Create my own System-User via useradd?

tinder · September 18, 2023, 8:18pm

Hello,
I need a separate (S)FTP user (or SSH user if applicable). This type of user cannot be created via the YunoHost interface. If I create such a user via terminal with the command useradd, will that cause complications with the YunoHost system? - The background is that I need a separate user for the file upload in my Pico-CMS.
Thanks for your help
Tinder

YunoHost-Version: 11.2.4 (stable)

Hallo,
ich benötige einen separaten (S)FTP-User (bzw. ggf. auch SSH-User). Diese Art von Nutzern kann man ja nicht über das YunoHost-Interface anlegen. Wenn ich so einen User per Terminal mit dem Kommando useradd anlege, gibt das Komplikationen mit dem YunoHost-System? - Hintergrund ist, dass ich einen separaten User für den Datei-Upload in meinem Pico-CMS benötige.
Danke für eure Hilfe
Tinder

YunoHost-Version: 11.2.4 (stable)

rungeard · September 19, 2023, 11:35am

Why ? You can create a user in YunoHost and then give him SSH and SFTP right. See SSH and command line | Yunohost Documentation

tituspijean · September 19, 2023, 3:20pm

This can be integrated from the app packaging.

If you want to do it manually:

sudo useradd -aG sftp.app pico
sudo passwd pico
# assign a strong password to the user

User pico will then have the right to log in via SFTP.

tinder · September 20, 2023, 10:02am

Oh, yeah! This looks quite good - thank you
But one little question remains: At this moment the user has only access to /home/picouser. How can I change users home-dir to the pico-web-path (/var/www/pico/content)? And how can I give him access to this folder? I need already “su” to access the /var/www/-folder…

tinder · September 20, 2023, 10:06am

The useradd-command does not seem to know the option “-a”. Did the “a” accidentally slip between “-” and “G” or does the “a” stand for another letter?

rungeard · September 20, 2023, 3:25pm

Try something like

sudo chown -R picouser:picouser /var/www/

tinder · September 20, 2023, 5:51pm

Yes, ok thanks - the basic principle is clear. My concern is that if I do a chmod on /var/www/pico/content, the YunoHost system might be disturbed. Do you know more about this?

tituspijean · September 20, 2023, 9:20pm

It might be -a -G, the -a is important to append the group to the user’s existing group list, otherwise it is replaced. This might explain why you cannot access to /var/www/pico correctly. Check its groups with groups pico.

I think I forgot to ensure the user’s home directory: sudo usermod -d /var/www/pico pico (I discourage you from choosing directly a subdirectory, just a feeling).

tinder · September 21, 2023, 7:31am

Ah, ok - that explains a lot
Thank you very much, I’ll try that.

system · October 21, 2023, 7:31am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.