Which user:group is best for CMS modules on CentOS/Plesk?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Which user:group is best for CMS modules on CentOS/Plesk?
Hi guys,
I'm totally new to this forum. I was told this is the best place to discuss Linux related topics. First of all, excuse me in advance if my questions are basic. I'm definitely not an advanced user. So I also hope I have posted in the right section. "Linux - Newbie" sounds about right to me!
Ok, here goes...
I have rented a VPS here in the UK which runs CentOS (6 I guess) and Plesk Panel. So far so good. I got my head around them a little bit, so I am able to set up subscriptions and, therefore, host the domains I want to point to this one.
The other day I wanted to try out Concrete5 because I was curious to check out some features and when I got to the installer, it complained that three folders were now writable by the server. Now, regardless of knowing Concrete5, I guess this raised an issue which could come up also with other modules, so I thought it would be good to post now, in advance, to understand what the best practice would be.
I uploaded the files via my FTP client (Transmit) and the owner was therefore my FTP user I created for that hosting (let's call it ftp_user). The group was assigned by the server and it was psacln (what kind of group is that anyway??). On my old server (FreeBSD with no panel) the user was always set to my FTP user (as I guess is normal) and the group is www, and the name makes much more sense to me (www, of course!).
So, what I did to solve the issue in this case, was to change the owner of the whole installation of Concrete5 to 'apache'. So the new user:group became apachesacln. All worked fine, BUT of course I was not able to upload files via my FTP client anymore... Surprise surprise! So I had to change the owner of some folders again to upload via Transmit. A messy way to handle it, to say the least.
I imagine there is a simpler way to solve this issue? I mean, what kind of genius came up with this system on these new VPS I have? Most modules will require the web server to be able to write inside some folders, right?? And, on the other hand, most people want to use an FTP client to manage files and folders??
I'm sure there is to play with groups, but I'm too ignorant to guess what to do. Can any expert please tell me what the best way to handle this, and similar future issues, would be?
You just need to thoroughly go through manuals of chmod (stands for change mode, see here), chown (stands for change owner, see here), file permissions, and ownership and group.
If problem isn't solved after this, please share the error message(s), if any.
I have to say that I have not understood it. Perhaps my first post was not very clear?
I know how to change permissions and owners. I just don't know what the best way to set up owner and group is, in order to make the files writable by the web server (as required by the CMS) and be able to handle files with my FTP client. Hope it makes sense?
@svedish:
If you know about permissions and chown, then there should be no issues. And as I already said, once go through owner/group concept, and problem will be solved, I hope!
As far as I am concerned, there should be some user (or admin) who manages web server. So in order to allow that user to read/write on your files, just add write permission on your files for group and add that user to mail group of your files.
when I upload files to the server, by default they belong to the user that has uploaded them, as follows:
files for website 1 belong to user1 (group psacln)
files for website 2 to user2 (group psacln)
files for website 3 to user3 (group psacln)
Some of these files need to be written by the web server (as it happens for most CMS systems). So there needs to be a set up which guarantees the web server to write them on one side and each of the users to manage files via ftp on the other side. On the other server this is solved by the www group, which I believe every hosting user gets added to when I create them, I think...
A simple suggestion - who is gonna modify these files, uploaded by different users, on your webserver? Do you have any web server admin who will modify these file? If yes, then what's username of that webserver admin and what's his main group?
Just change group of all these uploaded file to main group of admin user (let's say, admin account is webadm and his group is webgroup) like this:
Code:
~$ id -a webadm # To check primary group of webadm user, I assume it is webgroup
~$ chgrp webgroup file1 file2 ... # Changing group
~$ chmod g+rwx file1 fil2 .... # Assigning read/write to group members
No, there is no webadmin user. I will be modifying all these websites, but I may give access to designers or developers to these websites at times, so it's good that each website belongs to a different user for FTP purposes.
So, given that I need to have files belonging to different users? I can solve all just with the group, right?
No, there is no webadmin user. I will be modifying all these websites, but I may give access to designers or developers to these websites at times, so it's good that each website belongs to a different user for FTP purposes.
So, given that I need to have files belonging to different users? I can solve all just with the group, right?
Thanks
Yes correct. Just create a group, add all your designers to that group and whenever a new file is uploaded, change it's group to that new group with R/W access to designers.
Sorry, but this means that I would need to *manually* change the group of *each* file that gets uploaded? That would be quite a hassle, don't you think? Shouldn't I work with the group that gets assigned to the files automatically by this VPS and add these users to this psacln group?
Also, what is this psacln group? I had a nice www group on my FreeBSD server and all users I created automatically got added to it! Intsead this new server, when I create a hosting user, doesn't add him / her to this default group? This is just non sense, isn't it? Is it Plesk that does it or CentOS?
Well, in that case, SGID could be helpful, but it has a limitation that any new file created within a directory inherits main group of the directory. But already existing file will still have their old group.
Meanwhile, you need not to run chgrp for every individual file, but invoke it on whole directory, as:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.