New FTP user - Permission denied to /web, /webdav, /tmp

Discussion in 'General' started by incredimike, Jan 20, 2021.

  1. incredimike

    incredimike New Member

    Today I attempted to create a new User, Site, & FTP User. All seemed to work fine during creation process.

    When I tested the new FTP connection, I can connect and authenticate, and get a directory listing.
    But if I receive a permissions error message if I try to navigate to any directories. This happens for all directories except for the log and ssl subdirectories (which are owned by root)

    The error is "Could not receive directory listing /web: Permission denied"

    Any idea why my system would suddenly have permissions issues? This was working recently. Existing users continue working. I hadn't changed anything.

    I've even updated to the recent version and still have the same problem.

    Anyone have any ideas? Would be appreciated.
     
    Last edited: Jan 20, 2021
  2. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    We don't know and can't check them, but you can, you can simply run "ls -lah /var/www/domain.tld/ and see its directories permission.

    Normally, any changes in its website settings or running ISPConfig resync tool should fix the permission via GUI.

    You are not advised to use CLI commands chown and chmod to fix unless some files inside them are also affected, thus running such commands recursively becomes necessary, but in that case, use resync tool again thereafter, just to be safe.
     
  3. incredimike

    incredimike New Member

    The directory permissions appear correct. They're they're set up similarly as the all the other domains on the server.

    Thanks. The resync tool was what I was looking for. I ran it, and it looks like it executed correctly.. but I still have permission issues trying to upload files to /web. I've tried recreating the FTP users several times. super weird.

    Specifically, connecting and trying to chdir to /tmp results in this error:

    Code:
    Server said: /tmp: No such file or directory
    
    Error -125: remote chdir failed
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Check the ftp user (table ftp_user) and website (table web_domain) in the ispconfig database with phpmyadmin, that they both use the same path and also same linux user and group (webXX and clientXX) and that this path exists on the hard disk.
     
  5. incredimike

    incredimike New Member

    Thank you for your suggestions. I checked the database tables and the values seem correct.

    I deleted and recreated the client, Site and FTP User accounts from ISPConfig. Same problem.

    Anywhere else I can look?

    Thanks so much for your suggestions
     
  6. incredimike

    incredimike New Member

    Here is a screenshot of the database table data. I think it looks correct!
    [​IMG]
    Below is a screenshot of the directory permissions for the new user & site (client14 / web 19). Below it is a user I created years ago that's still working. They look right??
    [​IMG]
    (Sorry for the extra post spam, but I needed to post a 2nd post before I could post a link)
     
    Last edited: Jan 20, 2021
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    The database looks strange as some sites seem to have no correct user names. Have you copied this system manually from another server somehow without copying the passwd, shadow, and group files?
     
  8. incredimike

    incredimike New Member

    I thought it looked strange too.
    This has been the same server since it was provisioned in November 2016. Maybe it has something to do with upgrades over time?
    Unfortunately I don't remember the original ISPConfig version installed, but I imagine it would have been the current stable at the time.
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Unlikely, my own servers are upgraded since ispconfig 3 exists without having such an issue.

    Is there a user web11 in /etc/passwd file and a group client2 in /etc/groups file?

    Do you get any errors when you run the commands pwck and grpck ? These two commands repair passwd and group files. Make a backup of the whole /etc folder first, just to be sure.
     
  10. incredimike

    incredimike New Member

    I recreated a new user, "avenro" client14, web19
    Looking at /etc/passwd I see the following line:
    web19:x:5019:5018::/var/www/clients/client14/web19:/bin/false
    Looking at /etc/group:
    client14:x:5018:www-data

    Oh, here we go....

    [email protected]:/$ sudo pwck
    user 'lp': directory '/var/spool/lpd' does not exist
    user 'news': directory '/var/spool/news' does not exist
    user 'uucp': directory '/var/spool/uucp' does not exist
    user 'list': directory '/var/list' does not exist
    user 'irc': directory '/var/run/ircd' does not exist
    user 'gnats': directory '/var/lib/gnats' does not exist
    user 'nobody': directory '/nonexistent' does not exist
    user 'systemd-resolve': directory '/run/systemd/resolve' does not exist
    user 'syslog': directory '/home/syslog' does not exist
    user '_apt': directory '/nonexistent' does not exist
    user 'ntp': directory '/home/ntp' does not exist
    user 'mysql': directory '/nonexistent' does not exist
    user 'dovenull': directory '/nonexistent' does not exist
    user 'memcache': directory '/nonexistent' does not exist
    user 'web3': directory '/var/www/clients/client1/web3/./home/avenfr' does not exist
    user 'ftpuser': directory '/bin/null' does not exist
    user 'web15': directory '/var/www/clients/client5/web15/./home/avenscandi' does not exist
    pwck: no changes
    [email protected]:/$ sudo grpck
    'www-data' is a member of the 'client1' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client0' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client5' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client10' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client3' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client4' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client7' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client9' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client2' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client6' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client8' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client11' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client12' group in /etc/group but not in /etc/gshadow
    'www-data' is a member of the 'client14' group in /etc/group but not in /etc/gshadow

    I suspect those grpck errors might be related :p Any ideas?

    I see a previous post about the same errors.. from over 10 years ago:
    https://www.howtoforge.com/community/threads/bad-group-config.40079/
     
    Last edited: Jan 20, 2021

Share This Page