giving 2 diff users access to a folder - bash

I need to give access to 2 users one with read access and other with write access to a particular folder(/folder). Both the users are supposed to be in the same group(sftp)
user with read access: readsftp
user with write access: writesftp
I have done
useradd -G sftp readsftp
useradd -G sftp writesftp
Now the user writesftp should be able to write files to /folder and user readsftp should be able to only read files in the folder /folder
The vipw files read
36 sftp:x:47173:47173::/data:/bin/sh
37 ft:x:1002:1002::/home/ft:/bin/bash
38 readsftp:x:47176:47173::/data:/bin/sh
39 writeuser:x:47177:47173::/data:/bin/sh
Have I changed it rightly?
(Please observe the ID's)
Could you please help me do this by using sticky bit, and umask and chmod? In the /folder folder
I have previously changed files and folder permissions using chmod and I am unable to get through the right understanding on how to do it wrt users.
Thanks in advance.

First, you need to transfer the ownership of the folder (recursively) to writeftp and the group ownership to sftp:
sudo chown -R writeftp:sftp /path/to/folder
Then you enable executable permissions for the group to all folders and full permissions to the owner:
find /path/to/folder -type d -exec chmod 750 {} \;
and set read permissions for all files to the group and read/write permissions for the owner for all files:
find /path/to/folder -type f -exec chmod 640 {} \;
Following the above steps you'll solve your problem, but however, there are better solutions for your problem. You could use ACLs (access control lists) on that file system or use SELinux while the latter is much more complicated to configure and maintain.

Related

How to delete a file on ubuntu with another user?

I'm trying to create a file with a user. The file should be created in a manner that another user can delete it (I would be fine with just any user being able to delete it).
cd /tmp
> test
chmod 666 test
#make file owned by a different user and group
chown tomcat:tomcat test
rm -r test
Result:
rm: cannot remove 'test': Operation not permitted
What am I doing wrong? How do I have to create that file so another user is able to delete it?
The /tmp directory is a "bit" special. It has the permissions 1777 which sets the sticky bit. You'll see that an ls -l / shows tmp with the permissions:
drwxrwxrwt 25 root root 12288 Aug 3 08:20 tmp/
That t means that it prevents anyone except the owner from removing files. You'll need to use a different directory. Additionally, the -r doesn't make sense for a file.

Getting blank page when error in Laravel Valet WSL

I'm getting a blank page when an error occurs while using Valet WSL.
I can read the error on the "title" of the browser tab but it shows no page content.
I'm on Laravel 7 and valet-wsl 1.0.6 and WSL 1.
Check the following
.env file is present in the project root with proper values
Check whether proper permissions are set on files and folders especially bootstrap\cache and storage
Whether the web-server user has the appropriate permissions on bootstrap\cache and storage
To set proper permissions on all files and folders in the project
# replace /var/www/myproject with path to your project on webserver root
find /var/www/myproject -type f -exec chmod 664 {} \;
find /var/www/myproject -type d -exec chmod 755 {} \;
To ensure proper permissions on bootstrap\cache and storage`
# replace <non-root-sudo-user> with your username
setfacl -Rdm u:www-data:rwx,u:<non-root-sudo-user>:rwx storage
setfacl -Rdm u:www-data:rwx,u:<non-root-sudo-user>:rwx bootstrap/cache
setfacl -Rm u:www-data:rwx,u:<non-root-sudo-user>:rwx storage
setfacl -Rm u:www-data:rwx,u:<non-root-sudo-user>:rwx bootstrap/cache
These are the common pitfalls for getting a blank page

Get permission to work with files on my Amazon EC2 Ubuntu server using FTP-WinSCP

I have an Ubuntu server on Amazon, I installed everything for working with it (php, mysql, phpmyadmin, apache..), The problem is that I cant move around or edit files using the FTP.
I get the error message:
Permission denied.
Error code: 3
Error message from server: Permission denied
from my WINSCP.
The only way I can trancefer/edit file is using 'putty' with the sudo/nano command.
I found a lot of information about this on google, but there are no updated soulution I can find. Linux isn't my usual work-space.
How do I get the permissions working for the WINSCP ?
A lot of answers say to change permissions on /var/www/ ... however AWS shortcuts out of the WWW folder and into the /var/app/current/ directory. If all else fails try:
sudo chown -R -v ec2-user /var/app/current/
On Ubuntu image in AWS, default user is ubuntu. Instead of using system folders like /var/... better to use /home/your_folder. Then change the ownership using {chown} command. For eg.
$ sudo chown -R -v ubuntu /home/your_folder/
This will change the ownership of 'your_folder' and contents inside it from 'root' user to 'ubuntu'. Then Winscp should be able to upload/delete/create files using SFTP/FTP etc..
I had the same issues. The solution is: You can solve this by changing WordPress ownership type:
sudo chown -R www-data:ubuntu /var/www/wordpress
Then, Change the right permission for the particular files and directories, type command
sudo find /var/www/wordpress/ -type d -exec chmod 755 {} \;
sudo find /var/www/wordpress/ -type f -exec chmod 644 {} \;
Apart from this, set the following important files to chmod 600 so that only the owner can fully read and write access to these files:
sudo chmod 600 /var/www/wordpress/wp-config.php
sudo chmod 600 /var/www/wordpress/.htaccess
Then everything will work. You will be able to access your wordpress files
for me using free tier from cloud providers will not give you root access, to fix this you have to change folder permission from SSH or try this solution
OS: windows 10 Pro
Open WinSCP instead of SFTP you select SCP go to advance settings click on SCP/Shell and change the shell option to sudo su -
Now you will be able to get permission.
Change file permision by command chmod 777 /var/app/current/ and transfer files to the directory

Showing error "Connection string is empty" in magento

When i am installing an extension in my magento admin,it shows Connection string is empty.
I don't know why this problem occurs. I cleared the cache also then also the problem is same.
If anyone knows how to do this,please help me out.
Thanks!
To solve this problem, follow the steps below (I suppose you are using Ubuntu):
1) sudo chmod -R 777 /var/www/html/magentoInstallationFolder/
2) Install Magento Extension
3) Restore correct permissions for directories and files respectively
sudo find /var/www/html/magentoInstallationFolder/ -type d -exec chmod 775 {} \;
sudo find /var/www/html/magentoInstallationFolder/ -type f -exec chmod 664 {} \;
Read more about why 777 permissions are bad and you need to restore good permission code (775) after you install the extension: https://askubuntu.com/a/30635
Magento tries to put the maintenance flag in the root directory. Here is the code that does it:
<?php
//downloader/Maged/Controller.php::startInstall()
if ($this->_getMaintenanceFlag()) {
...
//downloader/Maged/Controller.php::isWritable()
$this->_writable = is_writable($this->getMageDir() . DIRECTORY_SEPARATOR)
If you can't change magento root directory permissions just uncheck "Put store on the maintenance mode while installing/upgrading/backup creation" flag.
There's a couple of suggestions to change the permissions to this:
sudo chmod 777 -R /var/www/html
Which is a really really bad idea. Have a search for 'Magento permissions' and follow the guide instead. Unless you're seeking to get your site hacked wihin a few minutes.
Have to change right recursively (chown -R) to www-data:www-data on a directory containing magento (example : /var/www/magento)
Sorry for bad engish
chown -R www-data:www-data /var/www/your_magento_folder
That did the tick for me, don't change the owner of the www folder
Type the following command in your terminal.
sudo chmod 777 -R /var/www/html/<magento folder name>. Press Enter.
Then it will ask for password if exists for your username.
Once it is done, login and logout the admin and try to install extension which you want
Edited:
Try this for your files:
sudo chmod 777 -R /var/www/html
and follow the above steps.

Moving Magento from server to SuPHP server

I have a nice Magento server and need to move to other server host
Moving Magento from Php 5.2.17 server to SuPHP server
All my file permissions are bogus on new server and nothing works. What do I need to change, or what is the proper way to move Magento to a SuPHP server (from non SuPHP)
METHOD 1 -> Current process:
Old server
remove session/cache/etc
tar gz all + SQL dump
New server (SuPHP)
untar gz + upload SQL
update SQL server in local.xml
update core_config in database
METHOD 2 -> Idea
Re-install + upload old DB
Copy only certain folders
(but then I dont know how to copy over extenions etc)
What should/can I change to make Magento SUPHP work?
SuPHP file permissions expects directories to be set 755, files to be set to 644 and ownership of the files to be set to the user and group that SuPHP expects.
Usually under SuPHP, the user and group owners have the same name, replace $user with your assigned account name. The following are executed in Magento's root directory.
chown -R $user.$user *
find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
chmod 550 pear
chmod 550 mage #for magento 1.5+
Before doing your tar file and database backup on the old system, do yourself a favor, go into Magento Admin and disable all caching and make sure the compiler is shut off.
This will save you from having certain issues on the new server till you have the baseURL settings changed and file/directory permissions properly set. AFTER you have Magento up and running properly, enable the Magento caching. Make sure everything's running, flush the cache and then (if you were using it before) recompile and only after recompile, then enable the compiler.
To add a log of my experience. Thanks to Fiasco Labs.
Main steps
On old server
Important! Disable cache in admin, remove, clear any cache (also
from extension like zoom, APC)
Follow guidelines as below (create
site backup in tar.gz)
Execute SQL dump via prompt or via directadmin or other
On new server
Place tar in public html and extract (can also be done via directadmin filemgr)
upload SQL
update settings in local.xml
update urls in core_config in database
Set chmod app/etc/local.xml 600 (no write to stop error messages in log)
# GOTO MAGENTO ROOT PUBLIC_HTML
mkdir ../backup
cp -rf * ../backup
cd ../backup
# VERIFY THAT YOU ARE IN DIRECTORY BACKUP
# REMOVE ALL CACHE RELATED FILES IN HET BACKUP FOLDER
rm -rf var/cache/* var/session/* var/zoom/* var/minifycache/* downloader/pearlib/cache/* downloader/pearlib/download/* downloader/pearlib/download/* downloader/pearlib/pear.ini var/cache/* var/backups/* var/report/* var/log/* var/locks/*
# SET FILE RIGHTS CORRECTLY FOR SUPHP
find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
chmod 550 lib/pear
chmod 550 mage
# MAKE DIRS READABLE
chmod -R 777 var media
chmod 777 media var/cache/ var/session/ var/zoom/ var/minifycache/ downloader/pearlib/cache/ downloader/pearlib/download/ downloader/pearlib/download/ downloader/pearlib/ var/cache/ var/backups/ var/report/ var/log/ var/locks/
# TAR AND GZ
tar -czpf backup_mage.tar.gz .

Resources