Adding an ssh or SFTP user for Vaultpress

May 16, 2017 127 views
WordPress Ubuntu 16.04

I need to add a new user so wordpress Vaultpress can connect for backups. Thing is it needs read-write access.

Steps so far:

useradd vaultpressr
passwd vaultpress
usermod -m -d /path/to/website/public vaultpress

usermod -G www-data vaultpress

So now I have a user named vaultpress, who is part of the www-data group, who can SFTP in directly to the directory I need vaultpress to back up.

Except vaultpress can't write to the directory. Vaultpress needs write ability to put files back.

I frankly don't know what rights the various groups have, I was hoping that being part of the www-data group would give vaultpress the correct rights.

What to do next.

Thanks!

1 Answer

@jeffrey6f729b2968bb9ab9eaf

Unless their setup has changed recently, you shouldn't need to create a separate user. The plugin runs as the user and group that currently owns your files and directories -- if that's www-data, then that's who the plugin will run as and who the plugin will use to restore files if required.

If you specify another user and files and directories are restored as that user and group, you may run in to issues and have to reset the ownership back to www-data in the event you do need to restore.

By default, files are generally chmod 644 and directories chmod 755.

In the the case of writing files to a directory, a chmod of 755 only provides write permissions to the owner, not the group or other. So even though your vaultpress user is a member of www-data, the group, they are not the owner.

In the case of files, 644 only provides read and write to the owner, while only providing read to the group and other. So, much like with directories, if vaultpress tries to write to a file, it wont be able to.

...

If your files and directories are owned by www-data:www-data, then that's what the plugin would and should use.

Have another answer? Share your knowledge.