LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
 
Search this Thread
Old 02-21-2013, 08:11 AM   #1
svedish
LQ Newbie
 
Registered: Feb 2013
Posts: 8

Rep: Reputation: Disabled
Which user:group is best for CMS modules on CentOS/Plesk?


Hi guys,

I'm totally new to this forum. I was told this is the best place to discuss Linux related topics. First of all, excuse me in advance if my questions are basic. I'm definitely not an advanced user. So I also hope I have posted in the right section. "Linux - Newbie" sounds about right to me!

Ok, here goes...

I have rented a VPS here in the UK which runs CentOS (6 I guess) and Plesk Panel. So far so good. I got my head around them a little bit, so I am able to set up subscriptions and, therefore, host the domains I want to point to this one.

The other day I wanted to try out Concrete5 because I was curious to check out some features and when I got to the installer, it complained that three folders were now writable by the server. Now, regardless of knowing Concrete5, I guess this raised an issue which could come up also with other modules, so I thought it would be good to post now, in advance, to understand what the best practice would be.

I uploaded the files via my FTP client (Transmit) and the owner was therefore my FTP user I created for that hosting (let's call it ftp_user). The group was assigned by the server and it was psacln (what kind of group is that anyway??). On my old server (FreeBSD with no panel) the user was always set to my FTP user (as I guess is normal) and the group is www, and the name makes much more sense to me (www, of course!).

So, what I did to solve the issue in this case, was to change the owner of the whole installation of Concrete5 to 'apache'. So the new user:group became apachesacln. All worked fine, BUT of course I was not able to upload files via my FTP client anymore... Surprise surprise! So I had to change the owner of some folders again to upload via Transmit. A messy way to handle it, to say the least.

I imagine there is a simpler way to solve this issue? I mean, what kind of genius came up with this system on these new VPS I have? Most modules will require the web server to be able to write inside some folders, right?? And, on the other hand, most people want to use an FTP client to manage files and folders??

I'm sure there is to play with groups, but I'm too ignorant to guess what to do. Can any expert please tell me what the best way to handle this, and similar future issues, would be?

Many thanks in advance.
 
Old 02-21-2013, 11:21 AM   #2
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
Welcome to LQ!

You just need to thoroughly go through manuals of chmod (stands for change mode, see here), chown (stands for change owner, see here), file permissions, and ownership and group.

If problem isn't solved after this, please share the error message(s), if any.

Good luck!
 
Old 02-21-2013, 06:43 PM   #3
svedish
LQ Newbie
 
Registered: Feb 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Hello Shivaa,

Thanks for your answer.

I have to say that I have not understood it. Perhaps my first post was not very clear?

I know how to change permissions and owners. I just don't know what the best way to set up owner and group is, in order to make the files writable by the web server (as required by the CMS) and be able to handle files with my FTP client. Hope it makes sense?

Thanks.
 
Old 02-21-2013, 08:32 PM   #4
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
@svedish:
If you know about permissions and chown, then there should be no issues. And as I already said, once go through owner/group concept, and problem will be solved, I hope!

As far as I am concerned, there should be some user (or admin) who manages web server. So in order to allow that user to read/write on your files, just add write permission on your files for group and add that user to mail group of your files.

Code:
~$ chmod g+rw filename
~$ usermod -G <group> username
Note: Here <group> is group associated with the file filename.

BTW, To be honest, I don't much know about web servers, so I or others could help you only if you provide adequate info. with error message, if any.

Last edited by shivaa; 02-21-2013 at 08:35 PM.
 
Old 02-22-2013, 07:52 AM   #5
svedish
LQ Newbie
 
Registered: Feb 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
The problem is this:

when I upload files to the server, by default they belong to the user that has uploaded them, as follows:

files for website 1 belong to user1 (group psacln)
files for website 2 to user2 (group psacln)
files for website 3 to user3 (group psacln)

Some of these files need to be written by the web server (as it happens for most CMS systems). So there needs to be a set up which guarantees the web server to write them on one side and each of the users to manage files via ftp on the other side. On the other server this is solved by the www group, which I believe every hosting user gets added to when I create them, I think...

Do you see what I mean?

Thanks
 
Old 02-22-2013, 08:09 AM   #6
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
A simple suggestion - who is gonna modify these files, uploaded by different users, on your webserver? Do you have any web server admin who will modify these file? If yes, then what's username of that webserver admin and what's his main group?

Just change group of all these uploaded file to main group of admin user (let's say, admin account is webadm and his group is webgroup) like this:
Code:
~$ id -a webadm                      # To check primary group of webadm user, I assume it is webgroup
~$ chgrp webgroup file1 file2 ...    # Changing group
~$ chmod g+rwx file1 fil2 ....       # Assigning read/write to group members
 
Old 02-22-2013, 08:18 AM   #7
svedish
LQ Newbie
 
Registered: Feb 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
No, there is no webadmin user. I will be modifying all these websites, but I may give access to designers or developers to these websites at times, so it's good that each website belongs to a different user for FTP purposes.

So, given that I need to have files belonging to different users? I can solve all just with the group, right?

Thanks
 
Old 02-22-2013, 09:14 AM   #8
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
Quote:
Originally Posted by svedish View Post
No, there is no webadmin user. I will be modifying all these websites, but I may give access to designers or developers to these websites at times, so it's good that each website belongs to a different user for FTP purposes.

So, given that I need to have files belonging to different users? I can solve all just with the group, right?

Thanks
Yes correct. Just create a group, add all your designers to that group and whenever a new file is uploaded, change it's group to that new group with R/W access to designers.
Code:
~$ groupadd admgrp
~$ usermod -G admgrp user1 user2 user3...
~$ chgrp admgrp file1 file2 file3....
~$ chmod g+rwx file1 file2 file3...
 
Old 02-22-2013, 09:52 AM   #9
svedish
LQ Newbie
 
Registered: Feb 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Sorry, but this means that I would need to *manually* change the group of *each* file that gets uploaded? That would be quite a hassle, don't you think? Shouldn't I work with the group that gets assigned to the files automatically by this VPS and add these users to this psacln group?

Also, what is this psacln group? I had a nice www group on my FreeBSD server and all users I created automatically got added to it! Intsead this new server, when I create a hosting user, doesn't add him / her to this default group? This is just non sense, isn't it? Is it Plesk that does it or CentOS?

Thanks
 
Old 02-22-2013, 11:05 AM   #10
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
Well, in that case, SGID could be helpful, but it has a limitation that any new file created within a directory inherits main group of the directory. But already existing file will still have their old group.

Meanwhile, you need not to run chgrp for every individual file, but invoke it on whole directory, as:
Code:
~$ chgrp -R newgroup /path/to/dir
~$ chmod g+xs /path/to/dir
In this way, work can be done in one shot.
 
Old 02-26-2013, 04:16 AM   #11
svedish
LQ Newbie
 
Registered: Feb 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Everything sounds a bit convoluted, I have to admit. but thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] more than one uid 0 - centOS/Plesk 10.x micxz Linux - Security 28 08-04-2011 07:41 AM
more than one uid 0 - centOS/Plesk 10.x (OT) orgcandman Linux - Security 9 07-12-2011 03:42 PM
ls command fails after updating plesk on centos 5.4 delmoras Linux - General 3 06-02-2010 01:30 PM
Plesk 9/CentOS symlinks prophoto Linux - Server 1 02-19-2009 03:47 PM
Can't access Plesk on vmware Centos 5 server on LAN goodgirl Linux - Server 6 09-11-2008 11:25 PM


All times are GMT -5. The time now is 03:32 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration