Hi,

i noticed in the Joomla! HowTo (http://www.howtoforge.com/joomla_ispconfig) that root needs to chown the Joomla! files to be owned by the www:data group before a customer can use them properly.

This works, technically.

But if you sell a hosting package with PHP & FTP, i guess most customers would expect to be able to upload their applications (cms, weblogs, whatever), without having to call the admin to ask them to chown their files. (and the admin does not want all the calls.)

What would be your ideas on a more pleasant, but still secure configuration for this?

reinier

If you install suPHP, the chowning is not nescessary. Or the client has to set global write permissions on the directory where joomly wants to write to.

I looked a bit at the settings of my hosting provider (which have been very comfortable for me in the last 4 years)

When open an FTP session and create a new file, the user of that file is my account (so for a ISPConfig setup, that would be something like web1_admin ), but the group is www-data. The chmod values are 664.

If I upload a file over the web, both the user as the group are www-data.

The user is not a member of the www-data group.

These defaults make the trick work. The only thing that happens is that when a file is uploaded through the web, you need to set the access-rights to that file to be writeable by everyone using the web, too, in order to be able to change the file over FTP. So be it.

My knowledge stops here.

How can I force my FTP server to set the ownership of newly ftp´d files to this?

user: the ftp-user
group: www-data
chmod: 664

Reinier

If you want a chmod 664, you need to set Umask 002 in your ProFTPd settings.