Viewing the files on my user's accounts


#1

Hello, I have a few users on my account (each with his own sub-domain) and I was wondering if there is a way to see all their files without logging in using their username and password.

I gave a few friends of mine a sub-domain on my domain, and ftp accounts. I gave them the automatically generated password and I didn’t write it for myself. So I’d like to see that they’re not abusing the space I gave them (uploading porn, pirated stuff, etc). How do I do that?


#2

Quick answer: You can’t.

You could create new passwords for them using a password generator and record them this time.

Maximum Cash Discount on any plan with MAXCASH


#3

You’d have to create a “group” for each user. Each group would have two members - that user, and you. Then make their user space Group Readable. More info is in the wiki:
http://wiki.dreamhost.com/Unix_Groups

-Scott


#4

Wouldn’t he require their passwords in order to change the existing grp privs on their folders?

Maximum Cash Discount on any plan with MAXCASH


#5

Yes, or at least ask them to change group ownership and make them group readable.

I’m not sure if his main concern is that he doesn’t have their passwords, or that he doesn’t want to have to log in as them each time.

I’ve just noticed that one option may be to turn off “Enhanced User Security” in Manage Users. With that off, their home directory reverts back to group ownership where directories are group readable. I’ve tried changing one of mine to test this, but the request hasn’t been processed yet.

-Scott


#6

Yeah … IIRC from my prior dorking around, that might help him out! :wink:

–rlparker


#7

That’s odd, in my case every user account I’ve set to Enhanced has retained the adm status on their directory even after removing the check from the Panel :s

I just setup a user with an automated password and received the normal advice email in my main account’s mail which includes the username along with the auto-generated password. Considering that those infomails are also sent to your Support History (which is archived) then browsing through that should devulge all user accounts, along with their corresponding passwords, whether you’ve used the automated password procedure or not.

Maximum Cash Discount on any plan with MAXCASH


#8

Same here. My attempt above never did get processed. I’m going to submit a Support ticket.

That is disconcerting that all those passwords are in your Support History. After all that effort to not show passwords in the panel, they’re still easily accessible.

-Scott


#9

Ya know I’m seeing the same thing … but I could have sworn I had changed one of them before and the change “took”. WTF?

and yeah … the passwords n the support history does seem like it defeats thw whole purpose of removing convenient access to them from the panel.

–rlparker


#10

I got a response to my ticket. I get the feeling that reverting isn’t automated, or even functional. They manually changed it back, which consists of two commands (now that I know):

chgrp pgXXXXXX . (this changes it back to your default group, or whichever one you want)
chmod o+X (not necessary, but that’s how it looked)

You can’t change the group to “adm,” to regain Enhanced Security, but at least you can do that via the panel.

-Scott


#11

Ah! That makes sense (well, maybe except for the fact that the panel hasn’t automated it :wink:

–rlparker