Results 1 to 4 of 4
  1. #1
    Join Date
    May 2003
    Location
    Bloomington, IN
    Posts
    2

    Question Howto Best Manage permissions on hosted accounts

    Seeking some advice here.

    I am currently hosting a resller's account at http://www.unitedhosting.co.uk/

    They are using Ensim Webppliance.

    Here's my problem: For a given client site, I need to allow the user's I am creating to manage files via ftp/ssh outside of their own /home/user directory. For example ... the main html directory of the domain URL: "/var/www/html". Since that is where the main website is. I am reselling hosting after all, which means people want to have access to the server space they are paying for. Limiting them to just a /home/user subdiretory in that space seems unprofessional.

    Solution so far: Since I am not root, I cannot create groups on my virtual servers. So, I am making my files world writable so that my users can edit and upload to /var/www/html. This isn't good from a security standpoint.

    I wish I could create and manage groups, so that I could just make the /var/www/html directory owned by me, the admin, but also writable by the groups that would include my selected users. I may have many users, many groups, and many different levels of access specs.

    So far http://www.unitedhosting.co.uk/ has not been able to provide a supported way to create group level access to directories other then the /home/user directories.

    I'm finding this really limiting becuase within a particular client's hosted environment I want them to be able to access the primary site directories for managing their own content, as well as I need the ability to create new directories and control access/permissions levels.

    Questions:

    1) Have you other resellers dealt with this under Ensim Webppliance? How do you handle it?

    2) Is this just a limitation of Ensim Webppliance, what about other systems?

    3) How do resellers typically manage user level access to in the hosted environment?

    Thanks for any advice, I need it!!
    Marc

  2. #2
    Join Date
    Apr 2002
    Location
    Southampton, UK
    Posts
    1,025

    Re: Howto Best Manage permissions on hosted accounts

    Originally posted by mgrubb
    so that I could just make the /var/www/html directory owned by me, the admin, but also writable by the groups that would include my selected users. I may have many users, many groups, and many different levels of access specs.
    I'm not sure what you're trying to do?

    Since apache uses virtualhosts, you, nor your clients need access to /var/www/html because all their HTML files are stored under /home/user.

    If that isn't what you meant, please explain
    Regards,
    Stephen Marsh

    UrbanServers.com - Premium UK SSD Virtual Servers

  3. #3
    Join Date
    May 2003
    Location
    Bloomington, IN
    Posts
    2

    *

    The websites files are being stored in /var/www/html. When my user's type in the domain name ... www.theirhosteddomain.com the files are serverd from /var/www/html.

    I don't understand apache virtual hosts very well yet. Maybe that's my problem.

    What I don't want is my user's accessing their websites at:

    www.theirhosteddomain.com/user/fred

    Are you telling me that I can just redirect the the primary domain to the /user/fred directory with an apache configuraiton?

    -----

    The above is my immediate concern. In general however it seems of great advantage to be able to create new directories anywhere within the hosted space and specifiy which users should and should not have access to these files.

    Otherwise how would I create a shared space? Say I have a single client with 3 website contributors ... I create three user's each with their own email and such, hence each with their own /home/user directories. Then however I want to have a directory called Common with some web pages/scripts that they all work on. I would want to create a common directory they all had write access too and would accomplish that by adding them to a group that was applied to that directory. I can't create groups however with the way Ensim is working.

    So, I'm frustrated right now

    Sorry if I am being confusing, but this 1 user per 1 /home/username directory setup seems really limited in terms of secure file management.

    ---------

    Are you just expected to share login information?

    Thanks,
    Marc

  4. #4
    Join Date
    May 2003
    Location
    Ireland
    Posts
    252
    It can be done by root any enough, its mainly requested by clients to run geeklog to be honest. UH-Matt is the man to ask his support is A1 to be honest

    if you had root which you dont you could

    ls -lah

    would check the permission of the actual folders and who owns it


    chown -R admin109:admin109 /home/virtual/domain.com/var/www/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •