple webmasters, local users can still have their local directories.

If it's not too much trouble though, I'd appreciate it if you could give me the solution for both approaches i.e. setting the web site under /home/user as well as giving local users ftp read/write access to /var/www/web_site

Again, thanks for your help and sorry about venting out of frustration.

No problem man. I know all about being frustrated at something not working. Here are the relavent sections of the vsftpd.conf file:

That will lock ftp users into their home directory, whatever that is set as. When I ftp into a box with that config, and try to execute something like cd .. or cd /, I can't get anwhere but /home/jim, or a subdirectory thereof.

It is fine to have the sites be in /var/www/web_site, but then if you use the chroot_local_user option in vsftp, you HAVE to make the user's home directory be /var/www/web_site, as they will be locked into their home directory. Doing this means you'll have to be doubly careful with permissions. You will probably make the /var/www/web_site owned by the user of it, and will mainly need to watch out on permissions of things like cgi scripts within the site. If it is just simple html with nothing but displayed info it won't be much work at all, but the more functionality you have on the sites the more work may come into getting it running correctly, as the apache user (www-data by default) will also need to be able to read and execute in many places, and you don't want the permissions too wide open, or somenbody that finds an exploit can have a field day with your box.

It doesn't seem to me that either way I mentioned of doing it has an advantage over another. The users don't have to be people. You couldmake crappysite.org a user, with home directory of /home/crappysite.org, and then all the crappysite.org webmins get access to the home directory. Really seems to be 6 of one, half dozen of another.

If you were to put the sites in /home/user, the part of the /etc/apache2/apache2.conf that needs to be uncommented is this:
You would pull all of the hashes out so they become used. That would obviously make the location /home/*/public_html a live site.

Good luck with everything, and post back if you hit problems you can't solve.

Peace,
JimBass

Still stuck
 

I set the web site's home directory to public_html within my directory i.e. /home/sam/public_html
I set the access privileges to 744 so that I the owner have full rights and public has read only right to the /home/sam/public_html folder. When I run ls -l, this is what I'm getting:
drwxr--r-- 2 sam root 4096 Mar 24 13:28 public_html

I'm getting the following error trying to access the web site:
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

When I try to ftp into the site, it takes me into a folder I think is the default FTP folder. There's a folder in there called PUB.

I don't get it. In the httpd.conf file, I set the settings to point the web site to /home/sam/public_html

I'd appreciate another push bere. Thanks.

Several things to check out. First and foremost, don't go windows style and do things as root that aren't necessary. The file you pointed to has root listed as the group. That isn't causing it not to appear, but again, only become root when absolutely necessary.

Check the permissions within /home. It is quite possible that /home/sam has 700 permissions, making it invisible. Since you changed your mind and put the files in home rather than /var/www, you need to have all the directories above be visable.

Another thing to do is to look in /var/log/apache/error.log and see what is happening. The great thing of *nix is the excellent logs. You can look in there and see what is happening.

Yes, if you are getting to ftp/pub, then you don't have the chroot option enabled I mentioned. You would either need to move the website root to ftp/pub/whatever or get the chroot happening.

Peace,
JimBass