High-level user on Media Temple DV managed server (Plesk)

I've recently set up a DV Managed server from Media Temple. I'm not sure if my question is specific to Media Temple, Plesk or Linux in general.

I'm open to alternatives but basically what I am trying to do:

Usecase: I'd like to have 1 "high-level" ssh login that has access across all domains associated with the DV server. I'm currently deploying sites for clients using git/github/ssh.

In Plesk, I create Customers > Subscriptions (I add their domain(s) and user here).

This creates a domain in the var/www/vhosts/ directory.

I'd like to have one ssh login that I can use to cd and git pull in that directory. Ideally I don't create a new user for each customer and set up ssh to work appropriately with git.

I chatted with Media Temple a few times and they pointed me in a few directions but nothing really seemed to work.

One article seemed to say what I wanted:

This example will create an SSH user with access to the /var/www/vhosts/ directory, which is where all of your website files are kept.

but after creating a high-level user, that user still does not have access to directories (domains) inside the /vhosts/ directory

Root would work, but I'm not comfortable always logging in as root.

I could also forgo the Customers/Subscriptions and just put everything under 1 company - but that sort of defeats the purpose of how Plesk is set up with subscriptions.

I'm sure that's all about as clear as mud.

Update: I am using Plesk v11.5.30 in the Service Provider view.

Answers


Subscriptions are designed to isolate domains and users from each other, so there is no natural solution for such server-wide user. You can make a "shared" user and include it in :psaserv and :psacln groups (used by Plesk internally), so such user will be able to browse other subscriptions' folders to certain degree. Still some folders may remain closed.

W/o ACL, Linux file privileges are simple & clear, but not very flexible.


Completely agree with Sergey, just a few moments:

  • content of all domains in single subscription stored in one folder(just check it), so you already get one non-root FTP/SSH user which will has access to all files of all domains;

  • in single subscription you can create single database user with access to all databases created in subscription;

  • in single subscription PHP code is executing under single user for all domains, so you have to be 100% sure of security of every of your projects during all time of their existing


Need Your Help

Sencha Touch 2 nested models and data stores

sencha-touch extjs sencha-touch-2

I hardly even know how to ask this one, but here goes.