vsFTP configuration and the htm directory

I need to give a group of users permission to write to the /var/www/html/ directory of a Redhat Core 2 installation.  I have an active apache 2.xx server running, with this as the primary directory.

Did I mention I need to do this all through an ssh connection?

Step by step would be an excellent help.
LVL 1
preserver3Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

blklineCommented:
Before you can get explicit instructions you need to add a few more details.  The most important details is how are the users going to do the updates?  Are they local to the machine?  Are they Linux/Unix users?  Are they Windows users?     Will they be doing this through a Windows share?  FTP?  SFTP?

Answer these and we can give you a better answer.
0
preserver3Author Commented:
I was going to update this question a bit today, I hope this is enough info.

My users are a mix of Mac, Windows, and Linux users

my current /etc/vsftpd/vsftpd.conf file looks like this
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
pam_service_name=vsftpd
userlist_enable=YES
listen=YES
tcp_wrappers=YES
local_root=/var/www/html
file_open_mode=0777
cmds_allowed=ABOR,CWD,DELE,LIST,MDTM,MKD,NLST,PASS,PASV,PORT,PWD,QUIT,RETR,RMD,RNFR,RNTO,SITE,SIZE,STOR


It seems to work on one of my machines, and not the other.

I have 6 user accounts, I've created in the ordinary way(ie normal linux users).  I would like to group each and give each a different configuration of commands.  One of the user accounts, I'd like to give only read access.

Any suggestions?
0
preserver3Author Commented:
As another note... I need to know what I need to add to my configuration to allow at least one user to use dreamweaver to connect to the site directly.

0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

blklineCommented:
If I were doing this I'd do it like this:

1)   groupadd htmlauthors
2)   for each of your users:
            usermod -g htmlauthors myuser
3)   chgrp htmlauthors /var/www/html
4)   chmod g+rwx /var/www/html

The only con to this method is that if the group permissions will get funky if those users actually sign on to that server to do their own work.  Then you need to worry about group permissions on the other things that they create.  If you are only allowing them on to work with this directory then you should be good to go.  You man need to change the umask parameter in your vsftp.conf file so that each file is created r/w within the group -- test it and see.

Another alternative with vsftp (I think, I don't use it) is to have the users assume another identity after authenticating.  You could take advantage of that to allow access to the directory, after giving the appropriate permissions to the directory.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
preserver3Author Commented:
I tried your example, but my users can't create files or directories in the html directory... is there something wrong with my configuration file?  Thanks for your help so far.


0
preserver3Author Commented:
false alarm...  It just didn't give them access to the directories further down the tree.

Thanks!
0
preserver3Author Commented:
I've got a problem....  

Files created under the group users are being assigned to the individual users and not to apache.  Additionally, I'm guessing because I changed my umask to 077 and not 0775 that that's why I can't delete files I've uploaded in previous sessions.

Any other insights you can provide?

Oh, and for the benefit of the PAQ, add SYST to the end of the cmds_allowed=... line... It's suprising how many errors you'll get from ftp clients without that entry.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.