HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Permission tfor a website folder & ssh/ftp access (http://www.howtoforge.com/forums/showthread.php?t=54488)

Salital 10th October 2011 03:00

Permission tfor a website folder & ssh/ftp access
 
Hi Guys,

1. I create a client with the username: 'salx'

2. I create a website www,salx.mywebdomain.com

3. I create for the salx client a ssh access shell

4. I create for the salx client a ftp access

about the above point 2. when I typed on the webaddress bar:

www,salx.mywebdomain.com

I receive (or everyone to type the same webaddress) the follow page message

Quote:

Forbidden

You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.16 (Debian) Server at www.salx.mywebsite.com Port 80
If I tried to access via ssh to the folder website (I use the account create at point 3. of above list) I have the access but appear the following message

Quote:

Could not chdir to home directory /var/www/clients/client2/salx.mywebsite.com/web/./home/salx: Permission denied
-bash: /var/www/clients/client2/salx.mywebsite.com/web/./home/salx/.bash_profile: Permission denied
But I have access to the root filesystem I can see:

Quote:

-rw------- 1 root root 11264 Oct 9 17:37 aquota.group
-rw------- 1 root root 11264 Oct 9 17:37 aquota.user
drwxr-xr-x 2 root root 4096 Aug 2 11:54 bin
drwxr-xr-x 3 root root 4096 Oct 8 16:25 boot
drwxr-xr-x 16 root root 3180 Oct 9 10:25 dev
drwxr-xr-x 142 root root 12288 Oct 9 14:30 etc
drwxr-xr-x 4 root root 4096 Aug 16 10:27 home
lrwxrwxrwx 1 root root 28 Aug 1 16:13 initrd.img -> boot/initrd.img-2.6.32-5-686
drwxr-xr-x 13 root root 12288 Oct 8 16:24 lib
drwx------ 2 root root 16384 Aug 1 16:09 lost+found
drwxr-xr-x 5 root root 4096 Aug 3 11:12 media
drwxr-xr-x 2 root root 4096 Jun 19 07:45 mnt
drwxr-xr-x 2 root root 4096 Aug 1 16:10 opt
dr-xr-xr-x 175 root root 0 Oct 9 10:24 proc
drwx------ 12 root root 4096 Oct 9 16:43 root
drwxr-xr-x 2 root root 4096 Oct 8 16:20 sbin
drwxr-xr-x 2 root root 4096 Jul 20 2010 selinux
drwxr-xr-x 2 root root 4096 Aug 1 16:10 srv
drwxr-xr-x 12 root root 0 Oct 9 10:24 sys
drwxrwxrwt 11 root root 4096 Oct 9 17:37 tmp
drwxr-xr-x 11 root root 4096 Aug 2 17:17 usr
drwxr-xr-x 17 root root 4096 Aug 13 00:30 var
lrwxrwxrwx 1 root root 25 Aug 1 16:13 vmlinuz -> boot/vmlinuz-2.6.32-5-686
I think it's too much bad:(

If I access with a client ftp as Filezilla I access at the following folder

/var/www/clients/client2/web4/web

And in my ftp remote server listing directory I saw the following directories and one hidden file (- .bash_history)

Quote:

- cgi-bin
- etc
- home
- log
- ssl
- tmp
- var
- web
- .bash_history
If I try to access to the 'web' directory (/var/www/clients/client2/web4/web) via ftp I receive the following message:

Quote:

Status: Retrieving directory listing...
Command: CWD web
Response: 550 Can't change directory to web: Permission denied
Error: Failed to retrieve directory listing
:(

MY QUESTION

for this client I create a Jailkit ssh account maybe is this the problem?

NOTE: I follow the same steps for other clients/website but I don't have the same problem ... the only problem that I have for the other client/website is that via ssh the user can reach every folder on the webserver

till 10th October 2011 08:22

Please post the following output:

grep web4 /etc/passwd


and

grep client2 /etc/group

and

ls -la /var/www/clients/client2/web4

Salital 12th October 2011 06:49

answering to your questions

'grep web4 /etc/passwd' output

Quote:

web4:x:5005:5007::/var/www/clients/client2/salx.mywebsite.com/web/./home/web4:/bin/false
'grep client2 /etc/group' output

Quote:

client2:x:5007:www-data
'ls -la /var/www/clients/client2/web4' output

Quote:

total 40
drwxr-xr-x 9 root root 4096 Oct 5 08:34 .
drwxrwxr-x 7 root root 4096 Oct 9 12:19 ..
-rwxr-xr-x 1 web4 client2 31 Oct 9 12:19 .bash_history
drwxr-x--x 2 web4 client2 4096 Sep 27 15:08 cgi-bin
drwxr-xr-x 2 root root 4096 Oct 9 12:19 etc
drwxr-xr-x 5 root root 4096 Oct 9 12:19 home
lrwxrwxrwx 1 web4 client2 42 Sep 27 15:08 log -> /var/log/ispconfig/httpd/salx.mywebsite.com
drwxr-x--x 2 web4 client2 4096 Sep 27 15:08 ssl
drwxrwxrwx 2 web4 client2 4096 Sep 27 15:08 tmp
drwxrwxr-x 3 root root 4096 Oct 5 08:34 var
drwx--x--- 8 root root 4096 Oct 5 10:25 web

till 12th October 2011 09:18

Please run:

chown web4:client2 /var/www/clients/client2/web4/web

and try to access the folder again.

Which ISPConfig version do you use?

Salital 12th October 2011 17:42

Hi,

I run from the root

chown web4:client2 /var/www/clients/client2/web4/web

AND

1. I can successfully access to the website through www.salx.mywebsite.com :)))))

2. I can access successfully to the folder website :))))

BUT

if I access via ssh to the folder website I reach the following path

/var/www/clients/client2/stanmx.qaligo.com/web/home/salx

I can reach also the root path / :((((

About your last question 'Which ISPConfig version do you use?'

Quote:

ISPConfig 3

till 12th October 2011 17:50

Please post the exact version number.

Have you changed the paths in ISPConfig under System > Server Config > Web where the sites are created? Because normally the path in /etc/passwd for users is something like /var/www/clients/client2/web4/web/ and not /var/www/clients/client2/salx.mywebsite.com/web/. The path never contains the domain name.

Salital 12th October 2011 18:15

1. My ISPConfig version is the 'ISPConfig Version: 3.0.3.3'

2. Under 'System > Server Config > Web' I saw that

Quote:

Website basedir: /var/www
Website path: /var/www/clients/client[client_id]/web[website_id]
Website symlinks: /var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/
Vhost config dir: /etc/apache2/sites-available
Vhost config enabled dir: /etc/apache2/sites-enabled
Security level: High
Test apache configuration on restart: ACTIVETED
Apache user: www-data
Apache group: www-data
Apache php.ini path: /etc/php5/apache2/php.ini
CGI php.ini path: /etc/php5/cgi/php.ini
PHP open_basedir: [website_path]/web:[website_path]/tmp:/var/www/[website_domain]/web:/srv/www/[website_domain]/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin
.htaccess AllowOverride: All
Apps-vhost port: 8081
Apps-vhost IP: _default_
Apps-vhost Domain:
awstats conf folder: /etc/awstats
awstats data folder: /var/lib/awstats
awstats.pl script: /usr/lib/cgi-bin/awstats.pl
awstats_buildstaticpages.pl script: /usr/share/awstats/tools/awstats_buildstaticpages.pl



All times are GMT +2. The time now is 23:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.