LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-12-2013, 01:37 PM   #1
rzp78
LQ Newbie
 
Registered: Dec 2013
Posts: 3

Rep: Reputation: Disabled
VSFTP Chown Upload file


Hello all. I am trying to figure out the correct permissions to facilitate this.

I have a multi tenant Apache webserver, with VSFTP installed on it. Apache is running as Apache. The desired goal is to have all files uploaded by any user be owned by Apache. Each website folder is owned by a security group. FTP users are created and then assigned to this group. The group chmod should be g+s to always retain the group owner to allow different users within the security group to delete or overwrite files uploaded by another user.

This configuration confuses me, should I be using a chown in the vsftp.conf file, or a set of complex permissions? This is a sample of what I am using, and its not working exactly as I need:

sudo chmod -R 770 /srv/www/vhosts/websitefolder
sudo chmod -R 770 /srv/www/vhosts/websitefolder/webroot
sudo chown -R apache:securitygroup /srv/www/vhosts/websitefolder
sudo setfacl -m g:apache:rwx /srv/www/vhosts/websitefolder
sudo setfacl -m d:g:securitygroup:rw /srv/www/vhosts/websitefolder
sudo chmod -R g+s /srv/www/vhosts/websitefolder/webroot
sudo chmod -R g+s /srv/www/vhosts/websitefolder
 
Old 12-12-2013, 09:11 PM   #2
SAbhi
Member
 
Registered: Aug 2009
Location: Bangaluru, India
Distribution: CentOS 6.5, SuSE SLED/ SLES 10.2 SP2 /11.2, Fedora 11/16
Posts: 664

Rep: Reputation: 80
dir structure looks like SuSe..
you can set umask for uploaded files and file open permissions in conf file, something liek this would be a help:
Code:
local_umask=022
file_open_mode=0777
Above would effect in permissions of 755 by default to be set.
 
Old 12-13-2013, 01:22 PM   #3
rzp78
LQ Newbie
 
Registered: Dec 2013
Posts: 3

Original Poster
Rep: Reputation: Disabled
This was a set if permissions used in a SuSue box, but we are now using a CentOS box, so if the ands are now no longer appropriate, maybe that's why things aren't working right.

The main goal aside from the 755 you provided above is to also retain Apache as the owner no matter who uploads the file. The group owner has users X Y and Z in them. So user X should be able to upload an index.php file, and the owner remains apache. User Z should be able to delete and it overwrite the index.php file based on sticky but using g+s?

Zack
 
Old 12-14-2013, 02:01 AM   #4
SAbhi
Member
 
Registered: Aug 2009
Location: Bangaluru, India
Distribution: CentOS 6.5, SuSE SLED/ SLES 10.2 SP2 /11.2, Fedora 11/16
Posts: 664

Rep: Reputation: 80
Quote:
Originally Posted by rzp78 View Post
This was a set if permissions used in a SuSue box, but we are now using a CentOS box, so if the ands are now no longer appropriate, maybe that's why things aren't working right.

Zack
THe above permissions are for vsftpd and not for SuSe or any specific distro..
you can have your own set of permissions defined over there.
 
Old 12-14-2013, 12:34 PM   #5
rzp78
LQ Newbie
 
Registered: Dec 2013
Posts: 3

Original Poster
Rep: Reputation: Disabled
Minus the 755 permissions, what I am trying to enforce is that no matter who uploads content, that Apache owns the files as the user. The user that is in the security group should also be able to upload files, any user in the security group, and have the U of Apache own it, and the Group of own the file.

Some how moving from SuSe to Cent this behavior has changed. I understand the Umask etc, its the User / Group sticky bit I need to resolve in my opinion.
 
Old 12-14-2013, 11:58 PM   #6
SAbhi
Member
 
Registered: Aug 2009
Location: Bangaluru, India
Distribution: CentOS 6.5, SuSE SLED/ SLES 10.2 SP2 /11.2, Fedora 11/16
Posts: 664

Rep: Reputation: 80
So do you think you have read and tried all about vsftpd details, since you are using centos did you checked all context applied to the dir ?

Code:
chown_uploads=YES
chown_username=some_username
How about these values ?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftp upload how to?? losvre Linux - Newbie 4 03-13-2012 10:11 AM
vsftp cannot upload file : error 553 cannot create the file ignace Linux - Newbie 2 07-26-2010 09:01 PM
Can't upload file using vsftp as anonymous user SQADude Linux - Newbie 7 11-19-2009 04:28 AM
Upload file to ftp server -vsftp- but can not delete or change the file once uploaded murattas6 Linux - Server 2 06-26-2009 07:00 AM
Upload with VSFTP Rage79 Linux - Security 5 01-21-2003 09:45 AM


All times are GMT -5. The time now is 02:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration