[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


files/folders; users; access rights; problems

Posted on 2003-11-30
Medium Priority
Last Modified: 2006-11-17
I'm currently developping several scripts that will be creating folders and files on the webserver.
The script will also allow to upload files via HTTP.

I'm running into problems with access rights.
Since the webserver is running on the username "apache" and my account on the server is "doppy".
This results in problems with creating files or folders, removing files and folders, editing files and also uploading files.
I'm also having problems with downloading the files with FTP, I get the message that I'm not allowed to access the file.

How would I cope with these problems?
I'm sure someone has bumped into this before and I like to know how you solved the problem.
Question by:DoppyNL
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
LVL 14

Assisted Solution

ThG earned 400 total points
ID: 9844944
Yes, many did.

Apache supports something called SuEXEC, which allows executing CGIs as the selected user. Unfortunately, this means that you have to compile your PHP as CGI version, which is probably something you don't want, as one of the nicest things of PHP is the ability to run as shared module, thus without any overhead.

Running it as shared module, you have no ways to solve your problem.
The only way to do that, is to chown everything to the apache user.

Author Comment

ID: 9848536
Indeed, I don't want to run PHP as CGI, to darn slow.

chown everything to apache?
But that would result in the problem that I cannot access the files via FTP...
Or do I also have to give certain access rights to each file and folder. Guess so...

So I will probably have to reset the access rights for each folder and file just after it is put on the server.
Any suggestions on what settings I should use?

Any other suggestions on how to approach this problem are also welcome.
Explenations on how you (the reader of this question) did this is also welcome! :)

Accepted Solution

ashoooo earned 600 total points
ID: 9868229
Try creating a small app that runs with root access and its sole purpose is to chown the files and folder. You can create the files and folders using the 'apache' account and then call this app to chown the files/folders using PHP.

... worth a try...
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 14

Expert Comment

ID: 9870983
OR you can use PHP as both CGI and shared module. Particularly, you need to make CGI all the parts that mess with the files (not for reading, that can be done with the shared module--thus with the apache UID).

and then again the SuEXEC support.

Author Comment

ID: 9903328
>> Try creating a small app that runs with root access and its sole purpose is to chown the files and folder. You can create the files and folders using the 'apache' account and then call this app to chown the files/folders using PHP.

I don't want an extra app that will run through all the files; I want a solution that does its job the moment I create a folder or a file.
But I am going to try to:
- set the owner of the file to "doppy" when it is created
- apply some access rights to the file/folder when it is created.

Will I be able to change the owner of the file/folder once it has been created?
What access rights should I give the file/folder once it has been created?

>>OR you can use PHP as both CGI and shared module.
Not an option I'm afraid; I don't have that much control over the server; they don't want PHP to run as CGI.

Note that I don't have much time to work on this for the next 2 weeks; So I may not reply as quickly as some may like.
I am watching this thread though and will award the points appropiatly :)
input so far has allready been usefull to some degree and very much appreciated!

Expert Comment

ID: 9904494
Doppy, you misunderstood me. What I meant by "its sole purpose is to chown the files and folder" is not that it runs recursively thru all the files and folders.

But, that you put it in the bin folder where it is accesible to you, and you call it from PHP using the 'system' (?) command with appropriate parameters so that it sets the ownership and permissions on only one file. It neednt even run in the background. You call it from PHP, it does its job, and quits.

I hope this makes things clearer to you.

>> Will I be able to change the owner of the file/folder once it has been created?
Yes you can. Will you do it programatically? Do you want to do it thru PHP? If yes, you'll need to use the chown and chmod utilities. Or you can use your custom app (that I suggested you build) to do the job. Or you can do it manually too.

Hope this helps

Author Comment

ID: 10010676
conclusion from my side:

- running as CGI is not an option, is not possible to implement that in the current site configuration.
- running a script regularly to reset the permissions is also not an option, as I need this to work on the fly.

I'm currently trying to solve it by creating folders and files with the correct permissions on the fly.
So when I create a folder, immediatly set the permissions correctly; same thing for files.
I'm starting with folders ofcourse.

I opened a new question for that purpose:
Feel free to read it or don't, it's up to you :).

Awarding points here as a thanks for the input and helping me in thinking in the right direction :)

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question