Solved

how to set up linux permissions for contractor?

Posted on 2010-11-17
3
363 Views
Last Modified: 2012-05-10
I am setting up a webserver for a contractor to use.  i want to give them permissions to log in, upload files to the website, restart apache if needed, and set up the postrgres db.  what is the best practice for doing this?  i want to give them enough permissions to get the job done, but not too many permissions they dont need.
0
Comment
Question by:trip008vk
3 Comments
 
LVL 5

Expert Comment

by:dacasey
ID: 34157643
Create an account for him.  Add him to the apache group, postgres and other groups as necessary.

adduser consultant

vi \etc\group   <- add the newly created user to al groups you think he will need.
0
 
LVL 7

Accepted Solution

by:
Hatrix76 earned 250 total points
ID: 34162785
NEVER EVER touch /etc/passwd or /etc/group directly!

You should never do that, but use the tools the system provides you with.

usermod -a -G <group> <user>


to add a user to groups

for sudo, use visudo, etc.


So, having this out of the way, your answer depends deeply on which distribution of linux you will use, in centos i would do:

He should be able to watch the logfiles of httpd, as they are world-readable

allow him to restart apache with sudo (use visudo) add:
<username> ALL=/etc/init.d/httpd start, /etc/init.d/httpd stop,/etc/init.d/httpd restart, /sbin/services httpd restart

then add him to the group you use for the website (like apache) and make sure the upload directory for the webpage has group read-write-execute permissions on them.

Then, create him an postgresql user account which is allowed to create databases and you should be good to go. With this account he should be able to administrate his databases.
0
 

Author Closing Comment

by:trip008vk
ID: 34168257
Thank you, Hatrix76.  this is along the lines of what i had been thinking.  dacasey's "solution" wasn't helpful at all
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how to use external config file with Spring MVC 4 90
Apache,  not running php on top level 14 59
Problem to start Neon 20 89
liboauth-php x oauth-1.2.3 3 47
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now