Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I host a number of sites and recently migrated to a new server (both old and new are running Ubuntu 10.04 [I only upgrade my web server when there is a new LTS release]). After the migration, Wordpress is asking for ftp credentials to update plugins, which it never used to do. I'm certain this is user/group/permissions related, but because of the new setup, I'm not sure what these should be set to.
On the previous server, each site was a subdirectory of /var/www/ and everything was owned by www-data. This wasn't the best setup, since it meant my users didn't have direct access to their own sites. In the new setup, each page I host is in /home/username/www/. Consequently, all the files are owned by 'username'.
My guess is that Wordpress' request for ftp credentials stems from a conflict between the apache2 user and the usernames that own the sites. Is this accurate? If so, how do I rectify this?
Okay, beforehand, I want to apologise if my answer is incorrect or beside the point.
I run a private server as well, users need to upload/update their stuff on that server. It runs VSFTPD. So, I have set the conf in such a way that the user (who has an account on the server of course) is chroot/jailed into her/his own folder. The /var/www/ has symlinks to each folder, the rest means you'd have to mount the symlink from the /var/www folder to the user's folder individually. One mount action per user on the server.
That could give you the same ease as before, but the added security. I asume (asume being the scream here) wordpress wants to get tuned in per user...
At any rate, that's how I'd go about it...
Again, luck and apologies if in any chance I posted besides the point...but this challenge was way too interesting to just let is go...
I hadn't thought of that setup, and it might be worth a shot. If it is a permissions problem, though, I'm not sure this will rectify it. While the symlink from /var/www/ to the user's directory itself would have the right permissions, everything past that would still be owned by the user. This would be a quick solution to test though, so I'll give it a try.
Well, I changed the sites-available page for one of my sites to direct connections to the symlink in /var/www/, but no change. Wordpress still asks for ftp cedentials when updating plugins. :-/ Any other suggestions?
Okay, so I think I found an acceptable workaround:
Instead of directing apache to a symlink in /var/www, I went a completely different (and actually much-simpler-to-implement) route. I moved the sites back into their respective owners' home directories, but changed the permissions to the following:
This way, apache's user owns the file, so Wordpress doesn't have any problems updating plugins or new worpress upgrades, and since the site's directory belongs to the user's individual group and the group has full privileges on the directory (and all the files/subdirectories within it), they can still treat it like their own directory.
This setup appears to work, save for one thing: Wordpress admins can't delete plugins. I'm not sure why that is, but I'm also okay with it for now.
Additionally, I'm not sure that I haven't, by doing it this way, opened up some massive vulnerability without realizing it. Any thoughts?
Last edited by GTBlackwell; 06-19-2011 at 10:36 PM.