When working like you describe, you should copy your entire web document tree over to a new directory and give your developer access to that "development" instance.
Your "development instance" can be on the same server or another server.
Do not set things up where a web developer is working on your original files. Have them work and test based on a copy of your web filesystem and then when you are happy with it, deploy it.
This is roughly a very short description of how to do what you want to do and there are many different ways to do it.
In a nutshell,
Have the developer work on a copy, not the running code.
Test the planned upgrade and do not deploy until the code has been well tested.
Use a configuration management tool like git and github to manage version control do you can see what changes from version to version and restore any files which are buggy, etc.
Thank you so much for your suggestion. Indeed, letting the developer test in a copy instance first is a reasonable way. However, in the copy instance, I still have the same problem: How to restrict the new user to access only that three front-end related directory? And the three directories are not in the same directory. For now, I've solved the first problem (accessing existing directory with write permission) with following codes:
cd /home/www/application/index/view
chmod -R a+w *
But the second problem (how to bind above three directories to the new user?) is still there. I added following codes to /etc/ssh/sshd_config:
But only one folder (/home/www/application/index/view) is accessible. How to let the other two folders also accessible for the added new user?
I am a beginner to Linux, your help will be greatly appreciated.
I need to find all the files that have group Read or Write permission or files that have user write permission.
This is what I have so far:
find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}'
It shows me all files where group read = true, group write = true... (5 Replies)
Hi,
The requirement is like,
the program needs 2 argument one is user_id and second one is directory path. My script will check if that user_id has write access to the directory path. The directory path may be in any file system like AFS or NFS.
Can any one please suggest some points to... (1 Reply)
RHEL5.0
As we know, when root create a new user, a new home directory will be created : /home/user
I want to know what determine the access permission of /home/user .
Thanks! (1 Reply)
Hi,
Im trying to add some validation into my shell script code that basically checks whether a directory exists before SFTP'ing a file to it. If the directory exists then it will add the file, if not then it should return some kind of message. This is the code I have written so far but with no... (1 Reply)
Guys, i wanna get any user files with write permission (on user or group permission) for review but i confuse with -perm parameter.
any body can help me to explain what is that mean?
thank's (1 Reply)
Hi
I am trying to make a web program which is command line equivalent. i have done the coding in cgi program in perl and html for basic forms to take inputs. when i ran the program from web application i see permission denied messages. after analyzing i found apache is running as wwwrun which... (2 Replies)
Hi folks,
I am trying to grant the access like below items using the setfacl command, but i couldn't achieve as what I required. any other possibility.
username : testing
Readonly access in /form_dl/system/prd/logs
Write only access in /form_dl/system/prd/deploy
No access to other... (0 Replies)
Hi All,
We have a scenario in production where we want only one user from a group to modify the file. The file is not set to write permission for application manager.
-r--r--r-- 1 amgr u00 15661716 Aug 30 00:06 DCI.dat
So here amgr will have permission to edit the file. We want a... (10 Replies)
logMsg='Started by '${USER}
LOG_MESSAGE "${logMsg}"
resultCode=$?
if ]; then
return ${resultCode}
fi
touch ${FILELISTPATH}
resultCode=$?
if ]; then
logMsg='failed to create file list:'${FILELISTPATH}
LOG_ERROR "${logMsg}" CUSTOM_PREPROCESS ${FATAL}
... (2 Replies)
Discussion started by: raka123
2 Replies
LEARN ABOUT LINUX
sftp-server
SFTP-SERVER(8) BSD System Manager's Manual SFTP-SERVER(8)NAME
sftp-server -- SFTP server subsystem
SYNOPSIS
sftp-server [-ehR] [-f log_facility] [-l log_level] [-u umask]
DESCRIPTION
sftp-server is a program that speaks the server side of SFTP protocol to stdout and expects client requests from stdin. sftp-server is not
intended to be called directly, but from sshd(8) using the Subsystem option.
Command-line flags to sftp-server should be specified in the Subsystem declaration. See sshd_config(5) for more information.
Valid options are:
-e Causes sftp-server to print logging information to stderr instead of syslog for debugging.
-f log_facility
Specifies the facility code that is used when logging messages from sftp-server. The possible values are: DAEMON, USER, AUTH,
LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.
-h Displays sftp-server usage information.
-l log_level
Specifies which messages will be logged by sftp-server. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1,
DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that sftp-server performs on behalf of the client. DEBUG and DEBUG1 are
equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR.
-R Places this instance of sftp-server into a read-only mode. Attempts to open files for writing, as well as other operations that
change the state of the filesystem, will be denied.
-u umask
Sets an explicit umask(2) to be applied to newly-created files and directories, instead of the user's default mask.
For logging to work, sftp-server must be able to access /dev/log. Use of sftp-server in a chroot configuration therefore requires that
syslogd(8) establish a logging socket inside the chroot directory.
SEE ALSO sftp(1), ssh(1), sshd_config(5), sshd(8)
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress material.
HISTORY
sftp-server first appeared in OpenBSD 2.8.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD January 9, 2010 BSD