• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 642
  • Last Modified:

How do I give addmin permission to PHP user/permission to write to filesystem on Ubuntu 14 server?

Hi,

When joomla or wordpress try to write to the filesystem, which user do they use?
Is it possible to give that user admin permissions?

I did a test on my MAIN SERVER (ubuntu 14.04 x64 with php 5.5.9) and on page 3 of this application I got one error:
PHP cannot write to filesystem: http://www.mismatched.be/index.php?step=2

I also use two shared hosting servers, one in the US and on in Italy and the same test does not give that error:
http://www.associazioneculturaleinasia.it/check.php?step=2
and
http://just.bo/index.php?step=2

How is it that automatically on those servers when I use Joomla or Wordpress the CMS installation software can write to .htaccess, configuration.php and wp-config.php files and tmp, cache, logs folders without any problems and on my I get errors?

On my ubuntu MAIN SERVER server (with the php permissions problem) I manually upload joomla.zip or wordpress.zip and unzip them and then I use the following command to give the permissions:

for the directories
sudo find /site_installation_folder/ -type d -exec chmod 755 {} \;


for files only
sudo find /site_installation_folder/ -type f -exec chmod 644 {} \;


What am I doing wrong and how to enable the right permissions so that I don't have to set 777 chmod permissions on any folder?

thanks in advance
0
badwolfff
Asked:
badwolfff
2 Solutions
 
Kent WSr. Network / Systems AdminCommented:
Having permissions like 755 or 644 are meaningless by themselves.  We would need to know the user.group assigned to these files and folders also.
Generally, apache runs as user "apache".  PHP is an extension of your web server, and will use it's credentials.
So, to write a file, apache would need write permissions to that file.

You can see that the permissions 755 with the owner being root.root would be different than if the user.group were apache.apache.

If you change the owner.group to apache.apache, then your appropriate permissions for regular files would be 550 (440 really for static sites, but with php apps, you will run into non-execute permissions problems often).
For any files you need apache to write to, it would be 660.
0
 
DavidSysadminCommented:
php runs normally under the apache user.

ubuntu apache standard is the username www-data.  so give write access to this user should solve the problem.

you can do this on a folder with    chown -R www-data:www-data foldername
0
 
badwolfffAuthor Commented:
Hi mugojava thanks for your message.
Do I change the owner for a CMS folder using:

sudo chown -R apache:apche /path_to_folder/

thanks
0
Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

 
badwolfffAuthor Commented:
ah thanks David will try right away :)
0
 
Kent WSr. Network / Systems AdminCommented:
Yes, that how to change the user.group.  Then set your permissions the same way using chmod
(sudo chmod -R 550 /path_to_folder/)
And on the certain files that need apache to write -
(sudo chmod 660 /path_to_folder/file.ext)

Do you understand what each integer's place means in the chmod permissions?
0
 
badwolfffAuthor Commented:
works! thanks!

I changed the permissions on the entire folder and everything works.

By the way, when I use SCP now to connect, my user "lupocatttivo" cannot delete, rename etc. files that are owned by www-data. Is it possible to add my user "lupocatttivo" to the www-data group as well as the admin group (which it already is). Is this possible?

thanks again
0
 
gireeshbabuCommented:
Yes.
0
 
Kent WSr. Network / Systems AdminCommented:
Yes, you can do that, or just use sudo.  Sudo is safer.

Every user also has a "group", so you can change owner to like apache.lupocatttivo, and give yourself either r+w (6) or rwx (7),  So for apache.lupocattivo, 570 would give apache read, your group "lupocatttivo" rwx, and all others nothing.

In the permissions, say 660, the first 6 is for "user", second 6 is for "group", and last 0 is "all others".

Apache will work correctly if it's got appropriate permissions as either user or group.  You don't have to have it as both user and group, that's just a common method.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now