Using custom groups


#1

Having trouble creating custom groups

  1. Created 2 users usera and userb

  2. Created a new group with usera and userb in it: icgrp001

  3. Logged into usera account, and created a folder example.com changed its group to match the new group above

chgrp icgrp001 /home/usera/example.com

this accepts the change which confirms the group is active…

  1. su - to userb

  2. created a symbolic link in this account to the other account
    ln -s /home/usera/example.com /home/userb/example.com

this creates the link as expected

however it refuses to let userb via sFTP, FTP, SSH into the linked dir.

example: cd /home/userb/example.com

just returns permission denied?

I have turned off the enhanced security also


#2

I could never get this to work either. Let me know if you find out how to do it.


#3

Sadly,

this seems to be some big mistry? I have noticed that on some of my users the group to /home/username is adm and on others its the xx000000 default, I know the adm has to do with the Extra Web Security yet I cant set it myself to chgrp adm /home/username I get Operation not permitted.

I did however find that if I set a user (yes I know the security risk) but did it anyhow as a test to chmod 777 /home/usera then had a symlink for userb into usera’s directory via sFTP and ssh I had no problem accessing it sadly I also had no problem accessing any folder in usera’s directory if it was a member of the group or not? but still no access via just ftp?

Still researching test and trying things (if anyone has any good ssh knowledge :slight_smile: always looking for new ideas)


#4

OK well it seems that there is no easy way to do it found this link

which has pretty much everything you need to know to set it up, for what I needed it was less work to setup another domain since it was a seperate domain anyhow and use it :slight_smile: <-- basically I didn’t feel like messing with cronjobs just to make sure it was always updated it can be done also if you dont mind all of your users being able to access your data (or like I said above set up cronjob to constantly moniter and update the group that the folder belongs too and its children.

oh and the biggest trick to making it work is turning of the extra security for the user in the control panel once that is off then the /home/user folder is set to the default pg##### and then any of your users can see the contents of the directory if you wish to block them remove r access via chmod to the directory but this is where you need the cron because even though you remove read access from the root /home/user/ if /home/user/site/test has read access then they can type that into the sftp or ssh and it will show it. :frowning: so if you don’t mind security by obscurity then this will work.

The odd part is that it suggest you create groups but you don’t need them you just need to change permissions in the folder to block group and other read access (since apache doesn’t use it the site is still shows up at least it did for me)