Ubuntu Security :: FTP User And Group To Apache?
Jun 13, 2010What would be the effect of setting ProFTPd's user and group to the same user and group that Apache use? Are there any security risks in doing this, or is this safe to do?
View 4 Replies
ADVERTISEMENT
Red Hat / Fedora :: Apache Runs Under User Wwwrun And Group Www By Default
Aug 3, 2010I want to ask a question maybe a stupid one Here what i understand saying linux user : i can create various users for example for me , for my brother and so on to log in to system. But what does it mean that apache runs under user wwwrun and group www by default . What kind of user is that ? It's explicitly not a user kind that one I know about .
View 6 Replies View RelatedUbuntu Security :: Adding User To Admin Group
Jun 15, 2010I'm trying to edit a "xl2tpd.conf" file but it always says I have no write permission tried to add my account to admin group but it says something about not able to lock on password try later.
View 3 Replies View RelatedGeneral :: Way In System To Set User And Group Security
Sep 8, 2010Is there any way in linux that user & group security can be set ?
excluding the owner & group permissions.
Ubuntu Security :: Added User To Www-data Group, But Still Can't Edit Directory With 775?
Jan 4, 2010I'm working in Ubuntu 9.04 Desktop with Apache installed. I have a directory /var/www/test:drwxrwxr-x 5 root www-data 4096 2010-01-04 13:51 test And I've added myself as a member of the group www-data. Problem though is when i go into /var/www/test I still can't do anything, whether it's creating a new file or directory or editing files there. The files within the directory are also 775 and setup under group www-data.
View 2 Replies View RelatedServer :: Apache Authentication: Allow LDAP Group OR User Named Guest But Not All LDAP Users?
May 25, 2011I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
Ubuntu :: Create A User Group That Restricts Internet Privileges To Only Members In The Group
Jul 19, 2011How can I create a user group that restricts Internet privileges to only members in the group, then I will assigns certain applications to join the group for access to the Internet.
For example, I want only group net to have access to the Internet. Group net is then connected to:
Code:
So far, I am using the gnome group policy manager that is standard with ubuntu but Its not working. It is possible that im misdirected and that I should use a firewall instead?
General :: Security Group Can Be A Member Of Another Group?
Aug 22, 2010I need to create a group that has the same permissions as the users group. Can I have the new group be a member of the "users" group to inherit its permissions?
View 4 Replies View RelatedSecurity :: Add A Group Of Users To The Wheel Group?
May 19, 2010I have a number of users, categorised into various groups. I would like one of those groups ("developers") to be in the wheel group as well. I don't want to just copy the people from the developers group into wheel, because then when that group changes I'll have to change it in two places. Is there a way to specify that anyone in developers is in wheel, and have that be dynamic?
View 7 Replies View RelatedUbuntu :: Create A New Administrative User Of Change The Current User's Group
Sep 3, 2010This netbook only has a user with non-administrative privs on it and root user but I do not have root's password.Is there a way that I can create a new administrative user of change the current user's group so that it can do sudo commands or have more privs?
View 1 Replies View RelatedSoftware :: Allow A Group/user To Execute A Command, Where One Of The Parameters Of The Command Is A Group As Well?
May 3, 2010Is it possible to allow a group/user to execute a command, where one of the parameters of the command is a group as well? example that does not work as intended:
Code:
Cmnd_alias SU=/bin/su -l %group1 This example works sortof, it treats the "%group1" literally. I know I can list out the "/bin/su -l <eachuser>", but as you can imagine that is impractical. In this example, I want people in group2(not shown for brevity sake) to be able to su to someone in group1
Ubuntu :: Apache & Group Permissions - 403 Forbidden Error
Nov 12, 2010this costed me a whole day of trying and retrying. I set up a small home server with apache, php, and mysql.
System infos:
Linux 2.6.31-22-generic-pae
Ubuntu 9.10 Karmic Server edition
Apache/2.2.12 (Ubuntu)
Until now, it served happily a couple of sites, with no problems. But now, I wanted to set up my ftp server to point to the same directory as one of the sites, for me to be able to upload and manage files via ftp. As a server I normally use proftpd. With my usual config, proftpd runs with its own user and simulates the user ftpuser:ftpgroup when creating files. So I just changed all the files to be owned by this user and group. Permissions set to 770.
Everything works fine, and I'm able to access the data via ftp. BUT, when I try to browse my site the usual way (i.e. point firefox to its address) a 403 forbidden error is issued. Of course, you will say: you didn't allow access to apache. Well, I remembered that right away, and added the user www-data to the ftpgroup user. Now I espect apache to be able to read and serve the files.
Still same problem. 403. The apache error log is full with "permission denied" errors. After many attempts, I logged in as the user www-data, and tested access to the files. This way I'm able to cd into the directory, and read-write the files with nano. As a test, I tryed the other way around. Setting www-data:www-data as the owner of the files, and adding the ftpuser to the www-data group. This way apache works, but proftpd does not. Most probably it has something to do with a misunderstanding of groups permissions or the way this two deamons access the files.
Ubuntu Servers :: Group Permission On Dir And Files For Apache
Mar 5, 2011Me and 2 others are working on a website (Bob, Mike, and Joe). We made a group called developers and each of us are in the developers group. The Apache server runs as www-data. When we upload files, the file owner is the users name and the group is "developers".
/etc/group has the following
Code:
www-data:x:33:
bob:x:1000:
mike:x:1001:
[Code]....
I have always just set everything to 775 and just called it good. Well I don't want to wake up to a Russian political message plastered all over the site. It's time I do things properly.
Ubuntu :: Get To The User/group Manage Using Alt+f2 In The Desktop?
Jul 5, 2010My user/group manager in the system>administration menu is missing.Is there a command to get to the user/group manage using alt+f2 in the desktop? Or can i download the user/group manager from Ubuntu Software Center? I searched the Software Center and all i could find was the KUser user manager program... can I download it? Will it work with ubuntu 10.04?
View 3 Replies View RelatedUbuntu :: Removed User From Sudo Group
Sep 23, 2010I made a mistake on my friend's Ubuntu system when trying to get hard drive permissions right. I wanted to add a user to a certain group with usermod -G, but without realising I should also use -a, with the result that the user is now not longer in the sudo group. This is the only (regular) user on the system, which means I can not sudo usermod again to get it right. So what to do? The only solution I can think of is using a live disc to restore the group belongings, but I want to know if there's a quicker way. Also, I don't know what more groups the user was in. Is there a history? Or else, what are the default groups?
View 5 Replies View RelatedUbuntu :: User Group Permissions Mess Up
Apr 14, 2011My main account 'dave' runs as admin etc This was the output of 'groups dave': dave adm dialout cdrom plugdev lpadmin sambashare admin I was trying to add dave to the user group 'media-www' and i ran this command: 'usermod -G media-www dave' Then after another 'groups dave':
dave : dave media-www It seems to have removed all the other groups! How do I restore this?
General :: How To Add User In Group?
Mar 17, 2010I have four users in my red hat linux 9. I want that all these four users should add in a group i.e "Marketing". please guide me that using terminal which command may i write so that the users should added in the group.I does't want to use GUI interface to do it.
View 14 Replies View RelatedGeneral :: How To Add User Into Group?
Feb 14, 2011I want to add a user "smith" into marketing group using terminal.Please guide me that how can I do it ?
View 11 Replies View RelatedSecurity :: Allow Only One AD Group To Use SSH
Jan 7, 2010We have a linux(SUSE 10) server that authenticates against AD(Windows 2003). Problem is anyone with an AD account can ssh in to the server. We don't want anyone to be able to login via ssh only the users in one particular group. I have tried editing the sshd_config file and adding the group to AllowGroups but this doesn't work. I have searched google and have not had much luck in finding anything.
View 8 Replies View RelatedGeneral :: Understanding Ubuntu User / Group Permissions
May 20, 2010I'm beginning to deal with more than one user on my system (it's a VPS serving some sites) and I need to make sure I understand how group permissions work. I have an account named "admin" .. it's basically the primary account that is used for serving most of the sites that I control myself. Now, I added a second account named "Ville" as one of my users wants to be able to administer that site. So, I can do this the easy way and just chown their domains folder under the ville user, they have permission to do whatever they need be and so forth. However, let's say I want to also give the admin user access to the files (modifying and all) .. how can I put both users into the same group and give them both permission?
I've tried doing:
sudo usermod -a -G admin ville
To add the ville into the admin group, but ville still cannot edit files by admin. Permissions for the primary directory for the ville user are read/write for both owner and group, and the current group for the files is admin:admin ..
But ville still can't write into the directory. So, what should I be doing here to get this right and secure at the same time?
Ubuntu :: Change Umask On Per User / Group Basis?
Mar 25, 2011I've decided to move this question into a new thread since i haven't received an answer for 3 days. This question was originaly posted here: [URL]... I've already searched in google, however i wasn't able to find an answer that solves my problem... How can i change the umask on a per user basis so that each user can have its own umask to fit his needs? For example: I have four accounts on my system ex.
admin1 : admin,
admin2 : admin,
manager : stuff,
user : user,
-So now I want everything from the admin group to be by default set to 002 (so that every user that is in the admins group can have a full share (-rwx rwx r--) of everything that is created by the admins).
-Then the similar to the above managers shoud have 022 umask.
-And each of the regular users should have 002 or 022 or 077 it is up to the users choice.
I hope that i have provided enough info thorough the example.
Ubuntu :: Make User Able To Access Folder Via Group
Jun 27, 2011Code:
cat /etc/group | grep www-data | grep chad
chad:x:1000:www-data
the user www-data should have read access to my folder but i am still getting a 403 forbidden error i have done this before without issue anyone see what is wrong? i have a folder i use for file transfers over IM it is more reliable than the messengers file transfer abilities
General :: Get All Group List Of Particular User?
Jun 20, 2011How to get all group list of particular user in linux to whom which he is member.
View 3 Replies View RelatedGeneral :: User And Group Ids Scrambled When Using NFS?
Jul 11, 2011I'm using nfs to mount the folder /mirror from a server onto a node.
This works, except on the node the user and group are displayed as "4294967294".
On the server: ls -al ./ displays
-rw-r--r-- 1 cu cu 0 2011-07-11 15:08 test1
-rw-r--r-- 1 cu cu 0 2011-07-11 15:08 test2
whereas on the node
-rw-r--r-- 1 4294967294 4294967294 0 2011-07-11 15:08 test1
-rw-r--r-- 1 4294967294 4294967294 0 2011-07-11 15:08 test2
I have usermod and groupmod the username cu to have the same numbers on the node.
On the server: id displays
uid=1021(cu) gid=1007(cu) groups=1007(cu),109(admin)
on the node
uid=1021(cu) gid=1007(cu) groups=1007(cu)
I'm stumpeed as to what the problem could be.
I should perhaps add that the home directory is /mirror/cu (so that the users share the same account when mounted). Not sure if thats relevent though...
My /etc/exports file (on the server) looks like this
/mirror *(rw,sync)
and I do the mount (on the node) with
sudo mount server:/mirror /mirror
General :: Delete User From Group?
Jan 28, 2010how to delete a user from a group? i am new to this group started linux admin course.
View 4 Replies View RelatedGeneral :: User And Group Permissions
Jul 10, 2010I am doing rhce course but i am very confused to answer these user and group permissions.the questions are like this...the owner of the /data must be user tom.primary group of /data must be the group sysadmins.the members of the group test must be able to write and create files in the /data.the members of the group web have no access to these directory.the user jack not belong to any of these gropus must have to edit files created in /data.the user tim can only list the contents.
the questions are always like these..i am okay with sgid and sticky bit.but i dnt know where to set default acl and other permissions.
General :: Ubuntu - Turn Into Admin Group A Regular User?
Apr 9, 2010i've got a regular user i want to turn into admin group so he can have same privileges as a root. should i just change the GID in /etc/passwd and /etc/group or should i use usermod/groupmod?
View 3 Replies View RelatedUbuntu :: General Disk Quotas Without User / Group Restriction?
Jan 12, 2010is it possible to limit the size of a specific folder independent of user or group? I want to restrict /var/log to a total size of 1GB. I don't think that the common approach to create a 1GB partition is the right way since it is possible that I want increase or decrease the limit in the near future.
View 3 Replies View RelatedUbuntu Servers :: Move A User To Group When He Is Created With Adducer?
Jan 14, 2010When you create an user with adducer (name) an folder is automatically created to that user.
But how can i move a user to a group when he is created with adducer.
Ubuntu :: No Write Permission Even Though User Is Member Of Folder Group?
Oct 29, 2010I'm having an odd problem (although I'm probably missing something obvious to a non-semi-newbie):I have a directory used for samba shares which is owned by user fred, a system user which the windows clients on my network authenticate with to access the shares. I, roger, want to access the directories without having to put my 'sudo boots' on every time, so I made the directory group users and added roger to that group, and changed the file/folder modes from 0755 to 0775.However I still do not have write permissions inside the directory; I still seem to be considered 'other' and hence only have read and execute.
View 6 Replies View Related