Menu
▾
▴
2 Attachments
#5432 File Manager access
Running Webmin V1.953.
I am unable to limit access to certain PATH's with File Manager. I have set the limitation on each user id to 1 PATH but that is not working.
The File Manager tree is wide open and I need to limit my users. I was able to do this with the old Java File Manager but this Perl version I am unable to do that. And the Module config has no way to restrict access either.
Any help is greatly appreciated.
Please help!!
Aletha Chrietzberg
alethad@unch.unc.edu
Well that sucks. Ok.
What about the Custom Categories for safe users? How an I get those? Or is forming a Group the only way?
Is the safe user looking for users only in the local /etc/passwd file? How does it handle LDAP users that have no entry in this file?
I just removed my own user id and re-created it as a safe user. Now File Manager only allows me into my home directory. I cannot get to my desired PATH /epic/nonprodfiles.
How can this be changed to allow the other PATH?
Hey guys,
Is there any update or news yet for me?
Thanks.
Hey guys. Is there any update or news on this ticket yet? I'm just being anxious. If it would help to talk on the phone I am certainly up for that.
I do not want this tool take away from us. Any help is greatly appreciated.
Thanks.
Webmin 1.970 is available and must be installed.
About what? I can confirm that Java File Manager had an ability to lock directories for root capable logins as well, however HTML File Manager has this functionality only for safe users .
Why not using safe Webmin user? You could mount bind all needed directories, using appropriate permissions to user's home with safe user. Would that work for you?
Thanks Ilia for the quick response. I did set up a safe user but it only had access the the user's home directory. I am not sure I understand what you mean by "mount bind all needed directories using appropriate permissions to user's home with safe user. "
If that can help me with limiting my users to certain directories and being able to do what they need to do I'm all for it.
I just don't know how to do that. That I know of. Do you have any documentation that I can look over?
Also in order to do your suggestion do I have to upgrade to Webmin 1.970?
Per se, you should always upgrade.
If there are directories that all of your users need to access, you can mount bind those directories to users' homes, like:
Note: Permissions' adjustment might be needed and/or creating a new group, and adding those users to that group (for instance group named shared) would be even better.
Last edit: Ilia 2021-02-24
So that is out in the AIX OS you're talking about. Right? I don't see that --bind as an option on AIX. Or if that's not the case please correct me.
But this is a Tier 0 server so no I will not be allowed to do that type of mount like this on these servers. The powers that be keep a tight rein on these servers. That's why I have to control all directory accesses thru Webmin. So I guess you are saying the answer is no I will no longer be able to control the Webmin user's PATH access thru the Webmin user permissions parameters anymore.
I am sorry to hear that. My users will probably have to give up Webmin for Filezilla. And they really prefer Webmin.
If there's any other way to do what I need thru Webmin only please let me know.
Thanks.
Probably you could install
bindfscommand and do effectively the same.Perhaps we could have a look and fix it for the future releases.
Okay, I have implemented such functionality for upcoming Webmin release (1.972+).
Thanks for reporting!
Just to make sure I am understanding you. You are going to look at controlling PATHs for users in the Module >Webmin Users >> userid >> Webmin User access rights >> Permissions for all Modules?
If so, that would be wonderful! Will I get a notification of the version it's in? Is there any kind of ETA on which version or how soon that might come into being? Just being anxious.
Thank you so much!
No. It will be configured under Webmin Users > userid > Edit Webmin User > Available Webmin modules > File Manager and its Allow access to directories ACL.
It will give you the functionality you want.
It will be available with Webmin 1.972+, hopefully within few days!
Hi Ilia,
I just upgraded my test Webmin server to 1.973. I went to set the ACL on the File Manger module as you instructed.
I got an error. I'm not sure why yet.
I went to another Webmin with out updating to set the ACL and got this same error.
Can you point me in the right direction?
Require filemin/acl_security.pl failed :
Can't locate File/MimeInfo.pm in @INC (you may need to install the File::MimeInfo module) (@INC contains: ./lib /usr/local/webmin-1.955/filemin /usr/local/webmin-1.955 /usr/opt/perl5/lib/site_perl/5.20.1/aix-thread-multi /usr/opt/perl5/lib/site_perl/5.20.1 /usr/opt/perl5/lib/5.20.1/aix-thread-multi /usr/opt/perl5/lib/5.20.1 /usr/opt/perl5/lib/site_perl . /usr/opt/perl5/lib /usr/bin/perl ..) at /usr/local/webmin-1.955/filemin/filemin-lib.pl line 11.
BEGIN failed--compilation aborted at /usr/local/webmin-1.955/filemin/filemin-lib.pl line 11.
Compilation failed in require at /usr/local/webmin-1.955/filemin/acl_security.pl line 1.
Disregard my last post. I discovered the upgrade got interrupted with a disconnect. Reinstalled a second time. Stil got a disconnect message but this time the V1.973 downloaded properly and the start script had been updated to the new version. I re-started the miniserv and the install seems to have continued. Waiting to see.
Have not had a disconnect during an upgrade before. Is this a known issue?
Upgrade finished and so far so good. I have tested the ACL setting as you suggested and it seems to be working. AWESOME!!
Let me know about the disconnection issue and if I handled it properly.
Thanks.
I have no idea. Sorry.