Strange behaviour for new sites - CentOS6.4

Discussion in 'ISPConfig 3 Priority Support' started by jlscott, Jul 19, 2013.

  1. jlscott

    jlscott New Member

    I have a Centos server that has been upgraded from CentOS6.3 to 6.4, and more recently to ISP Config

    I find that since the ISP Config upgrade, that any new sites I create are implemented differently, and are effectively unusable as I cannot create files/directories in the web folder, even when logged in as 'root'.
    Note that the web42 folder is owned by root and is in root group, as is the log sub-directory (which is a symbolic link in the older working site web33).

    I cannot change the ownership or group of the web42 directory, nor can I create any files/folders within it, even when logged in as root.
    I can do all of these actions with the older web33 site.

    SElinux is disabled on this machine.

    I have the same behaviour on a newer server that had CentOS6.4 installed from the start, along with ISP Config

    I cannot see any differences between the web33 and web42 directories using lsattr or getfacl commands.

    Any ideas that will assist me in solving this problem would be greatly appreciated. Please ask for any additional information that might help to determine the cause of the problem.


    PS - uname details are:
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats correct and the intended behaviour. The behaviour has been changed to protect the folders from being manipulated by clients.

    All folders were files may be uploaded to are still writable of course.

    Files that shall be visible in the website shall uploaded to the "web" folder. Files that shall be kept private go into the folder "private".

    If you still want to create a flder as root user in the web root, then you have to remove the protection first with e.g.:

    chattr -i /var/www/clients/client1/web1

    and after you created the folder apply the protection again:

    chattr +i /var/www/clients/client1/web1
  3. jlscott

    jlscott New Member

    Thanks Tell. However, the previous configuration worked well for me and suited my workflow. If I had known the change I would probably not have upgraded ISP Config. I will now need to rethink how I can use the system effectively.

    Also, can you please advise where the log files for each virtual website will go as the "log" entry in folder "/var/clients/clientx/webyy" is no longer a symbolic link to a directory under "/var/log/ispconfig/httpd/"?


  4. till

    till Super Moderator Staff Member ISPConfig Developer

    You can disable the folder protection under System > server config > web.

    The log files are still in /var/log/ispconfig/httpd/. The symbolic link has been replaced with a bind mount as the symlink did not worked for jailed ssh users.
  5. jlscott

    jlscott New Member

    Thanks Tell. There appear to be a lot of new system configuration options available. I will need to study the documentation to understand them, so I can configure my system to best meet my needs (taking into account the intended security and other benefits that have been built in).



Share This Page