Changing Permissions for ALL users in /home/*/public_html/

defaultdave

Member
Nov 19, 2011
5
0
51
cPanel Access Level
Reseller Owner
I need to change the permissions of all files and directories on a Cpanel server.

/home/USER/public_html/ any directory to 750 user:nobody
/home/USER/public_html/ any file to 644 user:user

and all files recursively.

I found this on the forum but I need to be totally sure it is correct first.



cd /home
ls -al|grep root

for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

Then run;
for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html ; done
for i in `ls /var/cpanel/users/`; do chmod 750 /home/$i/public_html ; done

Then run;
/scripts/mailperm
chown root.root /home




So to test this:
I setup a folder in the root called /hometwo/
and a folder called /var/cpanel/userstwo/
and copied some test files into both locations.

But I get an error...

Last login: Tue Apr 23 12:21:25 2013 from xxx.xx.xx.xx
[email protected] [~]# cd /hometwo
[email protected] [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown $i:$i /hometwo/$i ; done
chown: `./:./': invalid user
chown: `../:../': invalid user

[email protected] [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown -R $i:$i /hometwo/$i/* ; done
chown: `./:./': invalid user
chown: `../:../': invalid user

Is this test even feasible?

Will the script work in its normal form?

Really just implementing rather than understanding here.
D
 

arunsv84

Well-Known Member
Oct 20, 2008
373
1
68
127.0.0.1
cPanel Access Level
Root Administrator
Script seems to be fine. Its not necessary to run these scripts for whole server. I would recommend you to play only with the account that's having wrong permissions.

I need to change the permissions of all files and directories on a Cpanel server.
Whats the exact requirement ? Why you wish to change the permissions of all files and directories ?

But I get an error...

Last login: Tue Apr 23 12:21:25 2013 from xxx.xx.xx.xx
[email protected] [~]# cd /hometwo
[email protected] [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown $i:$i /hometwo/$i ; done
chown: `./:./': invalid user
chown: `../:../': invalid user
When an account is created from WHM, the user details are stored in /var/cpanel. If you simply create a directory or user from backend to test the script, it will not work because script is trying to fetch the details from /var/cpanel.

Thanks!
 

defaultdave

Member
Nov 19, 2011
5
0
51
cPanel Access Level
Reseller Owner
OK

when I say: I need to change the permissions of all files and directories on a Cpanel server.
This is inaccurate.

A large amount of user files are like this:
home/ANY_USER/public_html/ (of some 400+ accounts)

/elements/ (root:root 755)
/css/ (user:user 755)
index.htm (user:user 755)
contact.php (user:user 755)
about_us.html (user:user 755)


So, what I want to be sure is going to happen is,

The script will take the username, find the public_html folder and make

all directories (under respective public_html folders) become user:nobody 750

and

all files (under respective public_html folders) become user:user 644

thats the way to go right?


ALSO:
in the test script i did change the file path to
"ls /var/cpanel/userstwo/"
So the copied files in there should do same as the real var/cpanel/user/ ...???
 
Last edited:

defaultdave

Member
Nov 19, 2011
5
0
51
cPanel Access Level
Reseller Owner
SSH all files /home/USER/public_html/

I need to change the permissions of ALL of my (350+) Users files and directories on a Cpanel server.

/home/USER/public_html/ any directory to 750 user:nobody
/home/USER/public_html/ any file to 644 user:user

and all files recursively.

I found this script on the forum but I need to be totally sure it is correct first.



cd /home
ls -al|grep root

for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

Then run;
for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html ; done
for i in `ls /var/cpanel/users/`; do chmod 750 /home/$i/public_html ; done

Then run;
/scripts/mailperm
chown root.root /home



Anyone see anything wrong with this ..?
 

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,578
52
308
cPanel Access Level
Root Administrator
Re: SSH all files /home/USER/public_html/

cd /home
ls -al|grep root

for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done
A word of caution: the above commands will allow a user to gain control of files, and data, you do not intend. For example, given malicious user baddie can do this:

Code:
$ ln /etc/shadow ~/my_configuration.txt
'baddie' now has a file, owned by root, in his home directory. If you then, as root, followup with:
Code:
# for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done
You've now changed the ownership of /home/baddie/my_configuration.txt to baddie:baddie. User 'baddie' now has access to all the password hashes.

At minimum when doing recursive chowns as root, you need to filter out files owned by special users (e.g. root) that reside in regular users directories.
 

defaultdave

Member
Nov 19, 2011
5
0
51
cPanel Access Level
Reseller Owner
Ok well I was hoping to acquire a script that would create a variable,

reading the list of user accounts,

creates a loop as such and appends the user one by one to a path like...



$user = ("/var/cpanel/users/");

/home/$user/public_html/

and then changes all files and folders accordingly.




What do you think. Thanks for getting back to me by the way.