Access to /home/domainna/var

As a siteworx user, is it possible to get (read/write) access to inside the ‘var’ (/home/domainna/var) directory?

I have shell access to my siteworx account.

[SIZE=2]I guess that is not possible because iworx is the owner of that directory and all sub-directories.[/SIZE]

daveyw, thanks for the reply. I should have asked like this.

Will there be any problem, if the var dir and it’s files/sub-dirs are chowned to my login?
Or, are they need to be with the ‘iworx’ owner and group?

Secondly, Why it is made like that? Specifically to deny access to the siteworx user?
Any reply from iworx team would be appreciated.

Thanks

/var stores system-related info for Iworx, including log files, email configs, emails etc, and as such the iworx user needs access to that folder.

I’d imagine it could cause a problem if you take iworx’s access away.

I want to use .qmail files and I guess I have to place them inside it.
No way for me to get access to it?

Or, being a reseller would give access to it? (I guess as NO…)

Or, Will the following work?

The var dir’s permission is rwxr-x–x. If it is changed to rwxrwx–x and if my username gets added to the iworx group, then I guess there won’t be any problem. And, will I get write access inside it?

BTW, thanks to everythingweb for the reply.

Out of interest, are you a Shared hosting customer of a company running Interworx?

If so, I cant imagine them putting your username into the iworx group, as this would be a potential security risk. The iworx user/group has permissions throughout the box.

Being a reseller wouldn’t help you in this instance.

When you say use .qmail files, I presume you mean you want to configure/add them for mail parsing, such as piping mail to a script etc?
I know its not the solution your looking for, but would it not be something you could just ask your host to do for you?

I know we have quite a few people who pipe emails to php scripts for mailing lists/support desks etc and we have done the .qmail configuration on customers behalf.

Yes, (as my forum username says) I am a shared hosting customer of an iworx host.

Yes, want to pipe mails to a script, but not for mailing lists / support desks.

I may request my host to create the file for me, but I can not easily do the testing/debugging with it, and I can’t simply keep asking the host to repeatedly create/modify the file. And the same goes for all the secondary domains that I will use. Even if the host is willing to do it for me, it won’t be comfortable for me.

It’s enough to provide access only for the .qmail* files.

No way for the access?

PS: I think the ‘var’ dir was having read access some time back (before 3.x?)

The files in question are actually owned by vpopmail with your user as the group

/chroot/home/user/var/domain.com/mail

[root@iworx mail]# ls -la
total 20
drwx–s--x 4 vpopmail awalktor 4096 Aug 25 20:08 .
drwx–x--x 9 iworx iworx 4096 Jan 30 03:04 …
-rw-r----- 1 vpopmail awalktor 0 Feb 18 2005 bounceon
-rw------- 1 vpopmail awalktor 58 Mar 27 2005 .qmail-default
drwx–S— 3 vpopmail awalktor 4096 Aug 25 20:08 tim
drwx–s--x 3 vpopmail awalktor 4096 Sep 16 2004 webmaster
[root@iworx mail]#

so really only the root user will have access and thus there does not seem to be any way around it. Changing these permissions would be disastrous.

[quote=EverythingWeb;14885]/var stores system-related info for Iworx, including log files, email configs, emails etc, and as such the iworx user needs access to that folder.

I’d imagine it could cause a problem if you take iworx’s access away.[/quote]

Yes, among other things your email wont work anymore :wink:

[quote=IWorx-Tim;14976]The files in question are actually owned by vpopmail with your user as the group

/chroot/home/user/var/domain.com/mail

so really only the root user will have access and thus there does not seem to be any way around it. Changing these permissions would be disastrous.[/quote]

What I should have said was that root, and possibly iworx is the only user with access to everything. A file/dir can only have one owner which is part of why we have groups.

 drwx--x--x  9 iworx    iworx    4096 Jan 30 03:04 ..
-rw-r-----  1 vpopmail awalktor    0 Feb 18  2005 bounceon
-rw-------  1 vpopmail awalktor   58 Mar 27  2005 .qmail-default
drwx--S---  3 vpopmail awalktor 4096 Aug 25 20:08 tim
drwx--s--x  3 vpopmail awalktor 4096 Sep 16  2004 webmaster

In the example the directoy you want to write in is owned by user vpopmail and the group of the siteworx user (in this case awalktor) has read access but can’t write. The files inside the directory are also owned by vopomail and the siteworx user has execute access only. It can’t read or write to those files.

Adding your sitworx user to the vopomail group MIGHT give you what you want BUT a sysadmin is likely preventing from doing that by data security policies.

At least, can a script be written (verified and installed by root) to create the .qmail files? (of course backing up the iworx’s original). It could be written in such a way that it only writes files under the required siteworx account’s domains.

Can that be run by the siteworx user (or a visitor?) to create/restore the file?

If yes, would the ‘vpopmail’ owner setting be retained to the file?

[quote=SiteWorksUser;15009]At least, can a script be written (verified and installed by root) to create the .qmail files? (of course backing up the iworx’s original). It could be written in such a way that it only writes files under the required siteworx account’s domains.

Can that be run by the siteworx user (or a visitor?) to create/restore the file?

If yes, would the ‘vpopmail’ owner setting be retained to the file?[/quote]

I’ll have to get one of the developers to address that question.