DirectAdmin Master FTP Account?
- Thread starter Mindlash
- Start date
Yes, I figured that...
Though after I posed i made a few uploads as root (ssh) to see how the HTML side of things would work....
So far so good, so unless anyone knows of a way to make a traditional FTP 'master' account, we'll probably go with root sftp for this.
Thanks!
Though after I posed i made a few uploads as root (ssh) to see how the HTML side of things would work....
So far so good, so unless anyone knows of a way to make a traditional FTP 'master' account, we'll probably go with root sftp for this.
Thanks!
jasonyates
Verified User
- Joined
- Sep 24, 2003
- Messages
- 79
to create a root account in ftp, you would have to add it manually to the ProFTPD config. I attempted it, but the uploads did not work successfuly.
yeah, it's weird.. i've done the following to no avail:
added new user 'sysadmin'
edited /etc/passwd/ to give home directory of /home
edited /etc/group
added use sysadmin manually to all the account, including ftp (and root even though that wont accept it)...
a 'groups sysadmin' displays all the accounts
via FTP i can see the home directories of all the users, and can access them, but a ls is denied
changed a user's home to 751 allows me to then see the insides, and to access public_html , but from that point creation and deletion is denied. I don't want to change too much around for fear of messing up permissions and/or making it unsecured.
Though I don't see why if I've added that user to a group, they're not allowed to enter/view/edit/delete files.
I've reset proftpd many times during this to no avail.
... anyone else?
added new user 'sysadmin'
edited /etc/passwd/ to give home directory of /home
edited /etc/group
added use sysadmin manually to all the account, including ftp (and root even though that wont accept it)...
a 'groups sysadmin' displays all the accounts
via FTP i can see the home directories of all the users, and can access them, but a ls is denied
changed a user's home to 751 allows me to then see the insides, and to access public_html , but from that point creation and deletion is denied. I don't want to change too much around for fear of messing up permissions and/or making it unsecured.
Though I don't see why if I've added that user to a group, they're not allowed to enter/view/edit/delete files.
I've reset proftpd many times during this to no avail.
... anyone else?
jasonyates
Verified User
- Joined
- Sep 24, 2003
- Messages
- 79
i dont think i even got that far, it wouldnt let me into any account folders.
I think DA should come with a master FTP account that can be disabled/enabled as required.
I think DA should come with a master FTP account that can be disabled/enabled as required.
I can appreciated your reccomendation, and normaly this would not be an issue for me.
This client owns the box, owns all the sites hosted there, isn't running a hosting service, just wants to access his sites from one login.. :-/
I'm not asking for belly dancers
just a ftpmaster account
.:. Mindlash
This client owns the box, owns all the sites hosted there, isn't running a hosting service, just wants to access his sites from one login.. :-/
I'm not asking for belly dancers
just a ftpmaster account .:. Mindlash
jasonyates
Verified User
- Joined
- Sep 24, 2003
- Messages
- 79
I agree, but like i said. U enable it when u need it and disable it when u dont. DA could even run a cron job to disable the account every 15mins for all those fools who leave it open.
In relation to what was just posted, it honestly does not matter if its a host or not we are talking about. It makes all sites vulnerable through 1 simple account.
To do it, as jason mentioned you would need to make configs for ProFTPd yourself, although you *will* have problems with permissions, as soon as you get past the <username> directory for each site you would need to have permissions set to that specific user, else the ftp account for that site only (a normal ftp account) would not have permissions to modify / overwrite / delete the file used by the 'root' account. I'm sure this would cause many problems, and it would more than likely be easier to just go in as the individual user.
If you are serious about getting this done, i suggest you contact someone like gpan at cheetaweb or someone who is expereicned with modifiying software to the extent you wish, having never done this before i believe it could be your best option.
http://www.cheetaweb.com/consulting.php
Im sure if anyone can do it, they can.
Chris
To do it, as jason mentioned you would need to make configs for ProFTPd yourself, although you *will* have problems with permissions, as soon as you get past the <username> directory for each site you would need to have permissions set to that specific user, else the ftp account for that site only (a normal ftp account) would not have permissions to modify / overwrite / delete the file used by the 'root' account. I'm sure this would cause many problems, and it would more than likely be easier to just go in as the individual user.
If you are serious about getting this done, i suggest you contact someone like gpan at cheetaweb or someone who is expereicned with modifiying software to the extent you wish, having never done this before i believe it could be your best option.
http://www.cheetaweb.com/consulting.php
Im sure if anyone can do it, they can.
Chris
Don't get me wrong your points are 100% valid. I have just come accustomed to the ease of FTP account management with the 'c-word' panel....
Yes, I've consulted with gpan in the past. very nice and honest individual.
I'll see what we can do, as this is mainly a shoot-off of another problem the server is having, which includes freezing up for a user during a directory listing, essentially disconnecting him immediatly upon going into 'that' directory.
Very odd (just for reference, the thread is: http://www.directadmin.com/forum/showthread.php?threadid=1165)
Thanks for your words ProWebUK
.:. Mindlash
Yes, I've consulted with gpan in the past. very nice and honest individual.
I'll see what we can do, as this is mainly a shoot-off of another problem the server is having, which includes freezing up for a user during a directory listing, essentially disconnecting him immediatly upon going into 'that' directory.
Very odd (just for reference, the thread is: http://www.directadmin.com/forum/showthread.php?threadid=1165)
Thanks for your words ProWebUK
.:. Mindlash
- Joined
- Feb 27, 2003
- Messages
- 9,158
Hello,
1) I'm pretty sure proftpd is compiled to not allow root logins even if you set it up though the configs.
2) The only user that can edit/upload to anyone else's directory would be root, so it would either be root, or no one at all.
3) you do have acccess, although not through ftp, to all accounts if you are the admin using the "log in as user" feature and the FileManager through DA.
4) the best way to make backups of everything (if thats what you are doing) is to use a cron, to make a backup file and save it in a location that a non-root user can go and get. That will prevent opening up your server to root access, but still give you root control for backing up files over multiple accounts.
John
1) I'm pretty sure proftpd is compiled to not allow root logins even if you set it up though the configs.
2) The only user that can edit/upload to anyone else's directory would be root, so it would either be root, or no one at all.
3) you do have acccess, although not through ftp, to all accounts if you are the admin using the "log in as user" feature and the FileManager through DA.
4) the best way to make backups of everything (if thats what you are doing) is to use a cron, to make a backup file and save it in a location that a non-root user can go and get. That will prevent opening up your server to root access, but still give you root control for backing up files over multiple accounts.
John
Hello John,
1) No, sorry for the confusion, I was speaking of direct logon via SSH for root (not FTP).
2) Can a user properly be added to the 'root' group to obtain these privilages?
3) File manager's not an option, just by the shear complexity of file manipulation.
4) No, not backups, just general site(s) maintenance.
Thanks for the reply though.
.:. Mindlash
1) No, sorry for the confusion, I was speaking of direct logon via SSH for root (not FTP).
2) Can a user properly be added to the 'root' group to obtain these privilages?
3) File manager's not an option, just by the shear complexity of file manipulation.
4) No, not backups, just general site(s) maintenance.
Thanks for the reply though.
.:. Mindlash