The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

can I modify shell access for users

Discussion in 'General Discussion' started by ns1, Dec 1, 2008.

  1. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    I would like to give to my users SSH access only to their accounts. As I understand that can be done with SSH Keys.
    however, once they are in, I want them to be able to CHOWN files, so that I don't have to do it for them, and I don't want them to have access to other parts of my server.

    can it be done and how?

    I have WHM 11.23.2 cPanel 11.23.6-S27698
    CENTOS Enterprise 4.7 i686 on standard - WHM X v3.1.0

    thank you for help...
     
  2. apscinsspl

    apscinsspl Well-Known Member

    Joined:
    Mar 15, 2008
    Messages:
    112
    Likes Received:
    0
    Trophy Points:
    16
    Give them jail shell access so that they can make changes to their accounts without affecting the rest.

    You can do this from WHM-- manage shell access.
     
  3. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    hmm

    jailshell access gives them more power, but still they cannot user CHOWN command. That is one command that I want them to use. only that...
     
  4. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Any particular reason you want them to use chown?

    Have you considered using SuExec and SuPHP so that files created by scripts aren't created with user nobody as its owner?
     
  5. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Because when they install something (like components for joomla) then they change ownership.
    I have activated SuExec but it doesn't seem to do anything... should I activate it somewhere else, or configure it somehow?

    hmm, I just noticed that this is not what you said... I'll try to install suPHP tonight and if all works fine I'll let you know. If it doesn't I'll still let you know :):)
     
    #5 ns1, Dec 3, 2008
    Last edited: Dec 3, 2008
  6. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Well, I turned on suPHP for PHP5 and half of the sites didn't work. First I got 500 internal server error, then i thought it might be with .htaccess so I renamed it, and then I got 400 error.

    I switched back to working configuration.

    So I am back at the beginning. I need a way for my users to CHOWN files and directories without having access to entire server. Ideas?
     
  7. Voltar

    Voltar Well-Known Member

    Joined:
    Apr 30, 2007
    Messages:
    269
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Bakersfield, California
    If you were using the Apache module beforehand and switched to suPHP, you might need to tighten the permissions on the scripts.

    Check your error logs for hints and take a look at this:
    http://www.cpanel.net/support/docs/ea/ea3/ea3php_php_requests.html
     
  8. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    thanx for the link, however I am using stable tree, and not apache 3.

    as for tightening the permissions on the scripts I'm afraid that would require me to force half of my clients to make necessary changes in their scripts, which might lead to losing them...

    ssh and chown seem as the easier and fastest way of doing what I need.
     
  9. Voltar

    Voltar Well-Known Member

    Joined:
    Apr 30, 2007
    Messages:
    269
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Bakersfield, California
    EasyApache 3 is cPanel/WHM's interface to compiling Apache/PHP. You still get to choose which version of Apache (1.3,2.0,2.2) and PHP (4.x,5.x) that you want to run, fwiw.
     
  10. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Also, the capabilities of EasyApache 3 are independent of which build of cPanel/WHM you are using.

    If you are using SuPHP, remember that scripts with (or calling scripts with) global write permissions (not required in a SuPHP environment) will generate an Internal Server 500 error.
     
  11. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Right, sorry, just read Apache 3, have not seen "easy" :)

    So, I'll modify my question:
    If I cannot use suPHP what are my other options regarding changing ownership of files for my users?

    can I somehow give them permission to use chown command?
     
  12. Voltar

    Voltar Well-Known Member

    Joined:
    Apr 30, 2007
    Messages:
    269
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Bakersfield, California
    Maybe run /scripts/chownpublichtmls as a cron?
     
Loading...

Share This Page