Changing Permissions for ALL users in /home/*/public_html/

[defaultdave]

I need to change the permissions of all files and directories on a Cpanel server.

/home/USER/public_html/ any directory to 750 user:nobody
/home/USER/public_html/ any file to 644 user:user

and all files recursively.

I found this on the forum but I need to be totally sure it is correct first.



cd /home
ls -al|grep root

for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

Then run;
for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html ; done
for i in `ls /var/cpanel/users/`; do chmod 750 /home/$i/public_html ; done

Then run;
/scripts/mailperm
chown root.root /home




So to test this:
I setup a folder in the root called /hometwo/
and a folder called /var/cpanel/userstwo/
and copied some test files into both locations.

But I get an error...

Last login: Tue Apr 23 12:21:25 2013 from xxx.xx.xx.xx
[email protected] [~]# cd /hometwo
[email protected] [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown $i:$i /hometwo/$i ; done
chown: `./:./': invalid user
chown: `../:../': invalid user

[email protected] [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown -R $i:$i /hometwo/$i/* ; done
chown: `./:./': invalid user
chown: `../:../': invalid user

Is this test even feasible?

Will the script work in its normal form?

Really just implementing rather than understanding here.
D

 

[arunsv84]

Script seems to be fine. Its not necessary to run these scripts for whole server. I would recommend you to play only with the account that's having wrong permissions.

I need to change the permissions of all files and directories on a Cpanel server.

Whats the exact requirement ? Why you wish to change the permissions of all files and directories ?

But I get an error...

Last login: Tue Apr 23 12:21:25 2013 from xxx.xx.xx.xx
[email protected] [~]# cd /hometwo
[email protected] [/hometwo]# for i in `ls /var/cpanel/userstwo/`; do chown $i:$i /hometwo/$i ; done
chown: `./:./': invalid user
chown: `../:../': invalid user

When an account is created from WHM, the user details are stored in /var/cpanel. If you simply create a directory or user from backend to test the script, it will not work because script is trying to fetch the details from /var/cpanel.

Thanks!

 

[defaultdave]

OK

when I say: I need to change the permissions of all files and directories on a Cpanel server.
This is inaccurate.

A large amount of user files are like this:
home/ANY_USER/public_html/ (of some 400+ accounts)

/elements/ (root:root 755)
/css/ (user:user 755)
index.htm (user:user 755)
contact.php (user:user 755)
about_us.html (user:user 755)


So, what I want to be sure is going to happen is,

The script will take the username, find the public_html folder and make

all directories (under respective public_html folders) become user:nobody 750

and

all files (under respective public_html folders) become user:user 644

thats the way to go right?


ALSO:
in the test script i did change the file path to
"ls /var/cpanel/userstwo/"
So the copied files in there should do same as the real var/cpanel/user/ ...???

 

[defaultdave]

SSH all files /home/USER/public_html/

I need to change the permissions of ALL of my (350+) Users files and directories on a Cpanel server.

/home/USER/public_html/ any directory to 750 user:nobody
/home/USER/public_html/ any file to 644 user:user

and all files recursively.

I found this script on the forum but I need to be totally sure it is correct first.



cd /home
ls -al|grep root

for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

Then run;
for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html ; done
for i in `ls /var/cpanel/users/`; do chmod 750 /home/$i/public_html ; done

Then run;
/scripts/mailperm
chown root.root /home



Anyone see anything wrong with this ..?

 

[cPanelKenneth]

Re: SSH all files /home/USER/public_html/

cd /home
ls -al|grep root

for i in `ls /var/cpanel/users/`; do chown $i:$i /home/$i ; done
for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

A word of caution: the above commands will allow a user to gain control of files, and data, you do not intend. For example, given malicious user baddie can do this:

$ ln /etc/shadow ~/my_configuration.txt

'baddie' now has a file, owned by root, in his home directory. If you then, as root, followup with:

# for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/* ; done

You've now changed the ownership of /home/baddie/my_configuration.txt to baddie:baddie. User 'baddie' now has access to all the password hashes.

At minimum when doing recursive chowns as root, you need to filter out files owned by special users (e.g. root) that reside in regular users directories.

 

[defaultdave]

Ok well I was hoping to acquire a script that would create a variable,

reading the list of user accounts,

creates a loop as such and appends the user one by one to a path like...



$user = ("/var/cpanel/users/");

/home/$user/public_html/

and then changes all files and folders accordingly.




What do you think. Thanks for getting back to me by the way.