Solved

how to set up special user permissions

Posted on 2003-10-21
8
502 Views
Last Modified: 2013-12-16
I am migrating about 700 websites to a new Red Hat server.  Each of these sites will have FTP access by different users.  However, I am the main webmaster for the vast majority of these sites.  Is it even possible to set up a user that can have permission for all of these sites.  

The reason I want to do this is so I can FTP with a single user name and then just move around to each site and make changes to the other users home directories.  Kindof a root without all priviliges and FTP access.

If this can be done, can anyone advise me how to do it?

Thanks alot!
0
Comment
Question by:uksurf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 12

Accepted Solution

by:
paullamhkg earned 64 total points
ID: 9596100
well why not use the SSH

SSH™ allows users to log into host systems remotely. Unlike protocols such as FTP or Telnet, SSH encrypts the login session, making it impossible for intruders to collect unencrypted passwords.

SSH is designed to replace older, less secure terminal applications used to log into remote hosts, such as telnet or rsh. A related program called scp replaces older programs designed to copy files between hosts, such as rcp. Because these older applications do not encrypt passwords transmitted between the client and the server, avoid them whenever possible. Using secure methods to remotely log into remote systems decreases the risks for both the client system and the remote host.

have a check www.openssh.org, and RH9.0 ssh already implemented.
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9596109
So using SSh, you can login as root without problem, transfer files, system admin, manage all the server/websites bla bla bla in the most secure way :)
0
 
LVL 6

Assisted Solution

by:S0lar
S0lar earned 62 total points
ID: 9597059
Pullamhkg's advice to use ssh+root is ok, but here's another simple one...
Create special group - webadm for example, add your user to this group...
then assign webadm to be owner group for folders which contain your websites and set permission
to 775 (664)... so you'll be able to write/move/erase etc... and have no root privs.

2paul : re :)
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 12

Expert Comment

by:paullamhkg
ID: 9597105
2S0lar, I'm also thinking the same as your idea, but since telnet/ftp is not secure (well vsftp may be or /telnet/ftp with ssl) that's way I suggest ssh ;)

Also uksurf want to make changes to the other users home directories, which mean you need to group eventhings under webadm include the users home directory

eg. /home/paul will be own by paul:webadm and the access right will be drwxrwx--- (770).

Also 700 websites will also owned under the same group name (webadm), may be not easy to separated them if they are on the same groups.
0
 
LVL 1

Assisted Solution

by:mlinford
mlinford earned 62 total points
ID: 9609709
A single user can be a member of multiple groups. I suggest making yourself a member of all groups, and keep the groups that others are members of limited to their directories (sounds backwards but often having a username be the groupname is nice).
That is, of course, if you dont want to use SSH as root. (tho i cant see why).
0
 
LVL 5

Assisted Solution

by:willy134
willy134 earned 62 total points
ID: 9610173
the problem with creatign a webadmin group is that if the user changes his group on his files you have not permssion to move it.  You may need to ad some sudo privilidges to your account that allows you to run root commands without being root.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question