Join Log in
Score:0
Borassign avatar Server

Ubuntu SFTP "fatal: bad ownership or modes for chroot directory component"

tt flag
Borassign

I know this has been answered before, but all the answers make absolutely no sense in my use-case to be honest. I'm hosting a Laravel application on my Ubuntu server, and I've created a separate user laravel and cloned my app into; /var/www/my-app.

Essentially, I want to enable SFTP for /var/www/my-app/storage/app so that I can upload files to process in my web app. Security isn't too big of an issue since this app will only be hosted on an intranet with no external access.

This is the log I get in /var/log/auth.log when trying to connect via SFTP.

Mar 31 13:11:35 ubuntu sshd[40819]: pam_unix(sshd:session): session opened for user laravel by (uid=0)
Mar 31 13:11:35 ubuntu systemd-logind[823]: New session 42 of user laravel.
Mar 31 13:11:35 ubuntu sshd[40907]: fatal: bad ownership or modes for chroot directory component "/var/www/my-app/"
Mar 31 13:11:35 ubuntu sshd[40819]: pam_unix(sshd:session): session closed for user laravel
Mar 31 13:11:35 ubuntu systemd-logind[823]: Session 42 logged out. Waiting for processes to exit.
Mar 31 13:11:35 ubuntu systemd-logind[823]: Removed session 42.

Most answers online to solve this say you need to make sure root owns the folder. However, my concern is, my user laravel NEEDS to own the /var/www/my-app otherwise it will get permission errors when writing log files, reading files, etc... I already spent enough time dealing with that and solved it, and I really don't want to go down that rabbit hole again because it was incredibly stressful.

All I want to do is allow a user to login via SFTP to the folder /var/www/my-app/storage/app and be able to upload/remove files. Like I said, security isn't too much of an issue due to the intranet thing so I don't mind just logging in with the laravel user itself instead of creating a new one, since I really just don't understand permissions anymore in Linux as it seems nonsensical. It seems pretty stupid that in order to give the user laravel SFTP permission to upload/download, I have to start tinkering with root and giving root ownership over random folders when I don't even want root to have ownership of them, I want laravel to have ownership of them and that's it.

Any help is appreciated. Thanks.

20
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.