Solved

FreeBSD file permissions for php script to work

Posted on 2004-10-20
6
829 Views
Last Modified: 2013-12-04
Hello,

Here is my problem...Please refer to http://www.experts-exchange.com/Web/Web_Languages/XML/Q_21161254.html for my previous question.  I have now moved everything over to the following platform and need permissions set.

FreeBSD 4.7
Apache 1.3.31

I'm guessing instead of 'Internet Guest Account,' I need to use 'www' ?  Previously I needed to give 'Internet Guest Account' access to use cmd.exe (please see shell-exec in the php script).

And what is the appropriate permissions to set on the folder?  chmod 777?

I am using a processor in a PHP script, see below:

<?php
$output = shell_exec(java -cp filename.jar x.y.z.MainClass filename.xml filename.xsl');
      echo "<pre>$output</pre>";
?>
0
Comment
Question by:jpegvarn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 12366194
If you run apache server as user nobody, you should set the permissions to 3750

eg:

maintainer = user fred:

chown fred:nobody dirname
chmod 3750 dirname

PS:
   chmod 3750 = chmod 750 dirname ; chmod g+s dirname

man chmod
to leran more details
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12369949
agreed with yuzh's 3750 ...

> needed to give 'Internet Guest Account' access to use cmd.exe
wired, what has cmd.exe to do with unix? could you please explain
0
 
LVL 62

Expert Comment

by:gheist
ID: 12372860
So, welcome to new world of Apache webserver on your UNIX system.
It is designed ten years before your past windows system, and connected to Internet ten years before windows connected to network.

The overall aproach to user management are at least different if not more practical.

First there is unrestricted user called root (Something like LocalSystem account), and having user ID ( UID) of zero. This user account is mostly uset at system boot to launch resident programs (aka daemons, like Apache httpd you like) in the name of other other user accounts (like www you know of).

So, your httpd is started as user www and group www, and accesses all files like it was user www ( something like "Internet Guest Account")

No files in web directories should not belong to this user, since ultimate owner of file can always rewrite the file ( e.g. deface your website via webserver security hole)

But this makes your application into another confusion - it launches java, which always uses temporary files and lots of memory, and makes you create web root rewritable by webserver process itself.

Why don't you use previously suggested sablotron, for example it has sabcmd wrapper which makes what you do using java.

FreeBSD prefers calling java executable javavm
If you insist on launching java to render each webpage consider using at least Turck MMCache or Zend,to avoid running java each time you present a page.

Just what do you want to accomplish by this launching of java???

If this is updating some data file some time, then FreeBSD has great scheduling tool called cron for that.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Author Comment

by:jpegvarn
ID: 12400580
Thank you for the responses.

yuzh, I've tried your suggestion and I am not able to get the output I desire.  Apache is being run by www, so I did the following:

chown www:www dirname
chmod 3750 dirname

If I run the below command in a shell as root, "java -classpath saxon.jar com.icl.saxon.StyleSheet  ResultSet.xml 2excel.xsl", an excel file is created in that particular folder.  As you see below, what I am trying to do is use the same command within a php script so it can be executed from any browser and the file will be created.

My explanation about the IIS 'Internet Guest Account' has to do with what I had to do on the windows machine for this step to work - I had to give this account permission to use the cmd.exe so it could return the output.

<?php
$output = shell_exec('java -classpath saxon.jar com.icl.saxon.StyleSheet  ResultSet.xml 2excel.xsl');
echo "<pre>$output</pre>";
?>
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 12403999
use full path to java, then also make shure that you cd to the directory where to find saxon.jar etc. (or give full paths too)

Your apache's error_log or php-logfile should give you more detailled error messages
0
 

Author Comment

by:jpegvarn
ID: 12412138
It was a path issue I was unaware of.  Thank you ahoffmann.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question