How to setup an additional ubuntu user for Magento

Noury_Micron · September 5, 2020, 10:12am

I would like to create and design an online store by using Magento 2.
I installed Magento 2.4 on Ubuntu 20.04 server, “Magneto” is the magento project folder.
I found a Magento developer that has some extensions which I need for my online store.
I’d like to set minimum folder/file permissions to a user to install, customize and support extensions on Magento 2.

I created a new user “webdev01”, for the Magento developer to use it to install and customize the extensions by using SSH.

How can I set the minimum of the folder/file permissions to the project folder and subfolders “Magneto”? so the “webdev01” user can install, customize and support extensions.
Does “webdev01” needs to be a member of the www-data group?
Does “webdev01” needs access to the MySQL database?
If yes, How can i set minimum permissions?
Should I edit something in the SELinux for “webdev01” users?

Please help me to do that by sending me the command line.

Thanks and best regards,
Noury

digitalstartup · September 7, 2020, 12:43pm

Firstly, kudos for thinking about this. It’s always great to see people consider security.

Personally, I use a different deployment workflow where 3rd parties don’t have access to my Production Server. But I guess that’s a much longer conversation for another day.

But, to answer your questions:

You’d want to ensure that the webdev01 user is part of the www-data group.
You’d need to ensure that the permissions of any folders/files you wanted them to edit where Group Writable (i.e. anyone in the www-data group).
It’s unlikely that a developer would need access to MySQL unless attempting to debug an issue, perhaps. I guess it depends on the scenario and whether they would be making changes or simply referencing data.
I’m not familiar with SELinux, sorry.

Noury_Micron · September 7, 2020, 5:02pm

Hello @digitalstartup

Thanks for your help and the answer.

Could you please send me the command line to do the following?

You’d need to ensure that the permissions of any folders/files you wanted them to edit where Group Writable (i.e. anyone in the www-data group).

I have 3 more questions please:

Which Linux server is better for Magnet2? CentOS or Ubuntu?
Which SQL server is more secure and faster (performance) for Magneto - MariaDB or MySQL?
Which web server is more secure and faster (performance) for Magnet - Apache or Nginx?

Thanks.

digitalstartup · September 8, 2020, 9:16am

Changing Permissions is dynamic. i.e. What you set it to will depend on what it was to begin with. Most files will already be writable for the www-data group anyway. As your devs will be working in the app/ folder, you might not have to change a thing.

Never heard or Magnet2. OS is personal preference. Just go with what you already know. All my tutorials are written for Ubuntu, so you might want to use that for that reason.
I think MariaDB and MySQL are equally secure. Magento recommend MySQL, so I’d make the decision on that.
Apache vs Nxginx. Again, this come down to personal preference. Both are well documented solution. Albeit, my tutorials are written for Apache.

Having said all of that, I’m not in DevOps. So, you might want to fact check what I’ve said against unix.stackexchange.com/

Noury_Micron · September 8, 2020, 6:26pm

Thanks a lot i really appreciate it

system · September 10, 2020, 6:26pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.