FTP permissions

Discussion in 'Installation/Configuration' started by twist85, Jun 29, 2007.

  1. twist85

    twist85 New Member

    Hi
    Im am having some problems with the configuration of my server (ubuntu server 6.10). I am fairly new with linux and installing webservers. The problem im having is that when my php script saves files uploaded by a user, in the ftp client i cannot do anything (but view) with those files, the owner is www-data while the ftp user is like: web1_username

    i've looked around the forum and searched on google but havent yet found a good explanaition to solve this problem. When i log in to a webserver provided by a hosting company, i also see the files having different owners, but using the ftp client i can always delete files uploaded by the www-data user. How do i manage that whenever i add a new website (using ispconfig) the ftp users have all rights and can also delete files uploaded by apache(www-data)?

    Thanks for help! (ps. keep in mind im a noob at this :rolleyes: )
     
  2. falko

    falko Super Moderator ISPConfig Developer

  3. twist85

    twist85 New Member

    Thanks! i will try that.
    Still i wonder if it is not possible to make all ftp users member of the www-data group and give all group members full access to the files uploaded by other group members whitin his own web directory (so when user www-data uploads a file, user web1_username can edit/view/delete it (775))
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats not a good idea because it is very insecure.
     
  5. twist85

    twist85 New Member

    Ok, if it is insecure that is not an option for me. But the users are still jailed in their own directories so in what way is security comprimised by making users member of www-data?
    Thanks!
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    A uploaded php or cgi script might get access to all other sites as the php safemode functions can not be considered 100% secure.

    If the files of every website belong to another user and group and php is run with suphp under the same user and group, its more secure.
     
  7. twist85

    twist85 New Member

    Ok, thats clear. thanks for your help!
     
  8. twist85

    twist85 New Member

    So here is what i've done... i followed the tutorials that Falko gave me and was able to install suPhp and ispconfig did what it was supposed to do (it wrote its vhosts file as said in the tutorial). I also installed php5 cgi and in suphp.conf i set the handler like this:

    Code:
    x-httpd-php=php:/usr/bin/php5-cgi
    when i tried to load my php page i got the following error:
    Code:
     Caused by SystemException in API_Linux.cpp:427: execve() for program "/usr/bin/php5.cgi" failed: No such file or directory
    I guess i specified the wrong path to my php5 cgi since i cannot find it at that location (also not by using the shell) i am on ubuntu 6.10. How do i find out where i have to search for the php5-cgi dir? Sorry if this is a stupid question :p! thanks for answers!
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    You see the difference, you entered the filename with a "-" and suphp searches for the file with a "." in the filename. Please check your suphp config file if you set the correct name of the php cgi binary.

    php5-cgi is a file, not a dir!
     
  10. twist85

    twist85 New Member

    I see, im so stupid :p... these kind of mistakes usually get me confused for hours. Thanks for the help, i got everything working now thanks to you guys!
     

Share This Page