Is this a bug?
I’m restoring from a vestacp archive using
v-restore-user username username.DATE.tar
Seems to all run fine except the new user’s home dir created has owner of root:root instead of username:username
as in /home/username
I only noticed this because I was using vim to edit some scripts for new paths and was getting errors about temp files or writing files in the user dir.
Further to this.
I just created a new temporary user, and it also was created with root:root as owner for /home/temporary
I have older user accounts I created when I first set this server up, and they were as I would expect. i.e. thatuser:thatuser for ownership. Now they’re being created with root:root.
same bug different place? I can’t see a reason we’d want to create the user home dir with root ownership on purpose. This must be a bug.
It seems on purpose, as when I change from ssh access from nologin to choosing a shell, it changes the home dir ownership. And it goes back to root ownership when I change ssh back back to nologin.
I guess this is seen as some extra security? I’m not sure what the benefit would be. I ran into this because I went from root user to the user for a particular website to edit and test scripts as that user. I was getting vim errors with the temp file creation. I hope someone might be able to explain the benefit.
That is all normal. SFTP jail requires the folder to be owned by root other wise it will not work
Ah. sftp jail. I wasn’t aware root had to own the user home dir for this. Thanks for explaining the why. Perhaps I can change permissions on the vim temp file to resolve that error when creating new files as the user instead of root.
Or I can create my files as root and later change their ownership to the user. You know, like a caveman!
Anyway, thanks again for clarifying that.
Yes you can we do the same…
Oh my god! I was looking everywhere what could be happening… What was changing the ownership…
I thought it was one of my deployment or restoration scripts.
This should not happen. Ownership should be restored to its original state or otherwise CMS maintenance could stop working.
At least it should be user:root
v-add-user-composer does it for example. So it is fine …
That means that everything is working as it is supposed to be or that it is very easy to patch that?
There is no bug in this case it works as expected…
When SFTP jail is enabled the user home dir needs to be owned by the root
Then it changes back to user:user
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.