Solved

how to set up special user permissions

Posted on 2003-10-21
8
506 Views
Last Modified: 2013-12-16
I am migrating about 700 websites to a new Red Hat server.  Each of these sites will have FTP access by different users.  However, I am the main webmaster for the vast majority of these sites.  Is it even possible to set up a user that can have permission for all of these sites.  

The reason I want to do this is so I can FTP with a single user name and then just move around to each site and make changes to the other users home directories.  Kindof a root without all priviliges and FTP access.

If this can be done, can anyone advise me how to do it?

Thanks alot!
0
Comment
Question by:uksurf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 12

Accepted Solution

by:
paullamhkg earned 64 total points
ID: 9596100
well why not use the SSH

SSH™ allows users to log into host systems remotely. Unlike protocols such as FTP or Telnet, SSH encrypts the login session, making it impossible for intruders to collect unencrypted passwords.

SSH is designed to replace older, less secure terminal applications used to log into remote hosts, such as telnet or rsh. A related program called scp replaces older programs designed to copy files between hosts, such as rcp. Because these older applications do not encrypt passwords transmitted between the client and the server, avoid them whenever possible. Using secure methods to remotely log into remote systems decreases the risks for both the client system and the remote host.

have a check www.openssh.org, and RH9.0 ssh already implemented.
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9596109
So using SSh, you can login as root without problem, transfer files, system admin, manage all the server/websites bla bla bla in the most secure way :)
0
 
LVL 6

Assisted Solution

by:S0lar
S0lar earned 62 total points
ID: 9597059
Pullamhkg's advice to use ssh+root is ok, but here's another simple one...
Create special group - webadm for example, add your user to this group...
then assign webadm to be owner group for folders which contain your websites and set permission
to 775 (664)... so you'll be able to write/move/erase etc... and have no root privs.

2paul : re :)
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 12

Expert Comment

by:paullamhkg
ID: 9597105
2S0lar, I'm also thinking the same as your idea, but since telnet/ftp is not secure (well vsftp may be or /telnet/ftp with ssl) that's way I suggest ssh ;)

Also uksurf want to make changes to the other users home directories, which mean you need to group eventhings under webadm include the users home directory

eg. /home/paul will be own by paul:webadm and the access right will be drwxrwx--- (770).

Also 700 websites will also owned under the same group name (webadm), may be not easy to separated them if they are on the same groups.
0
 
LVL 1

Assisted Solution

by:mlinford
mlinford earned 62 total points
ID: 9609709
A single user can be a member of multiple groups. I suggest making yourself a member of all groups, and keep the groups that others are members of limited to their directories (sounds backwards but often having a username be the groupname is nice).
That is, of course, if you dont want to use SSH as root. (tho i cant see why).
0
 
LVL 5

Assisted Solution

by:willy134
willy134 earned 62 total points
ID: 9610173
the problem with creatign a webadmin group is that if the user changes his group on his files you have not permssion to move it.  You may need to ad some sudo privilidges to your account that allows you to run root commands without being root.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question