These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for File manager for virtualsites users doesn't work "Failed to list /" on the new forum.
Web Hosting and Cloud Computing Control Panels
Anything? Anyone?
I have the same issue, the filemanager wont work for domain masters accounts. the error reported is (failed to list / - permission denied) like it was tring to access main / directory and not the user home. testing main module config i can use file manager only if i log with full permissions on webmin.
Hi Giorgio,
I also tried to input correct path to logged user, still same error arises.
Hopefully someone will answer.
Thanks.
Hmm, we haven't been able to reproduce this particular problem...
However, if you look in
/etc/webmin/file, you'll see a .acl file for each user on your system.Can you post the contents of a .acl file for a user who is having this problem?
Thanks!
-Eric
It's same for all users.
for exampl
File: epr2.com.acl Line 1 Col 0 62 bytes 100%
follow=0 noconfig=1 uid=527 goto=1 root=/home/epr2.com home=0
Kristijan
It's same for all users for me too.
and the content of acl file is same as nosco:
follow=0 noconfig=1 uid=*** goto=1 root=/home/***** home=0
for more info my system is: Operating system CentOS Linux 6.0 x64 Webmin version 1.570 Virtualmin version 3.89.gpl GPL I hope this can help .
I have found what is my problem. I use LES to secure my system binaries, and it is the problem. Andreychek you can replicate the problem by following this guide and enable all options. http://www.securecentos.com/basic-security/install-les/
If i disable it all works fine, but disable it is a security risc, so if you can tell us wich system binaries the file manager need we can set right permission only in needed binaries.
Thanks.
Yes, I also use LES ;)
Now we can try to find solution.
Thanks
I tried to check configuration files of les and option to exclude file manager folder, but documentation is very thin, still no success.
After a bit of testing i found how to solve this problem. This is the solution:
Remember to disable all les options befor doing this changes
Edit your /usr/local/les/opt.dat
find the line: sec_paths="/ /home /etc /var /usr/etc /usr/local/etc /var/log /sbin /usr/sbin /usr/local/sbin"
replace with this: sec_paths="/home /etc /var /usr/etc /usr/local/etc /var/log /sbin /usr/sbin /usr/local/sbin"
Reenable les
For Andreychek: You need to correct your guide (Securing Your Server HOWTO) in documentation area: http://www.virtualmin.com/documentation/id,securing_your_server_howto
Hi Giorgio,
What are repercussions? And why was / there in a first place?
Les secure-path feature change folders permission from 755 to 711, this deny the listing of content from non root users. but 755 still deny any changes of / content fron non root users.
The strong security emprovement that Les do is by enforcing immutable bit on essential rpm package and enforcing root-only permissions on critical system binaries, this is in my opinion the main security enancement of Les, it also prevent listing of critical path, but i think if someone can call the listing of your / you are already hacked. Obviously is better have 711 then 755 but it is not essential.
I dont know why file manager need to list the / content to work, i hope someone of virtualmin team can answer us on this point.
Thanks, I couldn't explain that better. I especially like the "you are already hacked" part ;).
Yes probably some option within file manager could solve this ...
Anyway thank you for a solution.