Mark Rogers <mark@quarella.co.uk> wrote:
I need to create an FTP user that can upload images that the webserver will use (simple: I symlink the directory into the relevant path in DocumentRoot), however I also need Apache to be able to write to the files (images will be uploaded by the website admin backend as well as via FTP). How do I achieve this?
I can add Apache (www-data) to ftpgroup, which should solve this but would also give Apache write access to all files uploaded by any FTP user, which I don't want to do. [...]
Why would it? If the directory is group-writeable but the files aren't, Apache could delete them (IIRC), but you can avoid that by setting the sticky bit (+t) on the directory. See man chmod. Maybe I'm not understanding what you're trying to do. Really, apache should be running scripts with suexec or something like that, too. Hope that helps, -- MJ Ray (slef) Webmaster for hire, statistician and online shop builder for a small worker cooperative http://www.ttllp.co.uk/ http://mjr.towers.org.uk/ (Notice http://mjr.towers.org.uk/email.html) tel:+44-844-4437-237