i'm hosting a simple php Script wich create folders and upload images , it has a simple admin page (serverip/admin) .
i tested the scripts in my local server and it works perfectly , but in my server it doesnt and i believe its a permissions issue .
my /var/www/ folder permissions :
root#WallApi:/var/www/html# ls -l
total 8
-rw-r--r-- 1 root root 1 Jul 13 00:56 index.php
drwxr-xr-x 7 root root 4096 Jul 13 00:55 Script
root#WallApi:/var/www/html#
i have no group users i simply want to be able to upload / create etc using the script
if you are using LAMP you should change the permission owner to apache user or change permission to 777.
1) Change owner
chown -R apache:apache /var/www/html
2) Change perssmion ( not recommend)
chmod -R 777 /var/www/html
p/s update
The permissions on this folder are:
chmod 755 /var/www/
and the files inside the folder are:
chmod 644 /var/www/file
The default permission for /var/www itself is a pretty standard one: owner root:root and mod 755.
As for anything inside /var/www, that is one of the rare directories where you have the privilege of deciding for yourself what to put in it and what permissions everything in it should have. But what makes the most sense is:
Most files should be writable by whichever user or group is going to be writing to them most. You can set them to be owned by your user account. Or set up a custom group for your developers. Or if the files will be modified rarely and you want good security, you can go with root:root and just sudo in on the rare occasions they'll be modified.
Most files should not be world-writable. So, 644 for files, and 755 for directories is appropriate (or 664 and 775 if you want to give a group write access).
It is not recommended to set any of it to be writable by the web server, ie www-data, except for any specific files your web scripts to be able to write to. If so, it's better to set the user or group of those files to www-data than to make them world-writable. Note that any time the www-data user can write to any file within the web root, whether it's by setting the user or group on those files, or making them world-writable, it's a potential security problem. World-writable is just the worse of the two.
I am using apache server for deploying php web application and creating one directory using following code.
<?php
mkdir (tmpdir);
?>
but i found its user is www-data.
drwxr-xr-x 2 www-data www-data 54 Mar 20 15:22 tmpdir
but i chnaged the username to user using follwoing command
sudo chown -R user:user /var/www
resatrted the apache server but still same user exists.May i know, how can i change the user?
You will find in httpd.conf User and Group change its values to what you want
Please read this link
I don't have too much experiences with servers but I've tried to do something ;)
I have my WP webpage on amazon EC2 and
I wanted to edit some settings in php.ini through filezilla (sftp) But I had to set permissions to my user:
sudo chown -R ec2-user:ec2-user /etc
But now I can't even restart apache or set back permissions to root
If i try to do something like this:
sudo chown -R root:root /etc
or
sudo systemctl restart apache2.service
I see this information:
"sudo: /etc/sudo.conf is owned by uid 500, should be 0 sudo: /etc/sudoers is owned by uid 500, should be 0 sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin"
What can I do?
You should never do sudo chown -R ec2-user:ec2-user /etc. You have modified the permission settings of your entire /etc directory.
/etc is a very important folder for your operating system that's why you're getting the error.
launch a new instance and backup your source code from your previous instance and re-upload the code. let me know if you have any issues.
I'm not understanding why you can't modify your php.ini file? You need to ssh into the server and edit the file. If you can't do that, you need to move the file to the ftp folder where it's permissible, modify the file and put the file back to it's original location and restart apache.
Furthermore, I recommend you use Ubuntu for your Wordpress server rather than using Centos or Amazon Flavour of Linux.
log into putty as ec2-user
sudo su
[root#ip-yoursite- home]
now for php 5.0 sudo vim /etc/php.ini
for php 7.0 use sudo vim /etc/php-7.0.ini
press i and now search for upload_max_filesize =100M , post_max_size=100M
(change as per your requirement)
press esc ,now save and exit use this command:wq
restart your apache server
sudo service httpd restart
The short answer is that chown -R is recursive and there are lots of utilities and other files and programs required for various operations, including sudo and su. Root is a special user with uid 0, and that user has greater permissions, and the ability to perform certain operations, that ec2-user cannot. This means that undoing what you have done is not simple or straightforward.
This is why the answers provided so far focus on a reinstallation of the operating system, which is what I would also recommend. It is likely faster.
Another part of this answer is to not try and sftp into the server to change core files. It would require having an sftp login land at the root (or /etc) directory, and that is not a common configuration.
Instead, use sftp or scp to copy changed files to a user directory, and them move them from a command prompt (ssh/bash shell). For simple textfile editing, it is easier to use a command line text editor such as nano which is more user friendly than some of the older editors.
As well, the file itself does not nor should it have its permissions changed, rather, once logged in, use sudo or su to perform the operations. Example:
ssh ec2-user#host.domain.tld
sudo su
nano /etc/php.ini
Imagine that you have a series of boxes, each with two numbers inside. These numbers are mostly 0:0 but could be any whole numbers up to 2^31-2.
The numbers are independent, so 0:0 and 0:42 are both possible. Your -R flag recursively changes all of these numbers in all of the boxes to the same pair.
This loses information. (Without a backup) there is no easy way to know what the numbers in the boxes were before you ran the command.
If you have a matching, (or very similar) server you might be able to restore most of the permissions using rsync, or use a script to record the uid:gid of each file on the working server into a log file and then use that to correct the permissions on the broken server.
ls -n
will show you the numerical values for uid and gid (3rd and 4th column on my linux servers.)
There are two options.
Create a new instance on Amazon. Check the file permissions on the new machine.
cd /etc
ls -lrt
This should give result like this
-rw-r--r-- 1 root root 2064 Nov 24 2006 netscsid.conf
-rw-r--r-- 1 root root 1343 Jan 10 2007 wodim.conf
-rw-r--r-- 1 root root 624 Aug 8 2007 mtools.conf
-rw-r--r-- 1 root root 2570 Aug 5 2010 locale.alias
-rw-r--r-- 1 root root 356 Jan 2 2012 bindresvport.blacklist
-rw-r--r-- 1 root root 349 Jun 26 2012 zsh_command_not_found
Set the same permission on old EC2 instance one by one.
Example
chown -R root:root netscsid.conf
You could create a new setup.
PS: for future, You could use this command for changes in php.ini file rather than changing owner or permission.
sudo vim /etc/php5/apache2/php.ini
No need to change ownership of the folder that contains the php.ini file.
Aim: Grant permission to user 'ec2-user' so that FileZilla can write to /etc folder which contains the php.ini file.
Doing this we can rename the original php.ini file and replace the php.ini file with a modified copy.
Steps:
Login to ec2 instance via 'Putty'
Navigate to the folder that has the php.ini file
example:
cd ../
Use:
ls -l
to list files nd folders with their permissions
Look for the line that shows the folder that contains the php.ini file
somthinng like this:
drwxr-xr-x 80 root root 4096 Jul 11 08:15 etc
Change permissions of this folder:
sudo chmod 777 etc
(NOTE:Change it back to the original permissions later)
Use:
ls -l
to see the change
Restart Apache:
sudo service httpd restart
Now FileZilla will have permission to that folder,
rename the origial php.ini file to revert back in future
replace the php.ini file with a modifided copy
Check ur site(a page which has errors) after a minute, the errors will be displayed.
I am trying to use unlink to delete a file I currecntly have the below code:
unlink(Yii::getAlias('#webroot') . $userprofile->avatar);
The path is correct as I have used echo within the view to check and it point to the correct file that I wish to delete, however I get the below error:
unlink(/Applications/MAMP/htdocs/advanced/Final Prototype): Operation not permitted
Could this be a permissions thing in terms of not being the owner if so how can I check, do I need to do chmod on the file or some directories?
Note: Working on Mac OS X and using MAMP
Change the owner of web directory and its files to your web server user (e.g. www-data for apache).
In apache you can find the user and group on *inx systems, from httpd.conf by looking for User or Group. For example my httpd.conf file on arch linux is:
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User http
Group http
</IfModule>
So with this config you can run chown -R http:http web on root of Yii project.
If the problem was persistent, also you need to change permissions of web folder for having write rule on user and group (chmod -R 755 web may be a temporary solution for this. You must move your files to an upload folder and change permission of that to 755).
I'm hosting a LAMP EC2 instance via Amazon AWS.
Part of my website allows users to upload files. Unfortunately, the server is not able to store permanent copies in the "uploads" folder because it is lacking necessary permissions.
A PHP script is called that will store a file to the "uploads" folder. The upload will fail while the upload folder has standard 755 and 775 permissions. However, when i change the folder permissions to 777 (world permissions), it works.
For obvious reasons, I don't want to use 777 world permissions. How can i make it so that the server has permission to write files to the "uploads" folder?
Thanks guys.
This might be an issue with the Ownership of the upload folder.
The ownership of the folder can be checked by the following command
ls -l
Sample Output:
-rw-r--r-- 1 root root 0 Aug 31 05:48 demo.txt
.
Here it can be seen that the both the USer of the File is root and the Group of the File is root.
Executing this command inside a directory will show the permissions and ownership of all the files and folders in that folder.
Now with LAMP stack you need to make sure the ownership will be with the
Apache User i.e. www-data and Apache Group again www-data.
This can be done by going in the root folder of your application and and executing the Command
chown -R www-data:www-data
Sample Output:
-rw-r--r-- 1 www-data www-data 0 Aug 31 05:48 demo.txt
This will recursively change the ownership of all the files and folders inside the Root Directory to the Apache User and Group.
The Common cause of this issue is when you have downloaded the package or files , you have obviously done it as a local or root user and Apache is not having permissions to do it. Or you have created a directory manually.
This is the basic idea to solve the issue, you also just might want to consider to execute this command and change the ownership of just your "uploads" directory .