My php-fpm.conf file is created by a cpanel server, this is the file:
[site]
catch_workers_output = yes
chdir = /home/user1
group = "user1"
listen = socket
listen.group = "nobody"
listen.mode = 0660
listen.owner = "user1"
My problem is the public_html folder. The owner of the pubic_html folder is user2. To have permissions correctly user1 is in the user2 group and the public_html folder permissions are user2:user2 471.
With that configuration im getting writings errors. And i need to the files to 477 to correctly write the files.
Why im getting writings errors, if php-fpm is running by and user inside the group of the dir owner?
I tried putting some dir permissions, 571,771, and im getting the sames errors. Is not possible to change the user2 dir owner so i dont really getting, why php doesnt write if have user1 inside the group of user2
Related
I want to allow for Apache to upload files to user home directory /homw/username/upload_files which is outside the webserver root /var/www/website/
my apache server is currently running under user "www-data".
I changed the group owner of the target folder /homw/username/upload_files to www-data , and changed the permission to rwx
drwxrwxrwx 2 www-data www-data 6 Dec 6 09:46 upload_files
However, I am not able to figure out how to allow for apache to upload files to user's home directory.
I suggest one of the following approaches and both working with me.
1- Change Ownership of full path /home/username/upload_files to apache user www-data and give owner-write permission.
sudo chown -R www-data:www-data /homw/username/upload_files
please note that this will change owner of home directory including all entire folders to www-data
2- So, I prefer to move the upload_files to root directory and change the owner to www-data
sudo chown -R www-data:www-data /upload_files
i'm hosting a simple php Script wich create folders and upload images , it has a simple admin page (serverip/admin) .
i tested the scripts in my local server and it works perfectly , but in my server it doesnt and i believe its a permissions issue .
my /var/www/ folder permissions :
root#WallApi:/var/www/html# ls -l
total 8
-rw-r--r-- 1 root root 1 Jul 13 00:56 index.php
drwxr-xr-x 7 root root 4096 Jul 13 00:55 Script
root#WallApi:/var/www/html#
i have no group users i simply want to be able to upload / create etc using the script
if you are using LAMP you should change the permission owner to apache user or change permission to 777.
1) Change owner
chown -R apache:apache /var/www/html
2) Change perssmion ( not recommend)
chmod -R 777 /var/www/html
p/s update
The permissions on this folder are:
chmod 755 /var/www/
and the files inside the folder are:
chmod 644 /var/www/file
The default permission for /var/www itself is a pretty standard one: owner root:root and mod 755.
As for anything inside /var/www, that is one of the rare directories where you have the privilege of deciding for yourself what to put in it and what permissions everything in it should have. But what makes the most sense is:
Most files should be writable by whichever user or group is going to be writing to them most. You can set them to be owned by your user account. Or set up a custom group for your developers. Or if the files will be modified rarely and you want good security, you can go with root:root and just sudo in on the rare occasions they'll be modified.
Most files should not be world-writable. So, 644 for files, and 755 for directories is appropriate (or 664 and 775 if you want to give a group write access).
It is not recommended to set any of it to be writable by the web server, ie www-data, except for any specific files your web scripts to be able to write to. If so, it's better to set the user or group of those files to www-data than to make them world-writable. Note that any time the www-data user can write to any file within the web root, whether it's by setting the user or group on those files, or making them world-writable, it's a potential security problem. World-writable is just the worse of the two.
I have 2 php applications running on my server and the files within these applications are owned by 2 users (user1 and user2)
The ownership of the files look like this user1:www-data and user2:www-data. I assign www-data as group so my php application can easily write to the files when the permission is set to 775.
So I set all file permissions to 755 and 775 (for files that have to be written to).
Everything good so far, the only problem is that when my php application created a file it sets the ownership to www-data www-data which is not what I want. I want php to set the permission to iether user1:www-data or user2:www-data depending on which application it is.
I am using Nginx 1.6.3 and php 5.5.24 with php-fpm.
You could set the setgid flag on the directory where the files are being saved.
setgid will cause files saved in that directory to be owned by the same group as the directory itself
chmod g+s directoryname
I'm hosting a LAMP EC2 instance via Amazon AWS.
Part of my website allows users to upload files. Unfortunately, the server is not able to store permanent copies in the "uploads" folder because it is lacking necessary permissions.
A PHP script is called that will store a file to the "uploads" folder. The upload will fail while the upload folder has standard 755 and 775 permissions. However, when i change the folder permissions to 777 (world permissions), it works.
For obvious reasons, I don't want to use 777 world permissions. How can i make it so that the server has permission to write files to the "uploads" folder?
Thanks guys.
This might be an issue with the Ownership of the upload folder.
The ownership of the folder can be checked by the following command
ls -l
Sample Output:
-rw-r--r-- 1 root root 0 Aug 31 05:48 demo.txt
.
Here it can be seen that the both the USer of the File is root and the Group of the File is root.
Executing this command inside a directory will show the permissions and ownership of all the files and folders in that folder.
Now with LAMP stack you need to make sure the ownership will be with the
Apache User i.e. www-data and Apache Group again www-data.
This can be done by going in the root folder of your application and and executing the Command
chown -R www-data:www-data
Sample Output:
-rw-r--r-- 1 www-data www-data 0 Aug 31 05:48 demo.txt
This will recursively change the ownership of all the files and folders inside the Root Directory to the Apache User and Group.
The Common cause of this issue is when you have downloaded the package or files , you have obviously done it as a local or root user and Apache is not having permissions to do it. Or you have created a directory manually.
This is the basic idea to solve the issue, you also just might want to consider to execute this command and change the ownership of just your "uploads" directory .
I've uploaded some php scripts to my server under /php directory and sub directories.
When using my root user in terminal and running php file.php it execute it perfectly, but when trying to reach the same file through the browser - nothing happens...
I guess it something to do with permissions.
I've tried chmod 755 phpdirectory but it doesn't work..
what else should i do in order to give the browser user the ability to run php scripts ?
Update
I'm using FreeBsd system with apache and Direct Admin on it.
Can some one please guide me to where to check the settings ?
Usualy All webb access to a file is done through a specific user (eg. www-data) in order for the file to be reachable through web www-data needs permission to reach the code. How you setup that depends on what system the server is running.
Also the server document_root needs to be setup correctly. Where you do this also depends on what server you are runnning.
EDIT after update question.
In apache this is normally done through the file /etc/apache/sites-avalible/your_site
If the server only serves one page you can do this in http.conf
Check whether the User directive inside httpd.conf file is same as the user you used to ran the PHP script.
You need to make sure your PHP scripts have same user and group as you configured in Apache configuration(/etc/httpd/httpd.conf in CentOS 6.4).
# User/Group: The name (or #number) of the user/group to run httpd as.
User apache
Group apache
Check the owner and group of your PHP directory and files. In this case owner and group (root/root) are not same as Apache User and Group.
# ls -alh
total 516K
drwxr-xr-x. 5 root root 4.0K Aug 29 17:57 .
drwx------. 5 root root 4.0K Jun 24 12:06 ..
-rwxr--r--. 1 root root 356K Jul 7 2012 index.php
To change the owner and group of your PHP directory. Use the following command.
# chown -R apache:apache www