diff --git a/TROUBLESHOOTING.md b/TROUBLESHOOTING.md index 174ec13..d9775d7 100644 --- a/TROUBLESHOOTING.md +++ b/TROUBLESHOOTING.md @@ -221,6 +221,37 @@ This script will check all aspects of the user account and provide detailed diag --- +## Quick Fix: Webroot Write Permissions + +If users cannot create folders or files in the ROOT directory, run this standalone fix script: + +```bash +# Download and run the fix script +wget https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/fix-webroot-permissions.sh +chmod +x fix-webroot-permissions.sh +sudo ./fix-webroot-permissions.sh +``` + +Or manually fix: +```bash +# Ensure litespeed group exists +groupadd -f litespeed + +# Set group ownership +chgrp -R litespeed /var/www/webroot/ROOT + +# Add group write permissions +chmod -R g+w /var/www/webroot/ROOT + +# Verify +ls -ld /var/www/webroot/ROOT +# Should show: drwxrwxr-x or drwxrwsr-x (group has write) +``` + +**Note**: The addon code (version 0.7+) automatically fixes this during installation or when creating new users. If you have an existing installation, either: +1. Update/reinstall the addon, OR +2. Run the fix script above + ## Common Issues and Solutions ### Issue: "Permission denied" when logging in diff --git a/fix-webroot-permissions.sh b/fix-webroot-permissions.sh new file mode 100644 index 0000000..0fb7f25 --- /dev/null +++ b/fix-webroot-permissions.sh @@ -0,0 +1,95 @@ +#!/bin/bash + +# ============================================================================== +# Standalone script to fix webroot permissions for existing installations +# This ensures /var/www/webroot/ROOT has correct group ownership and permissions +# ============================================================================== + +WEBROOT_DIR="/var/www/webroot/ROOT" + +echo "==============================================================================" +echo "Webroot Permissions Fix Script" +echo "Fixing permissions for: $WEBROOT_DIR" +echo "==============================================================================" +echo + +# Check if webroot exists +if [ ! -d "$WEBROOT_DIR" ]; then + echo "ERROR: Webroot directory does not exist: $WEBROOT_DIR" + exit 1 +fi + +# Check if running as root +if [ "$EUID" -ne 0 ]; then + echo "ERROR: This script must be run as root" + echo "Please run: sudo $0" + exit 1 +fi + +# Check if litespeed group exists +if ! getent group litespeed > /dev/null; then + echo "Creating litespeed group..." + groupadd litespeed + if [ $? -eq 0 ]; then + echo "✓ Created litespeed group" + else + echo "ERROR: Failed to create litespeed group" + exit 1 + fi +else + echo "✓ litespeed group exists" +fi + +# Check current group ownership +CURRENT_GROUP=$(stat -c '%G' "$WEBROOT_DIR" 2>/dev/null) +echo "Current group ownership: $CURRENT_GROUP" + +if [ "$CURRENT_GROUP" != "litespeed" ]; then + echo "Setting group ownership to litespeed..." + chgrp -R litespeed "$WEBROOT_DIR" + if [ $? -eq 0 ]; then + echo "✓ Set group ownership to litespeed" + else + echo "ERROR: Failed to set group ownership" + exit 1 + fi +else + echo "✓ Group ownership is already litespeed" +fi + +# Check current permissions +CURRENT_PERMS=$(stat -c '%a' "$WEBROOT_DIR" 2>/dev/null) +echo "Current permissions: $CURRENT_PERMS" + +# Extract group write bit (second digit) +GROUP_WRITE_BIT=$(echo "$CURRENT_PERMS" | cut -c2) +echo "Group permissions bit: $GROUP_WRITE_BIT" + +# Check if write bit is NOT set (4=r--, 5=r-x, 1=--x, 0=---) +if [ "$GROUP_WRITE_BIT" = "4" ] || [ "$GROUP_WRITE_BIT" = "5" ] || [ "$GROUP_WRITE_BIT" = "1" ] || [ "$GROUP_WRITE_BIT" = "0" ]; then + echo "Adding group write permissions (current group bit: $GROUP_WRITE_BIT)..." + chmod -R g+w "$WEBROOT_DIR" + if [ $? -eq 0 ]; then + echo "✓ Added group write permissions" + NEW_PERMS=$(stat -c '%a' "$WEBROOT_DIR" 2>/dev/null) + echo "New permissions: $NEW_PERMS" + else + echo "ERROR: Failed to add group write permissions" + exit 1 + fi +else + echo "✓ Group already has write permissions" +fi + +echo +echo "==============================================================================" +echo "Verification:" +echo "==============================================================================" +echo "Directory: $WEBROOT_DIR" +echo "Ownership: $(stat -c '%U:%G' "$WEBROOT_DIR")" +echo "Permissions: $(stat -c '%a' "$WEBROOT_DIR") ($(stat -c '%A' "$WEBROOT_DIR"))" +echo +echo "==============================================================================" +echo "Fix complete! Users in the litespeed group should now be able to write." +echo "==============================================================================" +