Mark Rogers mark@quarella.co.uk wrote:
I need to create an FTP user that can upload images that the webserver will use (simple: I symlink the directory into the relevant path in DocumentRoot), however I also need Apache to be able to write to the files (images will be uploaded by the website admin backend as well as via FTP). How do I achieve this?
I can add Apache (www-data) to ftpgroup, which should solve this but would also give Apache write access to all files uploaded by any FTP user, which I don't want to do. [...]
Why would it? If the directory is group-writeable but the files aren't, Apache could delete them (IIRC), but you can avoid that by setting the sticky bit (+t) on the directory. See man chmod.
Maybe I'm not understanding what you're trying to do. Really, apache should be running scripts with suexec or something like that, too.
Hope that helps,