Group Ownership and FTP

In Virtualmin, if I have a customer whose UID:GID is custid:custid, and there are e-mail accounts on the domain whose UID:GID values are mail1.custid:custid, mail2.custid:custid, etc., it would seem to me that the domain owner would be able to create/delete/inspect the files found in each of the mail user accounts (in the /homes/mail1, /home/mail2, … directories).

In my /etc/proftpd.conf file, I’ve set:

Umask 007

When user directories are created via Virtualmin (Edit Mail and FTP Users), the directory created (e.g., /home/mail1) has mode 0700. Of course, then the domain owner can’t login as the domain owner and read/write files and directories.

I’d like the account owner to be able to have complete access to all content within the account (all domains, all homes areas, etc.).

What do I need to do to make this work?

Any ideas on how a domain owner can read/write into mail users directories? Go ahead, prove you’re a virtualmin god or goddess!

I’ve done some work on the code and I’ve found a solution. It amounts to modifying the file:


in the function:


The solution was to change every occurrence of 0700 with 0770, and every occurrence of 0600 with 0660. In addition to this, the file:


needed to be modified. It needs to have the directive:

Umask 007

If absent, add it; if there is another value (e.g., 027), then change it to 007.

With those two changes, the account (top-level server) owner can now read and write files that belong to users created via Edit Mail and FTP Users.

It would be nice if there were a GUI that allows one to choose the one mode or the other. It might have to be a solution that applies to all domains. But, if the Virtualmin team can figure out an even more elegant way to do this, it would be a big help for people who want the top-level server user to have the ability to read and write all files in the account.