Solved

files/folders; users; access rights; problems

Posted on 2003-11-30
7
307 Views
Last Modified: 2006-11-17
I'm currently developping several scripts that will be creating folders and files on the webserver.
The script will also allow to upload files via HTTP.

I'm running into problems with access rights.
Since the webserver is running on the username "apache" and my account on the server is "doppy".
This results in problems with creating files or folders, removing files and folders, editing files and also uploading files.
I'm also having problems with downloading the files with FTP, I get the message that I'm not allowed to access the file.

How would I cope with these problems?
I'm sure someone has bumped into this before and I like to know how you solved the problem.
0
Comment
Question by:DoppyNL
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 14

Assisted Solution

by:ThG
ThG earned 100 total points
ID: 9844944
Yes, many did.

Apache supports something called SuEXEC, which allows executing CGIs as the selected user. Unfortunately, this means that you have to compile your PHP as CGI version, which is probably something you don't want, as one of the nicest things of PHP is the ability to run as shared module, thus without any overhead.

Running it as shared module, you have no ways to solve your problem.
The only way to do that, is to chown everything to the apache user.
0
 
LVL 6

Author Comment

by:DoppyNL
ID: 9848536
Indeed, I don't want to run PHP as CGI, to darn slow.

chown everything to apache?
But that would result in the problem that I cannot access the files via FTP...
Or do I also have to give certain access rights to each file and folder. Guess so...

So I will probably have to reset the access rights for each folder and file just after it is put on the server.
Any suggestions on what settings I should use?

Any other suggestions on how to approach this problem are also welcome.
Explenations on how you (the reader of this question) did this is also welcome! :)
0
 
LVL 3

Accepted Solution

by:
ashoooo earned 150 total points
ID: 9868229
Try creating a small app that runs with root access and its sole purpose is to chown the files and folder. You can create the files and folders using the 'apache' account and then call this app to chown the files/folders using PHP.

... worth a try...
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Expert Comment

by:ThG
ID: 9870983
OR you can use PHP as both CGI and shared module. Particularly, you need to make CGI all the parts that mess with the files (not for reading, that can be done with the shared module--thus with the apache UID).

and then again the SuEXEC support.
0
 
LVL 6

Author Comment

by:DoppyNL
ID: 9903328
>> Try creating a small app that runs with root access and its sole purpose is to chown the files and folder. You can create the files and folders using the 'apache' account and then call this app to chown the files/folders using PHP.

I don't want an extra app that will run through all the files; I want a solution that does its job the moment I create a folder or a file.
But I am going to try to:
- set the owner of the file to "doppy" when it is created
- apply some access rights to the file/folder when it is created.

Will I be able to change the owner of the file/folder once it has been created?
What access rights should I give the file/folder once it has been created?


>>OR you can use PHP as both CGI and shared module.
Not an option I'm afraid; I don't have that much control over the server; they don't want PHP to run as CGI.


Note that I don't have much time to work on this for the next 2 weeks; So I may not reply as quickly as some may like.
I am watching this thread though and will award the points appropiatly :)
input so far has allready been usefull to some degree and very much appreciated!
0
 
LVL 3

Expert Comment

by:ashoooo
ID: 9904494
Doppy, you misunderstood me. What I meant by "its sole purpose is to chown the files and folder" is not that it runs recursively thru all the files and folders.

But, that you put it in the bin folder where it is accesible to you, and you call it from PHP using the 'system' (?) command with appropriate parameters so that it sets the ownership and permissions on only one file. It neednt even run in the background. You call it from PHP, it does its job, and quits.

I hope this makes things clearer to you.

>> Will I be able to change the owner of the file/folder once it has been created?
Yes you can. Will you do it programatically? Do you want to do it thru PHP? If yes, you'll need to use the chown and chmod utilities. Or you can use your custom app (that I suggested you build) to do the job. Or you can do it manually too.

Hope this helps
0
 
LVL 6

Author Comment

by:DoppyNL
ID: 10010676
conclusion from my side:

- running as CGI is not an option, is not possible to implement that in the current site configuration.
- running a script regularly to reset the permissions is also not an option, as I need this to work on the fly.

I'm currently trying to solve it by creating folders and files with the correct permissions on the fly.
So when I create a folder, immediatly set the permissions correctly; same thing for files.
I'm starting with folders ofcourse.

I opened a new question for that purpose:
http://www.experts-exchange.com/Web/Web_Languages/PHP/Q_20836213.html
Feel free to read it or don't, it's up to you :).

Awarding points here as a thanks for the input and helping me in thinking in the right direction :)
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question