Welcome to Centmin Mod Community
Become a Member

Nginx Nginx permission for root user sftp uploads

Discussion in 'Install & Upgrades or Pre-Install Questions' started by Benjamin74, Apr 3, 2017.

  1. Benjamin74

    Benjamin74 New Member

    23
    1
    3
    May 2, 2016
    Ratings:
    +4
    Local Time:
    4:27 AM
    Sorry to ressurect this thread but I just wanted to be sure that I'm not doing anything bad ;-)

    Is it OK to use a CRON to set ownership as nginx:nginx to the entire /home/nginx/domains/ folder ??

    Or should the permissions be only set to the "public" folder (i.e. for each domain) ?

    Thanks,
     
  2. RoldanLT

    RoldanLT Well-Known Member

    3,830
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,258
    Local Time:
    10:27 AM
    1.11
    10.2
    Yes I think.
     
  3. Sunka

    Sunka Active Member

    888
    230
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +376
    Local Time:
    4:27 AM
    Nginx 1.13.3
    MariaDB 10.1.24
    Yes you can. I have that for a year and half.
    Code (Text):
    */5 * * * * /usr/bin/chown -R nginx:nginx /home/nginx/domains
     
  4. eva2000

    eva2000 Administrator Staff Member

    29,035
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:27 PM
    Nginx 1.13.x
    MariaDB 5.5
    As per Step 2 of Getting Started Guide this would only allow to root user uploads via sftp. Any uploads via pure-ftp virtual ftp user are already owned by nginx user/group.

    take a read of thread in Centmin Mod Insights forum at https://community.centminmod.com/th...kup-restore-file-directory-permissions.10633/

    if you setup tools/backup-perm.sh script via cronjob for each nginx vhost site, it auto does the nginx chown recursively on each /home/nginx/domains/domain.com vhost directory. Setup one tools/backup-perm.sh script per nginx vhost at /home/nginx/domains/domain.com/tools/backup-perm.sh as the script only works on per nginx vhost basis

    tools/backup-perm.sh first backs up file and directory permissions at /home/nginx/domains/domain.com and any files/directory under that and then chown nginx recursively for /home/nginx/domains/domain.com and files/directory under that
     
  5. Benjamin74

    Benjamin74 New Member

    23
    1
    3
    May 2, 2016
    Ratings:
    +4
    Local Time:
    4:27 AM
    Ohhh I think I get now why I have to run this chown command, it's not because of pure-ftpd edits I'm making but because of SSH root edits !!

    Because I'm uploading with a pure-ftpd user that has access to all domains:

    pure-pw useradd mycustomusername -u nginx -g nginx -d /home/nginx/domains/

    so pure-ftp uploaded files should be good, but I'm sometimes doing some small edits or wget from the root ssh command line which are likely to cause issues later on if I don't chown them...
     
  6. eva2000

    eva2000 Administrator Staff Member

    29,035
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:27 PM
    Nginx 1.13.x
    MariaDB 5.5
  7. Benjamin74

    Benjamin74 New Member

    23
    1
    3
    May 2, 2016
    Ratings:
    +4
    Local Time:
    4:27 AM
    Yep saw the script. Since I just need a brutal chown accross all domains, I prefer the simple crontab -e with chown -R nginx:nginx /home/nginx/domains since it seems to be working just fine ;-)
     
  8. eva2000

    eva2000 Administrator Staff Member

    29,035
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:27 PM
    Nginx 1.13.x
    MariaDB 5.5
    yeah that's what my script does just it backups up directory and file permissions before doing chown so you can restore directory and file permissions if needed