B
B
BloodVIRUS2018-06-27 11:03:55
linux
BloodVIRUS, 2018-06-27 11:03:55

How to add a user with access to a folder in linux?

Hello. I'm trying to find a solution to the problem, but I can't. Either I can’t put the question correctly, or there was no such question, which is less likely. The essence of the problem:
I have a server on which the web server is running. There are no FTP clients and I do not want to install it.
Root directory /var/www/sites
There are a lot of sites, only I work on the server, and under the root
inside /var/www there are directories www-data:www-data (33:33)
There was a need to give the user access to some site, and maybe multiple sites. It is necessary to make it so that he could not only not download other sites, but also see their files.
How to achieve this? If I create a user and add him to the www-data group, then he will have access to all sites
The question is most likely very simple, but it's not the first time I've tried to figure it out, it doesn't work.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
F
fdroid, 2018-06-27
@fdroid

I solve such tasks with the help of ACL . Here is an example of a script that sets the necessary permissions for the necessary directories (users, of course, must already exist):

#/bin/sh
setfacl -R -b /folder/subfolder
setfacl -R -m u:www-data:rwx /folder/subfolder
setfacl -R -d -m u:www-data:rwx /folder/subfolder
getfacl /folder/subfolder

PS If I understand the question correctly, of course.

M
Max, 2018-06-27
@MaxDukov

I will assume:
on all directories give the full rights for group.
for each site we make a separate group and make it the owner group. we take away the rights from all at all. it may be worth adding www-data to all these groups of the
user who needs to access some site, add to the group of this site
what happens.
the web server is the owner of the files, has all the rights to them, everything is OK
the user is a member of the group, the group has rights - the user gets access to the files.
directories whose groups the user does not belong to are visible to the user, but he cannot enter them,
which must be taken into account:
play around with sticky-bit and umask, otherwise the rights to new files will "float away".

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question