Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 178
  • Last Modified:

Files under two users' ownership on a Linux server

I have the following case - the site was transfered from a Cobalt RAQ to a Fedora Plesk server, and since we have an ownership / perms issue with some files.
In the site structure, the main site resides at / and some users have their own subdirectory a say /web_users/user1 etc. Each user can FTP into the site, and the site also has a different, main FTP account that supposedly can manage everything.
The problem is that the files in say /web_users/user1 that therefore belong to user1 here, cannot be accessed or modified by the main FTP user anymore. Our need is for those sub-directories and their files to be editable by the main FTP access for that account, but also by the user those files belong to.
Obviously we can "chown -R" all files within /web_users/user1 so that they belong to the main FTP user, but in that case the problem is reversed and from then on the user1 cannot change the files in what is supposedly his own space.
Therefore my question is to know if, and how, we can have two users potentially access and modify some files on the server, without comprosing each other's rights to update that file in the future.
I am almost positive this is how it worked on the RAQ where the main FTP account could do everything, but also where a user could manage its own site at domain/~user1/.
2 Solutions
You need to have a look at the manpages for groupadd,chgrp, usermod and chown . You use the groupadd command to create a new group such as webftp. You would then use usermod to add ftp and other users to the group webftp. You would use chgrp to change the ownership of the files and directories you would want your group to be able to access. You would then use chown to enable group read/write permissions on the files you want your users and the ftp user to use.
From what I've done with the Cobalt servers, the directory structure is basically /home/sites/home, and the "users" are defined under there. The user and group id numbers don't line up with most newer systems, so resetting permissions is likely necessary. The user "admin" on a Cobalt is essentially a "root" clone, and can do almost everything necessary to manage the system from the command line. Much of this permission appears to be the result of "looser" permissions on the older systems, and is not easily duplicated on the newer distro's.

However, it sounds like to primarily want to have a single user (not root) that can manipulate a lot of data. You could achieve this by creating a group, placing your "super user" in that group, and then making that group the primary group of all of your "site users". Further, you'll need to update the profile and bashrc settings so that all files get group rw permissions by default.
DenisvtAuthor Commented:
Thanks for the replies. The tech person who manages this Plesk server says it's impossible to achieve what we need because Plesk is so proprietary, however I'll provide him your two replies.

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now