Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

user running webser as

Posted on 2002-07-26
7
Medium Priority
?
170 Views
Last Modified: 2011-09-20
How do I make sure that the user that my Web server is running as is able to write
to:

        /usr/local/roads/logs
        /usr/local/roads/guts
        /usr/local/roads/source
with apache on linux
0
Comment
Question by:mafiq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 15

Expert Comment

by:samri
ID: 7184475
mafiq,

make sure the userid the webserver is running (apache on linux, or nobody on other platform, or check the config file for User and Group directive), and make sure the respective user/group has write permision to these directories.

Another approach is to have apache to run with the same userid/group to those that has write access to the directories mentioned.

Another is to chmod 777 to the directories(haha... this is a BIG way too BIG security hole), but it should work.

Another approach is to look at SuExec feature.  Take a look at Apache docs site on some SuExec documentations.  It's pretty stratighforward, and quite extensive.

http://httpd.apache.org/docs/suexec.html

cheers.
0
 

Author Comment

by:mafiq
ID: 7184515
I have tried to check in the httpd.conf file but could not figure out what changes to make

Help pliz
0
 
LVL 15

Expert Comment

by:samri
ID: 7184634
Mafiq,

check the permission on those directories you wish the webserver could write to

In /usr/local/roads directory, do a "ls -l", and post the detail lines for these directories;

       /usr/local/roads/logs
       /usr/local/roads/guts
       /usr/local/roads/source

And in you httpd.conf (apache config file), look for the line that says "User" and "Group" keyword.  By default it should be "User apache", and "Group apache" with no quote (").

Btw;  What exactly you desired when you mentioned "is able to write".  Do you mean, get the CGI to write to some file?  Or in a bigger picture, what do you want to do?  Maybe we could assist with direct solution, or alternate solution could be offerred.

Cheers.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:mafiq
ID: 7184647
CGI programs shld write to files in the directories I supplied.
0
 
LVL 15

Accepted Solution

by:
samri earned 92 total points
ID: 7184816
mafiq,

A quick approach would be changing the group ownership of the directories to the same of apache group id,

# chgrp -R apache /usr/local/road/logs

This will change group ownership of ALL files in the directory to apache group.

and do a

# chmod g+w /usr/local/road/logs

(repeat the same for other dirs).  This would give write access

If you know that the server would be writing to a specific file, just change group/permission for that specific file.

0
 
LVL 15

Expert Comment

by:periwinkle
ID: 9691115
No comment has been added lately, so it's time to clean up this TA.

I will leave a recommendation in the Cleanup topic area with the following recommendation for this question:

Answered by Samri

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

periwinkle
EE Cleanup Volunteer
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses
Course of the Month8 days, 3 hours left to enroll

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question