Users on your Virtual Private Server can have different permissions, which grants or denies them access to use Shell, FTP, E-mail, or Web space. These permissions can be set or changed when you Manage User Accounts.

Email Permissions

In order to use a remote Email client (such as Microsoft Outlook) to send and receive E-mail, a user must have E-mail permissions. E-mail permissions allow a user to remotely send messages with SMTP, and to use POP or IMAP to download messages. When adding a user with the vadduser command, E-mail is enabled by default.

NOTE: Users who wish to use IMAP services to check and store E-mail need to have both E-mail and FTP permissions.

Select/deselect services [email ftp shell web]:

To remove E-mail, type email at the prompt shown above. You will then see the same list as above, except the email entry will be removed.

Select/deselect services [ftp shell web]:

You can re-add E-mail to the list by typing email at the prompt.

To modify E-mail permissions for a user who already exists, you can edit the /etc/group file. A user with E-mail permissions needs to be listed in the pop and imap group member list. Below is an example of the pop group entry with two users (admin and test).


FTP Permissions

To allow users to use FTP to copy files to and from the Virtual Private Server, they must have FTP access. You can allow or disallow FTP access when you set up the user with the vadduser command, or you can add or remove the user from the ftp group in the /etc/group file. (see E-mail permissions above).

NOTE: Users who wish to use IMAP to check and store E-mail messages must have FTP and E-mail permissions.

NOTE: The SFTP and FTP over SSH protocols base access off shell permissions, not FTP permissions.

Shell Permissions

Granting VPS users shell access gives them the power to connect to their filespace on the server and work directly with files and run commands. When you give a user shell access using the vadduser tool, you will be prompted to select a shell for the user from a list. Because the shell access is defined at the end of the user's entry in the /etc/passwd file, you need to use the pw command to change the default shell or to disable or enable shell access. A user without shell access will have /sbin/nologin as their shell.

NOTE: Any user with shell permissions will be able to send and receive E-mail messages using a local E-mail client program (such as pine). In order to use a remote client program (such as Microsoft Outlook), the user must also have E-mail permissions.

NOTE: The SFTP and FTP over SSH protocols base access off shell permissions, not FTP permissions.

Web Permissions

Web access permissions grants a user space to publish web content. It does not have any effect on whether or not a user can view any web material. A user with Web access permissions turned on will have a www directory in in their home directory with locations for CGI scripts, logfiles, and web pages. By default, a web user will be able to view their own pages by going to the VPS primary domain name followed by a tilde (~) and their username, as in the example below.


There are a number of different ways you can set up Web space for a user, as well as being able to associate domain names with the Web space. For more information see Sub Hosting Web Sites.

Please note: the information on this page applies to ITS web hosting plans. It may or may not apply to other environments. If you are looking for a feature described here, or better support from your hosting provider, please consider hosting your site with ITS!

1555 N Naperville/Wheaton Road, Suite 107
Naperville, IL 60563
phone 630.420.2550
fax 630.420.2771