Set permisson to drwxrws---+ from drwxrwx---+

Hi,

I'm creating a form to upload files to the server and this works fine with the current permission.  However after the user upload he can view the files uploaded.  I'm having problems setting the permission to allow people to view the content of this dir?

Thanks

Ross
rossh1977Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kent OlsenData Warehouse Architect / DBACommented:
Hi rossh1977,

Try:

chmog g+s file


Good Luck!
Kent
0
rossh1977Author Commented:
Hmmm, it's set the dir up with the same:- drwxrws---+, but it's now not allowing uploads of files, nor am i able to view the directory?  I have these permission on another output dir and it seemed to work?  I need to be able to upload files and then view them.

Thanks

R
0
rossh1977Author Commented:
Ahh no it is uploading, but i'm still not getting to view the results!  
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

gheistCommented:
User running ftp server should have +rx on ftp directory you cannot list.
0
rossh1977Author Commented:
Hi gheist,

I'm using a php file to allow the user to upload to the server.  Then i want the user to see the result in the dir view, so i have an index.php file in the view dir reading the dir and outputting it to the screen for the user to download.  Problem is the permission are not setup to allow the dir to be viewed?

Thanks

Ross
0
ahoffmannCommented:
> .. nor am i able to view the directory?
is your user running the php script in the group which is assigned to the directory?
0
rossh1977Author Commented:
?? Don't know, sorry i'm just getting to grips with these permissions.  Certainly the last directory i got working for this has the ftp property settings 2777, but if i try to change my view dir to this i get an error and i don't no who to achieve this via telnet?

Thanks

Ross
0
ahoffmannCommented:
> .. has the ftp property settings 2777,
are we talking about ftp, or php runn by the web server?

> .. i don't no who to achieve this via telnet?
login tou your server, then do (assuming that your web server is apache):
  ps aux|grep httpd

then use the reported username, probably nobody, and do:
  grep nobody /etc/group
  grep nobody /etc/passwd

then do a:
  id -a

here you should see if your account name is in the same group as nobody
If you're not in that group, and you're not owner of the files and directories used by the web server, go and ask the admin for an proper account.

Please post results (you may x-out/change secret data:)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rossh1977Author Commented:
Hi, sorry yes it is php run by a web server, i was explaining that i check the properties of a previous directory using an ftp package an it displayed the permissions as 2777.  I think this is what i need.

Tried the ps aux|grep httpd
.....

But i couldn't make much sense of it and i wouldn't want to put something up that i shouldn't

Doing ps aux...

Gave me :-

> *** ps aux | grep httpd
*> usage: ps [ -aAdeflcjLPy ] [ -o format ] [ -t termlist ]
>         [ -u userlist ] [ -U userlist ] [ -G grouplist ]
>         [ -p proclist ] [ -g pgrplist ] [ -s sidlist ]
>   'format' is one or more of:
Then listed 30 or so words or groups

Thanks

R


0
ahoffmannCommented:
> *> usage: ps [ -aAdeflcjLPy ] [ -o format ] [ -t termlist ]
aha, sounds like Solaris ...
use ps -ef instead

Is it an apache web server?
0
rossh1977Author Commented:
Hi i got some details and it was nobody and it's got some number with the details what i'm i looking for , again not knowing what if this is i don't really want to post it.

Thanks

R
0
ahoffmannCommented:
> .. got some number with the details ..
ok, that proofs that you have a process httpd running as user nobody.
No please check with theother commands if your user you're logged in with is member of the same group as nobody.
Also check with
  ls -l /path/to/directory
the permissions and owner/group of the directory in question.
0
rossh1977Author Commented:
Hi my name is against each dir or file in the directory i'm the owner of the dir.

The other commans you gave me listed nobody again with numbers, a couple corresponding with the previous command no.

Thanks

R
0
ahoffmannCommented:
hmm, this sounds good or not, you need to define that yourself, or provide better information here
0
rossh1977Author Commented:
Hi can i first of all ask if the following should allow me to upload to a dir and then display that dir:-

view     drwxrws---+

I need to be able to upload files via a php script to the view dir on the webserver, then allow the user to view that directories content again via a php script outputting it's content to a webpage.

At the moment everything works apart from the directory showing it's content.  The following is what i've dont to achieve my permission so far.

setfacl -m user:nobody:-wx view
chmod g+w view

Thanks

Ross
0
ahoffmannCommented:
if your php script can write files in that dir, it should be possible to read them also, except you have write but not read permissions (which is not the case with the posted permissions)
Do these scripts have the same owner, group and permission?
0
rossh1977Author Commented:
Hi,

Feel as if i'm going backwards here!  I deleted the view folder thinking i could recreate the permission to get:- drwxrws---+ but it's not working.  Could you give me instuctions on how to achieve this.  Also the files that are uploaded to the server are set as nobody nobody where as my index.php file is set as myuserid mygroup but neither display.

Is their no easy way to achieve what i'm after.  I only need to dispaly the dir, never thought it would be this difficult!

Thanks

R


0
gheistCommented:
Dear asker - I find your fanaticism to conceal email origin suspicious.
0
rossh1977Author Commented:
Sorry can you explain?

0
ahoffmannCommented:
rossh1977, please read was have been suggested, anything is already described
Pease sit down and read again.

In short:
 1. the directory wher index.php resides needs to have read and execute (5 or 7) for the httpd-user,
    or read and execute for the group the httpd-user belongs too if the httpd-user is not owner of that directory.
 2. same as 1. applies to index.php
 3. the directory where you want to write your uploaded files need to have read and write (6 or 7) permission for  httpd-user, or read and write permission for the group the httpd-user belongs too if the httpd-user is not owner of that directory.
  4. if the httpd-user is not the owner of the file, the directory must not have a sticky bit
0
gheistCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept ahoffmann #16256911

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

gheist
EE Cleanup Volunteer
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.