Hello,
We own a CentOS Server which hosts a few domains using Cpanel, however each host or domain has its own user and its own folder under /home, we want a separate user(newuser1) to have read and write privileges in all home's subdirectories so we can do some tasks remotely using WinSCP, that user is already in the sudoers group and the root login is disabled in SSH for security, but I haven't been able to assign the correct privileges and rights to newuser1 using chmod -R owneruser:newuser1 /home/owneruserdir, everytime we login with newuser1 using WinSCP to /home and try to change directory to /home/owneruserdir we receive a permission denied message, so I don't know where else to look.
Any pointers will be apreciated.
Thanks.
Victor Padro wrote:
Hello,
We own a CentOS Server which hosts a few domains using Cpanel, however each host or domain has its own user and its own folder under /home, we want a separate user(newuser1) to have read and write privileges in all home's subdirectories so we can do some tasks remotely using WinSCP, that user is already in the sudoers group and the root login is disabled in SSH for security, but I haven't been able to assign the correct privileges and rights to newuser1 using chmod -R owneruser:newuser1 /home/owneruserdir, everytime we login with newuser1 using WinSCP to /home and try to change directory to /home/owneruserdir we receive a permission denied message, so I don't know where else to look.
you did give execute permissions to the group members on the dirs? if unsure show us ls -l /home | grep owneruserdir
On Wed, Oct 5, 2011 at 3:20 PM, Nicolas Thierry-Mieg Nicolas.Thierry-Mieg@imag.fr wrote:
Victor Padro wrote:
Hello,
We own a CentOS Server which hosts a few domains using Cpanel, however each host or domain has its own user and its own folder under /home, we want a separate user(newuser1) to have read and write privileges in all home's subdirectories so we can do some tasks remotely using WinSCP, that user is already in the sudoers group and the root login is disabled in SSH for security, but I haven't been able to assign the correct privileges and rights to newuser1 using chmod -R owneruser:newuser1 /home/owneruserdir, everytime we login with newuser1 using WinSCP to /home and try to change directory to /home/owneruserdir we receive a permission denied message, so I don't know where else to look.
you did give execute permissions to the group members on the dirs? if unsure show us ls -l /home | grep owneruserdir _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
This is the output:
drwx--x--x 29 owneruser1 owneruser1 4096 Oct 5 07:15 owneruserdir1/ drwx--x--x 13 owneruser2 owneruser2 4096 Oct 1 02:18 owneruserdir2/
Thanks!
On 10/05/11 1:01 PM, Victor Padro wrote:
chmod -R owneruser:newuser1 /home/owneruserdir
chMOD changes the access modes, not the owner:group. rather, you likely should have done...
chgrp -R newuser1 /home/owneruserdir chmod -R g+rwx /home/owneruserdir
AND you likely want to set the group sticky bit so new files inherit the group
find /home/owneruserdir -type d | xargs chmod g+s
also, you'll want to globally set
umask 0002
so files get created group write by default.
On Wed, Oct 5, 2011 at 5:29 PM, John R Pierce pierce@hogranch.com wrote:
On 10/05/11 1:01 PM, Victor Padro wrote:
chmod -R owneruser:newuser1 /home/owneruserdir
chMOD changes the access modes, not the owner:group. rather, you likely should have done...
chgrp -R newuser1 /home/owneruserdir chmod -R g+rwx /home/owneruserdir
AND you likely want to set the group sticky bit so new files inherit the group
find /home/owneruserdir -type d | xargs chmod g+s
also, you'll want to globally set
umask 0002
so files get created group write by default.
-- john r pierce N 37, W 122 santa cruz ca mid-left coast
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I did what you just suggest and now I can't see the contents of /home, seems like I'm jailed on my own home directory, is there a way to know if I'm jailed and a way to be unjailed if that's the case?
Thank you.
On 10/05/11 5:01 PM, Victor Padro wrote:
I did what you just suggest and now I can't see the contents of /home, seems like I'm jailed on my own home directory, is there a way to know if I'm jailed and a way to be unjailed if that's the case?
I have no idea what you're talking about. "Jail" is a chroot environment, you would see your chroot directory as / ...
Everything I described previously is all very standard POSIX Unix permissions stuff.
CPanel does all sorts things behind the OS's back, so you maybe should be talking to the CPanel people
On Wed, Oct 5, 2011 at 7:38 PM, John R Pierce pierce@hogranch.com wrote:
On 10/05/11 5:01 PM, Victor Padro wrote:
I did what you just suggest and now I can't see the contents of /home, seems like I'm jailed on my own home directory, is there a way to know if I'm jailed and a way to be unjailed if that's the case?
I have no idea what you're talking about. "Jail" is a chroot environment, you would see your chroot directory as / ...
Everything I described previously is all very standard POSIX Unix permissions stuff.
CPanel does all sorts things behind the OS's back, so you maybe should be talking to the CPanel people
-- john r pierce N 37, W 122 santa cruz ca mid-left coast
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I just had a typo, fixed the glitch and everything is working ok, thanks a lot for your help Nicolas & John.
-
John R Pierce -
Nicolas Thierry-Mieg -
Victor Padro