Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 6th November 2007, 19:55
smartcall smartcall is offline
Senior Member
 
Join Date: Nov 2006
Posts: 116
Thanks: 10
Thanked 7 Times in 3 Posts
Default Prevent .no_delete from deleting

Hello,

I was experiencing a lot of problems when my users were able to delete their /log directory despite of .no_delete file in it.
As a matter of fact (especially in my server setup) every user who is with 'administrator' status owns his /log directory and .no_delete file respectively. There was no reason why they couldn't delete this file and the whole directory, which prevented apache from starting again.

What I did was:

Edited /root/ispconfig/scripts/lib/config.lib.php
and added
Code:
$root_gruppe = $mod->system->root_group();
  exec("chmod 400 $web_path/user/.no_delete");
  exec("chown root:$root_gruppe $web_path/user/.no_delete");
  exec("chmod 400 $web_path/log/.no_delete");
  exec("chown root:$root_gruppe $web_path/log/.no_delete");
  exec("chmod 400 $web_path/cgi-bin/.no_delete");
  exec("chown root:$root_gruppe $web_path/cgi-bin/.no_delete");
  exec("chmod 400 $web_path/ssl/.no_delete");
  exec("chown root:$root_gruppe $web_path/ssl/.no_delete");
  exec("chmod 400 $web_path/phptmp/.no_delete");
  exec("chown root:$root_gruppe $web_path/phptmp/.no_delete");
  exec("chmod 400 $web_path/web/error/.no_delete");
  exec("chown root:$root_gruppe $web_path/web/error/.no_delete");
right after
Code:
exec("chown -R $user_username $web_path/log/* &> /dev/null");
in the section that follows after
Code:
////////// Verzeichnisse erzeugen ENDE ///////////
then i executed the command
Code:
find . -name ".no_delete" -exec chown root:root '{}' \;
in /var/www - where ISPConfig creates the webs in my server setup, just to make sure all previously created .no_delete files are owned by root.
That I believe solved my problem.

Last edited by smartcall; 6th November 2007 at 20:50.
Reply With Quote
Sponsored Links
  #2  
Old 7th November 2007, 09:04
smartcall smartcall is offline
Senior Member
 
Join Date: Nov 2006
Posts: 116
Thanks: 10
Thanked 7 Times in 3 Posts
Default

Of course the above didn't work, because the owner still has write permissions on the containing directory.

Any ideas are appreciated.
Reply With Quote
  #3  
Old 7th November 2007, 10:22
smartcall smartcall is offline
Senior Member
 
Join Date: Nov 2006
Posts: 116
Thanks: 10
Thanked 7 Times in 3 Posts
Default

Again answering to myself, I think I finally managed to do it.

The permissions of the log dir itself must be 555. This way it works.
The .no_delete and directory can't be deleted.
Reply With Quote
The Following User Says Thank You to smartcall For This Useful Post:
falko (8th November 2007)
  #4  
Old 5th December 2007, 10:07
smartcall smartcall is offline
Senior Member
 
Join Date: Nov 2006
Posts: 116
Thanks: 10
Thanked 7 Times in 3 Posts
 
Default Another solution - proftpd.conf

Another solution would be to add this in proftpd.conf

Code:
<Directory /var/www>
HideFiles (\.passwd|htpasswd|no_delete|forward|procmailrc|spamassassin|vacation.cache|Maildir|csc|antivirus.rc|autoresponder.r
c|html-trap.rc|local-rules.rc|mailsize.rc|quota.rc|spamassassin.rc|user_prefs|vacation.msg)$ #
</Directory>
Where directory is the top one for webs.

I gues that when proftpd doesn't show these files, their containing directories can't be deleted.
But i can't guarantee that this will work with all FTP clients.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Deleting Home Directory FrozenPixel Server Operation 5 28th June 2007 13:33
ISPConfig Not Deleting Techman Installation/Configuration 3 2nd April 2007 16:31
How can prevent the user from edit file ? qwe010 Technical 9 20th January 2007 12:23
Deleting a mailuser does not work completely viewport Installation/Configuration 4 7th March 2006 05:44
problem with deleting hadisaadeh Installation/Configuration 1 22nd December 2005 10:48


All times are GMT +2. The time now is 12:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.