Error or Feature

Discussion in 'General' started by dhoefling, Aug 19, 2009.

  1. dhoefling

    dhoefling New Member

    Hi,

    I has 1 client which kann make his own clients, its a kind of reseller. Now when i create for a user an ftp account, which is a customer from him, the correct user syntax like ftp[CLIENTID]_# was set. But when he made an ftp coount the CLIENTID from the him was picked. It works correctly when i set the flag admin, but then he can show all webs.

    Please, i need urgently help for this problem.

    THX, Dominik
     
  2. moglia

    moglia New Member

    try this

    You need choose a client from combobox.
    If you need a reseller you need create reseller acount not end user account to reseller.
     
  3. dhoefling

    dhoefling New Member

    not a solution

    Sorry i has try every workflow. A post at this forum say i must insert in "Client > Limit > Max. number of Clients greater 0. The Client/Reseller can create clients but no correct FTP oder SSH accounts. If the admin or the client create a account and the reseller like to edit this account - the client has lost his password - the field Username was shown ftp[CLIENTID]_[ftp20_01]. 20 was the Client ID, the customer has create this account self. Now the reseller set an new password an the account was show with the Username ftp5_ftp20_01.

    I think its a Bug or i musst sleep longer.

    GN an THX for your help :confused:
     
  4. moglia

    moglia New Member

    Possible BUG.

    Im using [CLIENTNAME]_ for all and and c[CLIENTID]_ only for database username because mysql user limitations on 16 chars.

    It´s appers bug report it on http://bugtracker.ispconfig.org/ send-me a link back to bug. i will folow it.

    I need make testing enviroment to reproduce this error.
    actually im using ispconfig 3 on prodution enviroment, and not allows user use site features only mail accounts.
     
  5. till

    till Super Moderator

    One side note to moglia: Do not use underscores in mysql users or prefixes, underscores are interpreted as wildcard by mysql.

    Regarding the other issue: Post it to the bugtracker and we will try to reproduce it. But I did not see that yet.
     
  6. moglia

    moglia New Member

    Works normal to me.

    mysql> select user from user;
    +------------------+
    | user |
    +------------------+
    | root |
    | root |
    | c1_educom |
    | c3_site |
    | debian-sys-maint |
    | intwmail |
    | ispconfig |
    | root |
    +------------------+
    8 rows in set (0.00 sec)

    Including console operations:

    #mysql -uc1_educom -pPASS interatia_educom

    mysql> show tables;
    +-----------------------------+
    | Tables_in_interatia_educom |
    +-----------------------------+
    | educom_aprendizagem_objetos |
    | educom_aula_questoes |
    | educom_aulas |
    | educom_cursos |
    | educom_disciplinas |
    | educom_enquetes |
    | educom_grupos |
    | educom_likert_itens |
    | educom_pessoas |
    | educom_questao_opcoes |
    | educom_questao_tipos |
    | educom_questoes |
    | educom_respostas |
    | educom_respostas_enquetes |
    | educom_tipos_objetos |
    +-----------------------------+
    15 rows in set (0.00 sec)

    mysql> \q
    Bye
     
  7. till

    till Super Moderator

    Sure, it seems to work at the beginning. But as soon as you have a user e.g. like uc10_.... or uc100_, then the user uc1_educom has access to all of the databases of the uc1* users. Take a look at the mysql documentation, the problem is described there.

    http://lists.mysql.com/mysql/186085
     
  8. dhoefling

    dhoefling New Member

    Thank Till and Moglia for your help. The problem with the mysql _user is solved.

    I will try to fix it self in my DEV Enviroment. Till please can you tell me which files i have to edit for fix. I think i lock the Field on "Edit". After this the Customer can not Edit the name but this is not necessary. I will post the solution after my first 5 free days :D this year on mid of next week.

    Another question. We wrote at this time Customer Manual for ISP3 and i will get you a little back, where can i post it that the community has a benefit.

    regards, Dominik
     
  9. moglia

    moglia New Member

    Look this ...

    If i will create 2 users like:

    c1_login1 and c1_login2

    fact if using _ on user name

    login1 can see database of login2 and login 2 can see database of login1.

    _ works like wildcard for user name?

    allow all c1_* users can view all c1_* databases?

    it´s is the question?

    please confirm it to me.
     
  10. till

    till Super Moderator

    Yes. Thats a known thing with mysql. Some call it a bug, the mysql poeple call it a feature. You will find a lot of threads in all kind of lists and forums if you search with google. Please see the link I posted above.
     
  11. moglia

    moglia New Member

    Fixes

    The page says:

    The “_” and “%” wildcards are allowed when specifying database names in GRANT statements that grant privileges at the global or database levels. This means, for example, that if you want to use a “_” character as part of a database name, you should specify it as “\_” in the GRANT statement, to prevent the user from being able to access additional databases matching the wildcard pattern; for example, GRANT ... ON `foo\_bar`.* TO ....

    _ for \_

    It´s Simple str_replace foo_bar for foo\_bar on user and database creation time.

    How ispconfig works to grant? you can modify mysql database tables direct insted use grant commands, and before flush privileges.

    I belive if Modify table direct alows long usernames but grant commands at console will be not work and need change username for more then 16 chars at mysql user table.

    Idea but php cli script to manipulate user rights.

    Im using _ on database names and user names. like cpanel and others. it´s interessant checks how ispconfig works.
     

Share This Page