Problems when creating new system user

[npx]

I think DA has locked down my server, which i suppose is a good thing. But when I ssh into the server and create a new user. I can't log in with the new user (i.e I can only log in using root), the only way round this was to create another user in DA.
Then when i remove the user, the directory stays and says I have insufficient permissions to delete the directory/folder.

Could someone please enlighten me, thanks.

 

[nobaloney]

I think DA has locked down my server, which i suppose is a good thing. But when I ssh into the server and create a new user. I can't log in with the new user (i.e I can only log in using root), the only way round this was to create another user in DA.

It appears you don't know much about maintaining the sshd daemon, so in your case, yes, letting DirectAdmin lock down your server may be a good thing.

It's never a good idea to allow root logins; read up about sshd, and then change your sshd config file so it won't allow it.

To do that, find the line with PermitRootLogin in your sshd_config file. Uncomment it if it's commented out, and chnage the yes to no.

Always log in as a user, and then su (or sudo) to root.

But before you can do that you'll need to tell sshd that it's okay for that user to log in.

To do that you simply add an AllowUsers line to the bottom of the sshd_config file and restart the daemon.

Then when i remove the user, the directory stays and says I have insufficient permissions to delete the directory/folder.

How are you removing the user? Through DirectAdmin, or through the shell?

To find out how to remove the directory through the shell, read man userdel.

Jeff

 

[npx]

I've used userdel -r user to remove the user.

I've followed up on your suggestion and I can now log on, thanks.

But when I log in it now gives me this error:

Could not chdir to home directory /home/npx: Permission denied
-bash: /home/npx/.bash_profile: Permission denied

Do I need to manually set the directory permissions aswell?

 

[npx]

I've managed to fix it by chmod 755 to the users directory. Is this safe?

Also, when logged in as the user I cannot create any directories or files in the home directory. My aim is to get vnc-server up and running but It won't allow me to create a folder for vnc to get it up and running.

 

[nobaloney]

I've managed to fix it by chmod 755 to the users directory. Is this safe?

Not without trusted users; it allows any user to create or delete any file in any other user's home directory. Depending on the rights of the files in those directories it can allow reading and writing.

Also, when logged in as the user I cannot create any directories or files in the home directory.

I don't have any idea why that shouldn't be the case. If you're logged in as a user and the user's directory is owned by the user, and the rights are 777 the user should certainly have full rights in his/her home directory.

My aim is to get vnc-server up and running but It won't allow me to create a folder for vnc to get it up and running.

Did you delete the user AND the user directory before you recreated the user? If not, then delete the user, make sure the user's home directory is completely removed from the server; not just the contents, and start over.

Either way, when logged in as root, what is the output of each of these commands?

# ls -ald /home/*

# ls -ald /home/npx

Note that you do NOT type the # sign; it's there to show you that the following command is executed as root.
Perhaps VNC isn't compatible with a hosting server's security model.

I'm not even sure what you mean by VNC. Is this what you're asking about? If so, does the contents of this page help?

Jeff

 

[npx]

I don't have any idea why that shouldn't be the case. If you're logged in as a user and the user's directory is owned by the user, and the rights are 777 the user should certainly have full rights in his/her home directory.

When I try to make a directory for the xstartup file I get this:

[npx@server ~]$ mkdir .vnc
mkdir: cannot create directory `.vnc': Permission denied

So I create the folder manually and this is the error I get when I try to start vncserver on port 1.

[npx@server ~]$ vncserver :1
vncserver: Could not create /home/npx/.vnc.

Did you delete the user AND the user directory before you recreated the user? If not, then delete the user, make sure the user's home directory is completely removed from the server; not just the contents, and start over.

Yes I have deleted the user and directory. Double checked with "getent passwd" and "/etc/passwd".

Either way, when logged in as root, what is the output of each of these commands?

# ls -ald /home/*

drwx--x--x 8 admin   admin   4096 May 11 06:02 /home/admin
drwxr-xr-x 2 root    root    4096 Dec  3  2007 /home/ftp
drwxr-xr-x 3 npx    npx    4096 May 15 01:04 /home/npx
drwxrwxrwt 2 root    root    4096 May 20 00:10 /home/tmp

ls -ald /home/npx

[root@server npx]# ls -ald /home/npx
drwxr-xr-x 3 npx npx 4096 May 15 01:04 /home/npx

 

[nobaloney]

I'm at a loss. Perhaps someone else with specific experience with your vnc will help.

Jeff

 

[npx]

Your assistance is much appreciated I'm going to try a few other methods before I reinstall and create the users before installing directadmin.

Thanks

 

[nobaloney]

You shouldn't have to create the users before installing DirectAdmin. We add users through the shell (users which we know will NOT be managed by DirectAdmin) on servers running DirectAdmin without problem.

Jeff