The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Changing Permissions for ALL users in /home/*/public_html/

Discussion in 'General Discussion' started by defaultdave, Apr 23, 2013.

  1. defaultdave

    defaultdave Member

    Joined:
    Nov 19, 2011
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    I need to change the permissions of all files and directories on a Cpanel server.

    /home/USER/public_html/ any directory to 750 user:nobody
    /home/USER/public_html/ any file to 644 user:user

    and all files recursively.

    I found this on the forum but I need to be totally sure it is correct first.



    cd /home
    ls -al|grep root

    for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
    for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

    Then run;
    for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html ; done
    for i in `ls /var/cpanel/users/`; do chmod 750 /home/$i/public_html ; done

    Then run;
    /scripts/mailperm
    chown root.root /home




    So to test this:
    I setup a folder in the root called /hometwo/
    and a folder called /var/cpanel/userstwo/
    and copied some test files into both locations.

    But I get an error...

    Last login: Tue Apr 23 12:21:25 2013 from xxx.xx.xx.xx
    root@server [~]# cd /hometwo
    root@server [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown $i:$i /hometwo/$i ; done
    chown: `./:./': invalid user
    chown: `../:../': invalid user

    root@server [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown -R $i:$i /hometwo/$i/* ; done
    chown: `./:./': invalid user
    chown: `../:../': invalid user

    Is this test even feasible?

    Will the script work in its normal form?

    Really just implementing rather than understanding here.
    D
     
  2. arunsv84

    arunsv84 Well-Known Member

    Joined:
    Oct 20, 2008
    Messages:
    373
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    Script seems to be fine. Its not necessary to run these scripts for whole server. I would recommend you to play only with the account that's having wrong permissions.

    Whats the exact requirement ? Why you wish to change the permissions of all files and directories ?

    When an account is created from WHM, the user details are stored in /var/cpanel. If you simply create a directory or user from backend to test the script, it will not work because script is trying to fetch the details from /var/cpanel.

    Thanks!
     
  3. defaultdave

    defaultdave Member

    Joined:
    Nov 19, 2011
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    OK

    when I say: I need to change the permissions of all files and directories on a Cpanel server.
    This is inaccurate.

    A large amount of user files are like this:
    home/ANY_USER/public_html/ (of some 400+ accounts)

    /elements/ (root:root 755)
    /css/ (user:user 755)
    index.htm (user:user 755)
    contact.php (user:user 755)
    about_us.html (user:user 755)


    So, what I want to be sure is going to happen is,

    The script will take the username, find the public_html folder and make

    all directories (under respective public_html folders) become user:nobody 750

    and

    all files (under respective public_html folders) become user:user 644

    thats the way to go right?


    ALSO:
    in the test script i did change the file path to
    "ls /var/cpanel/userstwo/"
    So the copied files in there should do same as the real var/cpanel/user/ ...???
     
    #3 defaultdave, Apr 23, 2013
    Last edited: Apr 23, 2013
  4. defaultdave

    defaultdave Member

    Joined:
    Nov 19, 2011
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    SSH all files /home/USER/public_html/

    I need to change the permissions of ALL of my (350+) Users files and directories on a Cpanel server.

    /home/USER/public_html/ any directory to 750 user:nobody
    /home/USER/public_html/ any file to 644 user:user

    and all files recursively.

    I found this script on the forum but I need to be totally sure it is correct first.



    cd /home
    ls -al|grep root

    for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
    for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

    Then run;
    for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html ; done
    for i in `ls /var/cpanel/users/`; do chmod 750 /home/$i/public_html ; done

    Then run;
    /scripts/mailperm
    chown root.root /home



    Anyone see anything wrong with this ..?
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Re: SSH all files /home/USER/public_html/

    A word of caution: the above commands will allow a user to gain control of files, and data, you do not intend. For example, given malicious user baddie can do this:

    Code:
    $ ln /etc/shadow ~/my_configuration.txt
    
    'baddie' now has a file, owned by root, in his home directory. If you then, as root, followup with:
    Code:
    # for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done
    
    You've now changed the ownership of /home/baddie/my_configuration.txt to baddie:baddie. User 'baddie' now has access to all the password hashes.

    At minimum when doing recursive chowns as root, you need to filter out files owned by special users (e.g. root) that reside in regular users directories.
     
  6. defaultdave

    defaultdave Member

    Joined:
    Nov 19, 2011
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    Ok well I was hoping to acquire a script that would create a variable,

    reading the list of user accounts,

    creates a loop as such and appends the user one by one to a path like...



    $user = ("/var/cpanel/users/");

    /home/$user/public_html/

    and then changes all files and folders accordingly.




    What do you think. Thanks for getting back to me by the way.
     
Loading...

Share This Page