#1  
Old 20th April 2013, 17:07
darinpeterson darinpeterson is offline
HowtoForge Supporter
 
Join Date: Nov 2011
Posts: 154
Thanks: 35
Thanked 13 Times in 13 Posts
Exclamation Help with Permissions Please

Thank you very much for this forum that is dedicated to your supporters!

I am working to migrate my custom CMS, Piece Builder, to ISPConfig 3. It looks like I'm going to be running into permissions issues when trying to write a users pages to their domain.

OS: Debian Squeeze
ISPConfig: v3.0.5.2

I'm currently faced with two large hurdles:
  • Creating folders in a client web# folder. I'm currently logged in as root, and I'm trying to create a new folder in /var/www/clients/client#/web#/, and I get "permission denied". I don't understand how this can be permission denied for root. How can I solve this problem, please?
  • Piece Builder (pb) under one client needs the ability to write to other clients folders web folders. Under the web# folder there will be a symbolic link to the primary pb library that contains all the PHP files to allow operation of the CMS. On my current server, I made apache the owner of files/folders that pb needs to write. I would like to maintain the setting that a user becomes owner of the files in their folder on update, because that helps me with quota concerns. What is the best way for me to allow pb to do it's job?

Thank you for your help...

Darin
Reply With Quote
Sponsored Links
  #2  
Old 20th April 2013, 20:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Quote:
Originally Posted by darinpeterson View Post
[*]Creating folders in a client web# folder. I'm currently logged in as root, and I'm trying to create a new folder in /var/www/clients/client#/web#/, and I get "permission denied". I don't understand how this can be permission denied for root. How can I solve this problem, please?
That happens because the immutable bit is set on the web# folder: http://www.aboutlinux.info/2005/11/m...hich-even.html

You can change this behaviour under System > Server Configuration > Web > Permissions.

Quote:
Originally Posted by darinpeterson View Post
[*]Piece Builder (pb) under one client needs the ability to write to other clients folders web folders. Under the web# folder there will be a symbolic link to the primary pb library that contains all the PHP files to allow operation of the CMS. On my current server, I made apache the owner of files/folders that pb needs to write. I would like to maintain the setting that a user becomes owner of the files in their folder on update, because that helps me with quota concerns. What is the best way for me to allow pb to do it's job?
This is difficult and maybe only possible with mod_php because it runs as the Apache user (whereas FastCGI, CGI, etc. run as the web user), but I would advise against using this on a shared server because of security reasons.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
darinpeterson (20th April 2013)
  #3  
Old 20th April 2013, 20:27
darinpeterson darinpeterson is offline
HowtoForge Supporter
 
Join Date: Nov 2011
Posts: 154
Thanks: 35
Thanked 13 Times in 13 Posts
Default

Thank you for taking the time to reply. I appreciate it.

Quote:
Originally Posted by falko View Post
You can change this behaviour under System > Server Configuration > Web > Permissions.
I have updated the immutable bit setting.

Quote:
Originally Posted by falko View Post
This is difficult and maybe only possible with mod_php because it runs as the Apache user (whereas FastCGI, CGI, etc. run as the web user), but I would advise against using this on a shared server because of security reasons.
I'm not familiar with mod_php, so I'm going to need to do some research on that.

I own the hardware node, and have setup a virtual server just for pb clients. None of them have ftp access to the server, they can currently only modify their websites through the pb interface.

I was hoping that I might be able to enable permissions by:

System > CP Users > pb > Groups

and checking each of the other user's.

If there's not a good way to do this, maybe I should setup this virtual node w/o ISPConfig, and configure Apache manually. I'd prefer to manage all with ISPConfig 3, but if it cannot be done without big architectural changes to pb, I will have to look at alternatives.

I have promised clients to have the migration completed this week. Once I have permissions issues resolved, it will probably take one day to perform all of the migrations.

What do you recommend?

Thank you,
Darin

Last edited by darinpeterson; 20th April 2013 at 20:28. Reason: clarify
Reply With Quote
  #4  
Old 21st April 2013, 12:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
 
Default

If you use this hardware node only yourself and have no FTP accounts on it, you can use mod_php and chown all web sites to www-data:www-data (that's the user/group Apache runs as under Debian/Ubuntu), and it should be fine.

You might have to adjust the open_basedir setting on the Options tab so that your software can access scripts outside of its own web site.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
darinpeterson (22nd April 2013)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Joomla permissions in CentOS/ISPConfig 3 setup willko Tips/Tricks/Mods 3 17th November 2010 12:13
/etc/ permissions CarbonCopy Server Operation 3 29th April 2010 22:58
Verify proper permissions filch General 6 7th February 2009 16:05
suPHP, Joomla! 1.5, file & diretory permissions pjdevries Installation/Configuration 17 19th June 2008 03:58
Logcheck Permissions Problems Drek Server Operation 1 7th September 2007 16:43


All times are GMT +2. The time now is 18:32.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.