Adding users to groups

Kim Walker

New member
Joined
May 3, 2012
Messages
6
I have created an intricate tree of directories and folders using php which are owned by apache. I cannot modify these folders using my FTP login created in DirectAdmin. If I create a file or folder using that FTP login, they are owned by admin. I believe that adding admin to the apache group would give both users access to these files. Am I correct?

I have attempted to add admin to the apache group using usermod in SSH but get the error "bash: usermod: command not found".

How can I add admin to the apache group?
 
You'd better use either mod_suphp or mod_ruid2 to make PHP scripts running from a username different from apache. Search the forums in order to get details on them.
 
Search for mod_suphp yields 97 hits. None of the first 10 or so have anything to do with changing groups or usernames. Can you be more specific?
 
In order to resolve an issue with permissions, in order to make PHP scripts to run from the same user with a name of which you login via FTP you'd better use either suPHP or mod_ruid (note these two have nothing to do with switching groups, as with them you don't need to play with groups). mod_suphp (suPHP) is available in custombuild script as PHP-CGI. mod_ruid2 needs more manual deeds in order to get it working, but there are guides and ready How-Tos on these forums, so I don't understand what is not clear.
 
Forgive me for being dense, but when I search for "how to use suphp," I get a lot of posts involving the problems people have had with it. Apparently this is not just something you "use," it's something you install. Am I correct? The one installation guide I have found involves editing config files and rebuilding and will take quite some time and more expertise than I have to execute.

Most of the posts I've found are how to fix other things after installing suphp or how to uninstall suphp.

All I want to do is add a user to a group. Why is useradd an unknown command?
 
I don't know why useradd is missing... by the way you did not specify your OS name... so you might either using wrong command, or you should install it.

Regarding PHP as CGI, here is it http://help.directadmin.com/item.php?id=197 or even this one http://directadmin.com/forum/showthread.php?t=29387 (found with Google within a minute or so).

Playing with groups might help you, but it isn't that secured as PHP-CGI or mod_ruid2. So you'd better stick to suPHP or mod_ruid2.
 
Thanks. The second link you included was the one I found. It's very intimidating. The instructions at first link are not so intimidating but assumes the person using those instructions knows more than I do. Apparently you must install a custombuild script first? The instructions for the custombuild script say "Follow the instructions when you type './build'" but don't say what instructions. There are some other instructions following that one. I'm wondering if they meant to say "Follow THESE instructions when you type './build'." But then it sounds as if I'm supposed to follow these instructions when I get to the "./build" line in some other string of commands. I'm not sure why these instructions can't be specific.

My OS is CentOS 5.6. I wonder why the myriad of pages I found that say to use usermod don't mention the possibility that another version of Linux might use a different command?

If I install suphp, will phpmyadmin, apc, and imagemagick stop working as in several posts on this forum? Will I then have to change the owner for all my files and folders?
 
custombuild is that which comes by default with directadmin now (if to compare with customapache). So you probably do not need to install it. Just

Code:
cd /usr/local/directadmin/custombuild
./build

with that you'll see how it can be used. For more information you should read this http://www.directadmin.com/forum/showthread.php?t=29824&page=1 and probably some more threads and help pages of directadmin.com

When switching to suPHP, you'll probably need to rebuild magickwand and/or imagick (I presume you use one or both of them), and you'll have to say goodbye to APC, as none PHP opcode optimizer can be used with suPHP. PHP scripts such as phpMyAdmin and other should work OK, the issue with permissions is the only which comes to my mind, can be easily resolved with chown/chmod. Yes, you 'll need to reset owners from apache.
 
I've just spent most of a month trying to get Imagick to work again after trying to upgrade ImageMagick and APC is indispensible for tracking the status of file uploads. suPHP is not looking very attractive.

According to CentOS documentation, usermod is the correct command. I've sent a request to tech support to try to find out why it isn't working.
 
If you login via SSH as an unprivileged user, and then run

Code:
su

to root, you should run

Code:
su -

And you'll be able to use usermod as

Code:
usermod

otherwise you should use

Code:
/usr/sbin/usermod

If suPHP does not suit you, try mod_ruid2, with switching to it you won't need to re-built PHP extensions.
 
Thanks again. That worked for using the usermod command, however, adding admin to the apache group did not solve my problem.

The user account I use for FTP access was created in DirectAdmin and doesn't show up in the users list in SSH. How would I add that specific user to the apache group.

I've also tried to chmod the group permissions to all these files to rwx. I still can't manipulate them through FTP.

I will investigate mod_ruid2 when I have more time.
 
Sorry, but I won't help you with groups, as I quited playing with it since I've started to use mod_ruid2 and mod_suphp. Probably somebody else will help you to do a trick with them.
 
As zEitEr has (politely) pointed out, changing groups and users is less secure, and it doesn't really stop there; because of tight DirectAdmin configurations you might need to change lots of file permissions and rights as well. I strongly suggest mod_ruid2, because PHP as CGI is very resource inefficient. If your requirements are such that general shared-hosting settings in use by hundreds of thousands of websites on tens of thousands of webservers worldwide won't work for you, then you may be looking in the wrong place, though some of us may be able to help you get exactly what you want and need, as a commercial service.

Jeff
 
Back
Top