I need to give my web devs access to /home which is where all of the users accounts are stored. However, I don't wish them to have root access. I am not sure how to get the proper permissions setup.
Previously we just allowed them to use the SSH as root ability to SFTP to the server and have the FTP client automatically set the remote folder to /home. Logins are private / public key pairs, not password. Of course this does nothing to prevent them from changing to a directory above that. Friday evening about 4:30 one of my devs broke the server, the /usr/local directory was missing. I spent three hours in a panic figuring out if the folder had been deleted, or just moved. Lucky for me I found the folder in another subfolder of /usr - obviously someone dragged and dropped it via the SFTP client.
So, what I what to be able to do is create an account for the web devs that will give them access to the /home folder and have full control of everything there, without screwing up permissions in the individual folders and files that belong to the users themselves, and without giving them root access. How might I do this? I am not sure if this is something that can be done within WHM, if it needs to be done at the server level, or what group the user should belong to.
This server is a dedicated server colocated in a datacenter, so my access level is root.
Previously we just allowed them to use the SSH as root ability to SFTP to the server and have the FTP client automatically set the remote folder to /home. Logins are private / public key pairs, not password. Of course this does nothing to prevent them from changing to a directory above that. Friday evening about 4:30 one of my devs broke the server, the /usr/local directory was missing. I spent three hours in a panic figuring out if the folder had been deleted, or just moved. Lucky for me I found the folder in another subfolder of /usr - obviously someone dragged and dropped it via the SFTP client.
So, what I what to be able to do is create an account for the web devs that will give them access to the /home folder and have full control of everything there, without screwing up permissions in the individual folders and files that belong to the users themselves, and without giving them root access. How might I do this? I am not sure if this is something that can be done within WHM, if it needs to be done at the server level, or what group the user should belong to.
This server is a dedicated server colocated in a datacenter, so my access level is root.
Code:
grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype ; grep CPANEL= /etc/cpupdate.conf ; httpd -v ; php -v ; mysql -V
/etc/redhat-release:CentOS Linux release 7.3.1611 (Core)
/usr/local/cpanel/version:11.62.0.15
/var/cpanel/envtype:standard
CPANEL=release
Server version: Apache/2.4.25 (Unix)
Server built: Jan 25 2017 17:34:23
Cpanel::Easy::Apache v3.34.11 rev9999
PHP 5.6.30 (cli) (built: Jan 25 2017 17:38:54)
Copyright © 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright © 1998-2016 Zend Technologies
with the ionCube PHP Loader v4.7.5, Copyright © 2002-2014, by ionCube Ltd.
mysql Ver 14.14 Distrib 5.5.54, for Linux (x86_64) using readline 5.1