General :: File / Folder Permissions And Groups On Linux With Apache?
Jun 26, 2010
I'm trying to learn about permissions on linux webserver with apache.Some clues to the system: The server I have to play around with is Fedora based. Apache runs as apache:apache. To allow for e.g. php to write to a file the file needs to be chmod 777. 755 is not sufficiant.What I'm wondering is basically how set up permissions like they should be on e.g. a "shared web host".My main problem is that if I set a permission so that one user cannot access anothers home folder, then apache can't read from the public_html folder either.
To keep the users out I need to set chmod 700. But to let apache to read I need to have at least execute on world,so a 701 basically works, but won't let some users in.So I'm really stuck on what to do. Have been concidering adding the apache user to the frous grours
below to avoid having to add the world execute flag, but is that a bad thing? Should it be the other way around, the users in the groups below should also be in the apache group?I was aiming at having 4 groups:
1. webapp: same as dev_int, but is the only one that can go inside the webapp/live folder to e.g. do an update from the repo.
2. dev_int: can read,write and execute everything in the "web root", including the two below, but nothing outside of the web root
3. dev_ext: can read write and execute in all client folders, but cannot access anything outside of the webapp root
4. clientsBasic ftp accounts. Has a home folder with a public_html, but cannot access any other home folders
i have 5 groups, i want to set 3 of them to have full permissions to a folder and set 2 others with read only to same folder, please help me to solve this problem. in other words i want to set this 5 groups diffrent permissions to a folder.
I am having problems with groups and file permissions. I have a file owned by myself
Code: -rw-rw-r-- 1 diblemar users 2.1K Jun 3 06:02 /cluster/shared/Injects/1404_1405_1000033606_79964.return.xml
I want to modify the file using a cgi script running on an apache server (on the same machine). Both diblemar and apache are in the same group.
However, I receive a file permissions error when I try to modify the file. I assumed that with the permission settings above apache would be able to modify a file owned by someone else in the apache group.
I'm using my Linux (SLES 10) server as a File Server at this point. I need to set File Permissions to nested folders differently to different groups. For example:
homesharedengineering* should be read only for groupA homesharedengineeringadmin should be read & write for groupB Plus read only for groupA homesharedengineeringautocad should be read & write for groupC Plus read only for groupA
I've been using Webmin and Putty to set permissions but Putty only allows me the Default Group, it won't allow me to set several groups on the same directory. Webmin seems to allow me to add multiple groups (Webmin --> Others --> File Manager --> Info & ACL tab will provide extended abilities) but when I add multiple groups, they don't seem to take effect? I'm wondering if my setup at the 'Share' level or at the hierarchy of my folder structure (unix based) needs to be set specifically?
I have an Ubuntu development server and a Windows 7 workstation. I use Windows Gvim to edit files on the linux server, over a samba connection.Saving files from Windows change the Linux permissions in weird way depending on the Windows app I'm using and also depending on whether there's a file extension or not.Here are some testsNo extension; Notepad2: 644 to 764
matt@mattserver ~ % ls -l testfile -rw-r--r-- 1 matt matt 0 2011-05-28 07:09 testfile --- Save from Windows Notepad2 over network ---
this directory has permissions 750 and is owned by user1 and group user1 I have an admin user that is primarily a part of group admin, but also a part of group user1 what would stop admin from having read and execute permissions on this directory? I'm running clamav and have a clamd daemon running as user admin (I could run it as any user, and I may make a special user later, but I don't want to run it as user1, user2, etc).
I have 2 (technically lots more, but let's just say 2 for now) users, user1 and user2 that have home directories /home/user1 and /home/user2. each is owned and group owned by user1:user1 and user2:user2 respectively with permissions of 750. my admin user is part of groups admin, user1, and user2 I need this to be able to scan my user's directories using the command (is this correct?):
If I change the directory permissions to 755, it works fine.Or if I leave the permissions 750 and change the directory group ownership to admin, it works fine. So, why would this be? Obviously it is a permissions issue, but why is it not reading admin as part of the user1 group and allowing the same permissions as it does when making the directory group-owned by admin?
Having set up many windows servers with complex permissions on shared folders, I now have to do the same in Linux (and I'm such a noob to Linux) I understand that each file/folder is assigned a user + group, and that the rights can be set for the user, the group and global (aka everybody else) My challenge is this, inside my shared folder there is a folder that should be RW to some users, READ ONLY to others, and not accessible at all to the rest of the users. (lets call the folder MyFolder ) All 3 groups have more than 1 user, so they have to be groups (right?) How would this model work in Linux ? If there is no other way, I guess I can nest the MyFolder in a folder that has permissions to allow all users that may access MyFolder, and block the rest, then on MyFolder, set owner group the RW users, and set global to READ ONLY.
Ps : The server I'm setting up runs Debian Lenny, files will be accessed from windows workstations using samba.
I have a remote directory shared over NFS called tech with perms set as 0750 and owner set to root:tech. I have 2 groups: tech, and techAdmin. tech can read and execute within tech/. techAdmin can read, write, execute. I have 4 users: user1, user2, user3, user4. user1 and user2 is a member of techAdmin, user3 and user4 are members of tech. simple so far...but wait here's the problem. If user1 creates a file inside tech, user2 cant read or modify it because user1 owns it. Here's a few sites that reference this problem:
I own an Acer Aspire One which has Linpus Lite installed. Last night I attempted to delete a couple of files only to find they are read only and that I cannot change the permissions by right clicking and changing the drop down menu from read only.
These aren't protected files or anything, they are files I've downloaded or created myself (one using the onboard web cam to test it).
I attempted to play with Terminal for a bit but as a newbie I got easily lost, not like I can fall back on command prompt knowledge from Windows!
I think it's somehow connected with the user which accesses these docs or tries to change the permissions. I also tried with an su- which meant I was using Terminal as root, however, I wasn't sure how I could then set the permissions for a particular file/folder within the file system.
i have 3 shares on my samba. i have users - user, manager and boss projects is RW to everyone reference is R to everyone RW to manager and boss Proposals is RW only to boss, no access to others However when boss logs in and creates a directory in projects share, the directory can only be renamed bu users and manager, and directory contents are read only for users and managers, even deletion / rename is denied. How can i make sure that when ever boss creates a directory in projects, it retains base folder permissions and is writable to user this is my samba file... i am using red hat 6.1 with samba 3.5.6 (i think)
I am trying to rescue some files on a Dell Laptop running XP that is in a BSOD state. I can boot up Knoppix just fine but all the files are read only but get the error: The remount command failed. Maybe there is another process accessing the filesystem currently.Also when I look at the files and folders on the Knoppix CD they look really odd. See attachment
I have Ubuntu server with Apache 2, PHP, and various DBMSs running in VirtualBox on my Mac host for my web development work. To easily create/edit the files I'm working on, I mounted a directory from my Mac host via the VirtualBox shared directory feature to /var/www/. Every file I create on my Mac host has the following permissions on the on the Server: -rw-r--r-- 1 root root 6 2011-07-30 01:27 test.The problem is that most PHPscripts/frameworks/etc.need write access to some files.It is extremely annoying to have to chmod every new file/directory that needs write access.Is there a way to set the correct permissions for the files/directories automatically?
What is recommended way to set permissions of folders VAR/WWW for use with apache in 11.04? I would like to let the user "ABC" have access to read/write the website files in this directory. How should permissions on these files be set?
I know how to assign file permissions and other tasks like user to group, but I'm stuck with a situation in how I should set up my system.So I have a LAMP server set up. I'm not the only developer so I created a group called "developers" for my other users "Mike," "Alex," and "Cindy," which are developers (I'm Mike by the way). I know that "www-data" is the user and group Apache uses.This is good because only I have permission to update the production site, but for the dev site, it's a different story.
This is probably a pretty basic question seeing as I'm pretty new to Ubuntu Server. I'm running a simple website from my Ubuntu Server machine with The files are all stored in /var/www/ and then subdirectories. The problem is that when I add files through FTP I need to go and change all of the file permissions since by default they do not have read access so can't be accessed through a web browser on another machine.How can I make the default permissions readable for the directory and all new files that will be moved in it
I opened up my Gimp brushes folder so that I can put a brushes file into the folder. Would not let me do it. Said I am not the owner and do not have permission. I right clicked inside the folder, same thing permissions grayed out, not owner. No apparent option to log in or do anything to gain permission. What can I do?
I've migrated to Suse from Mandriva. I installed all my backup folders/files to my "home" folder but they have come up locked. I remember in Mandriva to change the permissions I pressed Alt F2 and then entered a command. How do I do it in Suse?
I am running ubuntu using VirtualBox on a Macbook Pro. I wanted to share my documents folder on the Mac in the virtual machine. I had no issues creating/mounting the share folder on ubuntu. However the file permissions for the shared folder are owned by root.
I have two drives in my computer: a 160GB and an 80GB. The 80 holds Ubuntu, the home folder, etc. The 160 is for other files. I need to change the read-write permissions on the 160, but I can't. If I do it through the GUI (right-click>permissions) it just changes back instantly. If I do it through the command line (even with sudo), it has no effect.
I have a little problem: I have a share folder on Ubuntu server: - Dump That folder is share with SAMBA and everyone can put files on it My problem is the following: When someone create a folder, the folder permissions are automatically set with: (let's take my username: Yann)
Owner: Yann Group: Yann
Clearly that's wrong.. I want the Group to be auto set has "users" so everyone can access the folders on that share. Anyone know how to change this ? chmod and chown is getting a bit boring
I have a FTP server (vsftpd), and would like to setup different file permissions for different groups:
-"ftpusers" group should only be able to browse and download.
-"ftpadmins" group should be able to browse, download, AND WRITE (RNFR, RNTO, MKDIR....).
Let's say my main directory is /var/ftp/docs/. It should be accessible by "ftpusers" group, but only writeable by "ftpadmins" group. Other groups or users may not access it. Which permissions and ownership should I give? My problem is that the dir can't be owned by two groups...
I'm setting up a Fedora 11 server for the company of one of my friends. So far so good. But now he has asked me to setup access restrictions to folders through samba. Now I'm quite familiar with user access policies, even though I'm quite new to the GNU/Linux world. What I want to know is : what is the best way to give and remove, on the go, rwx access for a specific user to a certain folder in a linux system? Can I create groups for each folders, whose members will have the given permissions? Or do I have to create users for each folder and add to their group the user witch i want to give privilege to?
We are a school and we share a samba folder with students and teacher groups. What we are trying to do is:
- Give students group users the permissions to rwx own files in folder
- Students must not be able to do anything with others files. I mean nothing so, at most, they could see the files in folder but not read it.
- Teachers can do anything with files in folder
As you can imagine, the idea is that students deliver their exams in that folder without the ability to read/copy the other students files. With sticky bit we can restrict students permissions to their own files, that is ok, but how to restrict all the permissions on other students files without restricting student access to that folder?