We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Set permisson to drwxrws---+ from drwxrwx---+

rossh1977
rossh1977 asked
on
Medium Priority
11,755 Views
Last Modified: 2008-01-16
Hi,

I'm creating a form to upload files to the server and this works fine with the current permission.  However after the user upload he can view the files uploaded.  I'm having problems setting the permission to allow people to view the content of this dir?

Thanks

Ross
Comment
Watch Question

Kent OlsenData Warehouse / Database Architect
CERTIFIED EXPERT

Commented:
Hi rossh1977,

Try:

chmog g+s file


Good Luck!
Kent

Author

Commented:
Hmmm, it's set the dir up with the same:- drwxrws---+, but it's now not allowing uploads of files, nor am i able to view the directory?  I have these permission on another output dir and it seemed to work?  I need to be able to upload files and then view them.

Thanks

R

Author

Commented:
Ahh no it is uploading, but i'm still not getting to view the results!  
Top Expert 2015

Commented:
User running ftp server should have +rx on ftp directory you cannot list.

Author

Commented:
Hi gheist,

I'm using a php file to allow the user to upload to the server.  Then i want the user to see the result in the dir view, so i have an index.php file in the view dir reading the dir and outputting it to the screen for the user to download.  Problem is the permission are not setup to allow the dir to be viewed?

Thanks

Ross
> .. nor am i able to view the directory?
is your user running the php script in the group which is assigned to the directory?

Author

Commented:
?? Don't know, sorry i'm just getting to grips with these permissions.  Certainly the last directory i got working for this has the ftp property settings 2777, but if i try to change my view dir to this i get an error and i don't no who to achieve this via telnet?

Thanks

Ross
> .. has the ftp property settings 2777,
are we talking about ftp, or php runn by the web server?

> .. i don't no who to achieve this via telnet?
login tou your server, then do (assuming that your web server is apache):
  ps aux|grep httpd

then use the reported username, probably nobody, and do:
  grep nobody /etc/group
  grep nobody /etc/passwd

then do a:
  id -a

here you should see if your account name is in the same group as nobody
If you're not in that group, and you're not owner of the files and directories used by the web server, go and ask the admin for an proper account.

Please post results (you may x-out/change secret data:)

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Hi, sorry yes it is php run by a web server, i was explaining that i check the properties of a previous directory using an ftp package an it displayed the permissions as 2777.  I think this is what i need.

Tried the ps aux|grep httpd
.....

But i couldn't make much sense of it and i wouldn't want to put something up that i shouldn't

Doing ps aux...

Gave me :-

> *** ps aux | grep httpd
*> usage: ps [ -aAdeflcjLPy ] [ -o format ] [ -t termlist ]
>         [ -u userlist ] [ -U userlist ] [ -G grouplist ]
>         [ -p proclist ] [ -g pgrplist ] [ -s sidlist ]
>   'format' is one or more of:
Then listed 30 or so words or groups

Thanks

R


> *> usage: ps [ -aAdeflcjLPy ] [ -o format ] [ -t termlist ]
aha, sounds like Solaris ...
use ps -ef instead

Is it an apache web server?

Author

Commented:
Hi i got some details and it was nobody and it's got some number with the details what i'm i looking for , again not knowing what if this is i don't really want to post it.

Thanks

R
> .. got some number with the details ..
ok, that proofs that you have a process httpd running as user nobody.
No please check with theother commands if your user you're logged in with is member of the same group as nobody.
Also check with
  ls -l /path/to/directory
the permissions and owner/group of the directory in question.

Author

Commented:
Hi my name is against each dir or file in the directory i'm the owner of the dir.

The other commans you gave me listed nobody again with numbers, a couple corresponding with the previous command no.

Thanks

R
hmm, this sounds good or not, you need to define that yourself, or provide better information here

Author

Commented:
Hi can i first of all ask if the following should allow me to upload to a dir and then display that dir:-

view     drwxrws---+

I need to be able to upload files via a php script to the view dir on the webserver, then allow the user to view that directories content again via a php script outputting it's content to a webpage.

At the moment everything works apart from the directory showing it's content.  The following is what i've dont to achieve my permission so far.

setfacl -m user:nobody:-wx view
chmod g+w view

Thanks

Ross
if your php script can write files in that dir, it should be possible to read them also, except you have write but not read permissions (which is not the case with the posted permissions)
Do these scripts have the same owner, group and permission?

Author

Commented:
Hi,

Feel as if i'm going backwards here!  I deleted the view folder thinking i could recreate the permission to get:- drwxrws---+ but it's not working.  Could you give me instuctions on how to achieve this.  Also the files that are uploaded to the server are set as nobody nobody where as my index.php file is set as myuserid mygroup but neither display.

Is their no easy way to achieve what i'm after.  I only need to dispaly the dir, never thought it would be this difficult!

Thanks

R


Top Expert 2015

Commented:
Dear asker - I find your fanaticism to conceal email origin suspicious.

Author

Commented:
Sorry can you explain?

rossh1977, please read was have been suggested, anything is already described
Pease sit down and read again.

In short:
 1. the directory wher index.php resides needs to have read and execute (5 or 7) for the httpd-user,
    or read and execute for the group the httpd-user belongs too if the httpd-user is not owner of that directory.
 2. same as 1. applies to index.php
 3. the directory where you want to write your uploaded files need to have read and write (6 or 7) permission for  httpd-user, or read and write permission for the group the httpd-user belongs too if the httpd-user is not owner of that directory.
  4. if the httpd-user is not the owner of the file, the directory must not have a sticky bit
Top Expert 2015

Commented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept ahoffmann #16256911

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

gheist
EE Cleanup Volunteer
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.