Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Set permisson to drwxrws---+ from drwxrwx---+

Posted on 2006-03-21
22
Medium Priority
?
9,990 Views
Last Modified: 2008-01-16
Hi,

I'm creating a form to upload files to the server and this works fine with the current permission.  However after the user upload he can view the files uploaded.  I'm having problems setting the permission to allow people to view the content of this dir?

Thanks

Ross
0
Comment
Question by:rossh1977
  • 10
  • 7
  • 3
  • +1
21 Comments
 
LVL 46

Expert Comment

by:Kent Olsen
ID: 16251673
Hi rossh1977,

Try:

chmog g+s file


Good Luck!
Kent
0
 

Author Comment

by:rossh1977
ID: 16252456
Hmmm, it's set the dir up with the same:- drwxrws---+, but it's now not allowing uploads of files, nor am i able to view the directory?  I have these permission on another output dir and it seemed to work?  I need to be able to upload files and then view them.

Thanks

R
0
 

Author Comment

by:rossh1977
ID: 16252468
Ahh no it is uploading, but i'm still not getting to view the results!  
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 62

Expert Comment

by:gheist
ID: 16252951
User running ftp server should have +rx on ftp directory you cannot list.
0
 

Author Comment

by:rossh1977
ID: 16255128
Hi gheist,

I'm using a php file to allow the user to upload to the server.  Then i want the user to see the result in the dir view, so i have an index.php file in the view dir reading the dir and outputting it to the screen for the user to download.  Problem is the permission are not setup to allow the dir to be viewed?

Thanks

Ross
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16256690
> .. nor am i able to view the directory?
is your user running the php script in the group which is assigned to the directory?
0
 

Author Comment

by:rossh1977
ID: 16256858
?? Don't know, sorry i'm just getting to grips with these permissions.  Certainly the last directory i got working for this has the ftp property settings 2777, but if i try to change my view dir to this i get an error and i don't no who to achieve this via telnet?

Thanks

Ross
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 2000 total points
ID: 16256911
> .. has the ftp property settings 2777,
are we talking about ftp, or php runn by the web server?

> .. i don't no who to achieve this via telnet?
login tou your server, then do (assuming that your web server is apache):
  ps aux|grep httpd

then use the reported username, probably nobody, and do:
  grep nobody /etc/group
  grep nobody /etc/passwd

then do a:
  id -a

here you should see if your account name is in the same group as nobody
If you're not in that group, and you're not owner of the files and directories used by the web server, go and ask the admin for an proper account.

Please post results (you may x-out/change secret data:)
0
 

Author Comment

by:rossh1977
ID: 16257030
Hi, sorry yes it is php run by a web server, i was explaining that i check the properties of a previous directory using an ftp package an it displayed the permissions as 2777.  I think this is what i need.

Tried the ps aux|grep httpd
.....

But i couldn't make much sense of it and i wouldn't want to put something up that i shouldn't

Doing ps aux...

Gave me :-

> *** ps aux | grep httpd
*> usage: ps [ -aAdeflcjLPy ] [ -o format ] [ -t termlist ]
>         [ -u userlist ] [ -U userlist ] [ -G grouplist ]
>         [ -p proclist ] [ -g pgrplist ] [ -s sidlist ]
>   'format' is one or more of:
Then listed 30 or so words or groups

Thanks

R


0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16257900
> *> usage: ps [ -aAdeflcjLPy ] [ -o format ] [ -t termlist ]
aha, sounds like Solaris ...
use ps -ef instead

Is it an apache web server?
0
 

Author Comment

by:rossh1977
ID: 16258344
Hi i got some details and it was nobody and it's got some number with the details what i'm i looking for , again not knowing what if this is i don't really want to post it.

Thanks

R
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16259027
> .. got some number with the details ..
ok, that proofs that you have a process httpd running as user nobody.
No please check with theother commands if your user you're logged in with is member of the same group as nobody.
Also check with
  ls -l /path/to/directory
the permissions and owner/group of the directory in question.
0
 

Author Comment

by:rossh1977
ID: 16259344
Hi my name is against each dir or file in the directory i'm the owner of the dir.

The other commans you gave me listed nobody again with numbers, a couple corresponding with the previous command no.

Thanks

R
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16260741
hmm, this sounds good or not, you need to define that yourself, or provide better information here
0
 

Author Comment

by:rossh1977
ID: 16262709
Hi can i first of all ask if the following should allow me to upload to a dir and then display that dir:-

view     drwxrws---+

I need to be able to upload files via a php script to the view dir on the webserver, then allow the user to view that directories content again via a php script outputting it's content to a webpage.

At the moment everything works apart from the directory showing it's content.  The following is what i've dont to achieve my permission so far.

setfacl -m user:nobody:-wx view
chmod g+w view

Thanks

Ross
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16267733
if your php script can write files in that dir, it should be possible to read them also, except you have write but not read permissions (which is not the case with the posted permissions)
Do these scripts have the same owner, group and permission?
0
 

Author Comment

by:rossh1977
ID: 16273054
Hi,

Feel as if i'm going backwards here!  I deleted the view folder thinking i could recreate the permission to get:- drwxrws---+ but it's not working.  Could you give me instuctions on how to achieve this.  Also the files that are uploaded to the server are set as nobody nobody where as my index.php file is set as myuserid mygroup but neither display.

Is their no easy way to achieve what i'm after.  I only need to dispaly the dir, never thought it would be this difficult!

Thanks

R


0
 
LVL 62

Expert Comment

by:gheist
ID: 16274315
Dear asker - I find your fanaticism to conceal email origin suspicious.
0
 

Author Comment

by:rossh1977
ID: 16274342
Sorry can you explain?

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16274573
rossh1977, please read was have been suggested, anything is already described
Pease sit down and read again.

In short:
 1. the directory wher index.php resides needs to have read and execute (5 or 7) for the httpd-user,
    or read and execute for the group the httpd-user belongs too if the httpd-user is not owner of that directory.
 2. same as 1. applies to index.php
 3. the directory where you want to write your uploaded files need to have read and write (6 or 7) permission for  httpd-user, or read and write permission for the group the httpd-user belongs too if the httpd-user is not owner of that directory.
  4. if the httpd-user is not the owner of the file, the directory must not have a sticky bit
0
 
LVL 62

Expert Comment

by:gheist
ID: 16514096
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept ahoffmann #16256911

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

gheist
EE Cleanup Volunteer
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question