Solved

how to set up special user permissions

Posted on 2003-10-21
8
491 Views
Last Modified: 2013-12-16
I am migrating about 700 websites to a new Red Hat server.  Each of these sites will have FTP access by different users.  However, I am the main webmaster for the vast majority of these sites.  Is it even possible to set up a user that can have permission for all of these sites.  

The reason I want to do this is so I can FTP with a single user name and then just move around to each site and make changes to the other users home directories.  Kindof a root without all priviliges and FTP access.

If this can be done, can anyone advise me how to do it?

Thanks alot!
0
Comment
Question by:uksurf
8 Comments
 
LVL 12

Accepted Solution

by:
paullamhkg earned 64 total points
ID: 9596100
well why not use the SSH

SSH™ allows users to log into host systems remotely. Unlike protocols such as FTP or Telnet, SSH encrypts the login session, making it impossible for intruders to collect unencrypted passwords.

SSH is designed to replace older, less secure terminal applications used to log into remote hosts, such as telnet or rsh. A related program called scp replaces older programs designed to copy files between hosts, such as rcp. Because these older applications do not encrypt passwords transmitted between the client and the server, avoid them whenever possible. Using secure methods to remotely log into remote systems decreases the risks for both the client system and the remote host.

have a check www.openssh.org, and RH9.0 ssh already implemented.
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9596109
So using SSh, you can login as root without problem, transfer files, system admin, manage all the server/websites bla bla bla in the most secure way :)
0
 
LVL 6

Assisted Solution

by:S0lar
S0lar earned 62 total points
ID: 9597059
Pullamhkg's advice to use ssh+root is ok, but here's another simple one...
Create special group - webadm for example, add your user to this group...
then assign webadm to be owner group for folders which contain your websites and set permission
to 775 (664)... so you'll be able to write/move/erase etc... and have no root privs.

2paul : re :)
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 12

Expert Comment

by:paullamhkg
ID: 9597105
2S0lar, I'm also thinking the same as your idea, but since telnet/ftp is not secure (well vsftp may be or /telnet/ftp with ssl) that's way I suggest ssh ;)

Also uksurf want to make changes to the other users home directories, which mean you need to group eventhings under webadm include the users home directory

eg. /home/paul will be own by paul:webadm and the access right will be drwxrwx--- (770).

Also 700 websites will also owned under the same group name (webadm), may be not easy to separated them if they are on the same groups.
0
 
LVL 1

Assisted Solution

by:mlinford
mlinford earned 62 total points
ID: 9609709
A single user can be a member of multiple groups. I suggest making yourself a member of all groups, and keep the groups that others are members of limited to their directories (sounds backwards but often having a username be the groupname is nice).
That is, of course, if you dont want to use SSH as root. (tho i cant see why).
0
 
LVL 5

Assisted Solution

by:willy134
willy134 earned 62 total points
ID: 9610173
the problem with creatign a webadmin group is that if the user changes his group on his files you have not permssion to move it.  You may need to ad some sudo privilidges to your account that allows you to run root commands without being root.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question