• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

FTP rights problem (psacln)

Fritz MichaelG

Basic Pleskian
Let's say I have a subscription with the following hosting parameters:
  • PHP via FastCGI
  • System user: foo
  • FTP Access enabled for system user (SSH access: /bin/bash)

Now, everytime I upload a file via FTP to that subscription, using the system user account foo, the owner:group information of that file will be foo:psacln. However, the Apache Server is unable to read any files (except PHP files) that have the property foo:psacln instead of foo:psaserv for instance, even with 751 permissions (read for everyone). If a file is requested directly via Apache, Apache will only give a 403 Forbidden for that file, as long as the ownership is foo:psacln (and the permissions are 750 (or 770, or 751, etc.; as long as it's not **7)). I always need to change the group of the uploaded files to psaserv manually, in order for them to be directly accessible via Apache.

Why does this happen? Have I misconfigured something?
 
Last edited:
Hi,

The ownership with web content is correct, foo:psacln.

I've encountered a similar problem before. While preforming a recursive ownership change, I accidentally modified the httpdocs folder to foo:psacln. This stopped the web server from being able to access the directory and it's contents. The resolution was to adjust ownership of httpdocs to foo:psaserv, all web content should be foo:psacln.

_Zigge
 
But that's the point - the httpdocs folders do have foo:psaserv, but Apache will refuse to access any assets which have foo:psacln, without read access for "everyone" on those files.
 
Back
Top