Permission denied while trying to cd /home/username

I set up a fresh server and ran the install.sh script. I was toying around with Virtual and Webmin as I’ve never used to before.

On my server I created a user outside of *min and added it to the admin usergroup, set PermitRootLogin to no in sshd_config and added admin to sudoers group.

Then inside of Virtualmin I created a couple different virtual servers, jumped back to shell and attemped to cd /home/username/public_html so that I could create an index.html with my admin user.

I recieve a -bash: cd: ./username/public_html: Permission denied when trying to view any of my Virtualmin created user home directories with this outside admin user I have made. However if I su username and then cd into the outside admin user’s home directory it works no problem (and of course so does root).

I’ve tried googling this some but I figured I might get a better response here.

What is preventing me from seeing any other user’s directory created with Virtualmin when I am not using a system user account that I created from command line?

Okay I just read the responses within http://www.virtualmin.com/node/16330

I understand the premise but could someone enlighten me as to what is actually going on?

Is everybody but the owner of the home directory denied read access? Why are those users then allowed to read anything outside of their home dir?

Howdy,

Users are only allowed to see files and directories marked with “world read” access.

Most directories outside of /home are world read, meaning a user can browse then – though the files in them aren’t necessarily readable or executable by a non-root user.

Note that since you gave your admin “sudo” access, you could always do this:

sudo cd /home/username/public_html

That takes a normal user, and temporarily gives them root privileges.

As you noticed in the thread you linked to though, I wouldn’t really recommend doing that – I’d recommend setting up a website as the website owner, the permissions and file ownerships can become incorrect otherwise.

-Eric

Thanks for the repsonse. I was aware of the world-readability status but for some reason I thought virtualmin user1 could see virtualmin user2’s files but I guess I hadn’t checked that.

I tried the sudo cd command but cd was not a recognized command under sudo.

I know I can google and find the answer but perhaps you could tell me how to add commands to sudo’s abilities? (Just for knowledge’s sake, I’m not trying to muss anything up)

Ah, I see the problem – ‘cd’ isn’t actually a command, it’s a built-in shell function. So sudo wouldn’t be able to call it.

My recommendation would be to try and accomplish your task without first changing to that directory :slight_smile:

For example, if you’re trying to create a index.html file, you can do this:

sudo nano /home/username/public_html/index.html

And then you can add your content to that index.html.

Again though, I don’t recommend the above, it will create permissions problems :slight_smile:

I recommend using the Virtual Server owner to create content for their domain. Otherwise, you’ll have to manually change the ownership of each file you create.

-Eric

Eric, thanks for your responses. I actually have no problem just doing su username temporarily. I just love learning more about the system administration and so I’m trying to a more complete picture of things.

Are you affiliated with Virtualmin or are you just a poweruser? (curious)

Howdy,

I completely understand, and you’re welcome to keep asking questions!

Some folks get themselves into trouble by setting up their website as the root user… for example, if they’re looking to setup Wordpress, they might unpack the WordPress archive and set up the config as the root user.

The problem in this case though is that the files and directories would all be owned as root, and although some portions of WordPress would work, there would also be intermittent breakage due to permissions problems.

However, it sounds like you understand how to avoid the above :slight_smile:

As for me, I work for Virtualmin :slight_smile:

Have a good one!

-Eric