Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 531
  • Last Modified:

how to set up special user permissions

I am migrating about 700 websites to a new Red Hat server.  Each of these sites will have FTP access by different users.  However, I am the main webmaster for the vast majority of these sites.  Is it even possible to set up a user that can have permission for all of these sites.  

The reason I want to do this is so I can FTP with a single user name and then just move around to each site and make changes to the other users home directories.  Kindof a root without all priviliges and FTP access.

If this can be done, can anyone advise me how to do it?

Thanks alot!
0
uksurf
Asked:
uksurf
4 Solutions
 
paullamhkgCommented:
well why not use the SSH

SSHâ„¢ allows users to log into host systems remotely. Unlike protocols such as FTP or Telnet, SSH encrypts the login session, making it impossible for intruders to collect unencrypted passwords.

SSH is designed to replace older, less secure terminal applications used to log into remote hosts, such as telnet or rsh. A related program called scp replaces older programs designed to copy files between hosts, such as rcp. Because these older applications do not encrypt passwords transmitted between the client and the server, avoid them whenever possible. Using secure methods to remotely log into remote systems decreases the risks for both the client system and the remote host.

have a check www.openssh.org, and RH9.0 ssh already implemented.
0
 
paullamhkgCommented:
So using SSh, you can login as root without problem, transfer files, system admin, manage all the server/websites bla bla bla in the most secure way :)
0
 
S0larCommented:
Pullamhkg's advice to use ssh+root is ok, but here's another simple one...
Create special group - webadm for example, add your user to this group...
then assign webadm to be owner group for folders which contain your websites and set permission
to 775 (664)... so you'll be able to write/move/erase etc... and have no root privs.

2paul : re :)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
paullamhkgCommented:
2S0lar, I'm also thinking the same as your idea, but since telnet/ftp is not secure (well vsftp may be or /telnet/ftp with ssl) that's way I suggest ssh ;)

Also uksurf want to make changes to the other users home directories, which mean you need to group eventhings under webadm include the users home directory

eg. /home/paul will be own by paul:webadm and the access right will be drwxrwx--- (770).

Also 700 websites will also owned under the same group name (webadm), may be not easy to separated them if they are on the same groups.
0
 
mlinfordCommented:
A single user can be a member of multiple groups. I suggest making yourself a member of all groups, and keep the groups that others are members of limited to their directories (sounds backwards but often having a username be the groupname is nice).
That is, of course, if you dont want to use SSH as root. (tho i cant see why).
0
 
willy134Commented:
the problem with creatign a webadmin group is that if the user changes his group on his files you have not permssion to move it.  You may need to ad some sudo privilidges to your account that allows you to run root commands without being root.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now