This user has the same password as the other users:
Firecloud
You should log in as webserver when uploading / editing files that will be accessed on the web.
webserver's home directory is /home/webserver/.
Inside of that directory is a directory called "html".
Basically, any file that is in /home/webserver/html can be accessed via the web.
So for example, lets say I put a file called "hello.html" in the that directory.
It's linux path would be "/home/webserver/html/hello.html".
To view that file on the web, I would visit http://cloudui.cs.siue.edu/hello.html.
Files cannot be placed in /home/webserver (it's read only; this is required by VSFTPD, the program we're using for our FTP server).
However, files CAN be placed in /home/webserver/html.
webserver is the user that nginx (our web server) uses. In Linux, every program is run by a user. Any action that the program performs is done using that user's privileges. So, why is this important? Two reasons:
webserver can only modify files that it is the owner of. If there's a file owned by "root" or some other user in it's html directory, modifying this file will fail. The same goes for if a .php script tries to modify some file that webserver doesn't own.
For example, say you were logged in as root and made a new .html file in nano and saved it in webserver's html directory. The new file is now owned by root. Then, later on, you log in as webserver and try to edit that file, but it won't work! This is because webserver doesn't have permission to modify files owned by other users (in this case, root).
webserver is a non-privileged user. That means that unlike the other accounts, this user isn't in the sudo group, i.e. he doesn't have root / admin privileges. This means that when you log in as webserver and try to run any command that starts with "sudo", it won't work (it'll tell you something like "webserver isn't in sudo"). If an attacker somehow gains control of the webserver account, he won't have root access to the system.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Say you are logged in as "jhutchi" or something, but you want to temporarily log in as a different user, do some stuff as him, then go back to being "jhutchi".
There's a useful command that does that:
su username
You can also do this with sudo if you prefer. In this case, you specify the user who you want to run the command as, and making the command "open a bash shell":
sudo -u username bash
The differences between sudo and su are:
With sudo:
you enter your own password, but
you need to be in the sudo group
With su:
Anybody can run, but
You have to enter the other user's password
Whenever you're done doing stuff as that user, you can go back to your original login by typing "exit".
(note: su stands for "super user" [i.e. root]. sudo stands for "super user do". For whatever reason, using sudo is typically preferred over su for security reasons.)
(another note: su cannot be used to log in as root on Ubuntu Server. root does not have a password on Ubuntu Server, making it impossible to log in as root using a username/password [this is done for security reasons]. Only people in the sudo group can do things as root. )
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Megha and I set up user accounts on November 8, 2012 (Wednesday).
All three servers (cloud, UI, and owner agent) have the following users, which can be used to log into the servers over SSH:
All users currently use the same password:
Additionally, all of these users have sudo ( i.e. root/administrative ) privileges as well.
You can run a single command as root by doing:
Or, you can log in as root (by entering a root shell after logging into your normal account) by running the following command:
Last edit: Jeff Hutchins 2012-11-08
The UI server has the following user:
This user has the same password as the other users:
You should log in as webserver when uploading / editing files that will be accessed on the web.
webserver's home directory is /home/webserver/.
Inside of that directory is a directory called "html".
Basically, any file that is in /home/webserver/html can be accessed via the web.
So for example, lets say I put a file called "hello.html" in the that directory.
It's linux path would be "/home/webserver/html/hello.html".
To view that file on the web, I would visit http://cloudui.cs.siue.edu/hello.html.
Files cannot be placed in /home/webserver (it's read only; this is required by VSFTPD, the program we're using for our FTP server).
However, files CAN be placed in /home/webserver/html.
webserver is the user that nginx (our web server) uses. In Linux, every program is run by a user. Any action that the program performs is done using that user's privileges. So, why is this important? Two reasons:
webserver can only modify files that it is the owner of. If there's a file owned by "root" or some other user in it's html directory, modifying this file will fail. The same goes for if a .php script tries to modify some file that webserver doesn't own.
webserver is a non-privileged user. That means that unlike the other accounts, this user isn't in the sudo group, i.e. he doesn't have root / admin privileges. This means that when you log in as webserver and try to run any command that starts with "sudo", it won't work (it'll tell you something like "webserver isn't in sudo"). If an attacker somehow gains control of the webserver account, he won't have root access to the system.
Say you are logged in as "jhutchi" or something, but you want to temporarily log in as a different user, do some stuff as him, then go back to being "jhutchi".
There's a useful command that does that:
You can also do this with sudo if you prefer. In this case, you specify the user who you want to run the command as, and making the command "open a bash shell":
The differences between sudo and su are:
Whenever you're done doing stuff as that user, you can go back to your original login by typing "exit".
(note: su stands for "super user" [i.e. root]. sudo stands for "super user do". For whatever reason, using sudo is typically preferred over su for security reasons.)
(another note: su cannot be used to log in as root on Ubuntu Server. root does not have a password on Ubuntu Server, making it impossible to log in as root using a username/password [this is done for security reasons]. Only people in the sudo group can do things as root. )