LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-26-2009, 10:35 AM   #1
htamayo
Member
 
Registered: Jan 2005
Location: san salvador, el salvador
Distribution: Debian Stable, UbuntuStudio Karmic Koala
Posts: 190

Rep: Reputation: 30
assigning r+w permissions to the appropiate user


Hi, I'm coding an app using LAMP, in one php file I'm using the function fopen() to access to a text file, but when I run this script I got the error message "permission denied", in this point I'm confused, here is my question:

-I'm using debian lenny
-my linux user is called bob, using this account I will code/debug my app.
-the mysql's user is called tim, tim only exist in the DBMS and he is the database owner
-checking my /etc/passwd file, I found the mysql user, but I didn't find any apache or apache2 user
-doing a ls -la to the app's directory, the owner of all files is bob. the file's permissions are: -rwxr-xr-x

my questions are,
-who is the user that needs to be the file's owner?
-the file's permissions are wrong? what flag should I activate?

regards
 
Old 06-26-2009, 10:40 AM   #2
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 164Reputation: 164
type: ps aux | grep apache

Whoever owns the process the http server is running as (www-data I believe) is who needs write access. If the file is owned by www-data it can be 644, if the file is owned by bob then likely it will need to be 666.

read=r=4
write=w=2
execute=x=1

Add them up to get the permissions you need:

rwx=7
rw-=6
r-x=5
r--=4
-wx=3
-w-=2
--x=1
---=0

Directories typically need an execute bit set to have basic functionality. You don't want execute on a file that doesn't need to be executed.

Last edited by rweaver; 06-26-2009 at 10:47 AM.
 
Old 06-26-2009, 01:12 PM   #3
htamayo
Member
 
Registered: Jan 2005
Location: san salvador, el salvador
Distribution: Debian Stable, UbuntuStudio Karmic Koala
Posts: 190

Original Poster
Rep: Reputation: 30
Hi, I've changed the file permissions and the owner, but still I get the same error, here is my ls -la file permissions:
Quote:
-rwxrwxrwx 1 www-data www-data 1647 2009-06-26 10:17 /var/www/nomina/login.php
-rwxrwxrwx 1 www-data www-data 230 2009-06-25 15:37 /var/www/nomina/logout.php
-rwxrwxrwx 1 www-data www-data 575 2009-06-25 15:22 /var/www/nomina/logsystem.p
Also, I tried to use the owner like this:
Quote:
-rwxrwxrwx 1 bob www-data 1647 2009-06-26 10:17 /var/www/nomina/login.php
-rwxrwxrwx 1 bob www-data 230 2009-06-25 15:37 /var/www/nomina/logout.php
-rwxrwxrwx 1 bob www-data 575 2009-06-25 15:22 /var/www/nomina/logsystem.php
bob belongs to the www-data group, but still doesn't work, the error that i got is like this:
Quote:
Warning: fopen(0) [function.fopen]: failed to open stream: Permission denied in /var/www/nomina/logsystem.php on line 6
the line 6 is: f=fopen($nombre, "w");

if you another suggestions will be welcome

regards
 
Old 06-26-2009, 01:26 PM   #4
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 164Reputation: 164
What is $nombre set to?

Also what are your apache error_logs showing?

Is SELinux turned on?

The relevant piece of data isn't so much the permissions of the php file, but the permissions of the file you're trying to open for writing.

Last edited by rweaver; 06-26-2009 at 01:28 PM.
 
Old 06-26-2009, 02:51 PM   #5
htamayo
Member
 
Registered: Jan 2005
Location: san salvador, el salvador
Distribution: Debian Stable, UbuntuStudio Karmic Koala
Posts: 190

Original Poster
Rep: Reputation: 30
yes. SELinux was turned on, i switched to permissive and then it works. now I can writer/read the file. thanks. because I'm debugging the app I decided to keep the user bob as the owner of the login.php, logsystem.php and nomina.log and it works, but when the system is ready, do yo recommend me that the owner will be 'www-data' for the external users?

regards
 
Old 06-27-2009, 09:12 AM   #6
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 164Reputation: 164
Quote:
Originally Posted by htamayo View Post
yes. SELinux was turned on, i switched to permissive and then it works. now I can writer/read the file. thanks. because I'm debugging the app I decided to keep the user bob as the owner of the login.php, logsystem.php and nomina.log and it works, but when the system is ready, do yo recommend me that the owner will be 'www-data' for the external users?

regards
No, bob is a good owner just be aware of what permissions any file you try to open for write/read are. If they're world readable/writable it should be fine. Or you can have them owned by www-data and if they're readable/writable by www-data that should be fine. If you're the only user of the machine it shouldn't end up mattering much, if you share it with a large number of other people then you'll probably want to break it down some and maybe have each person own their own files and suexec the apache process to each user so its harder to cross read files and get sensitive information.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Trouble assigning permissions staph Linux - Newbie 8 02-05-2007 08:00 PM
Assigning Network Share Permissions Woodsman Slackware 2 08-22-2006 10:53 PM
Assigning permissions for a file to be accessed by particular users praveen kumar Linux - Networking 3 05-18-2006 11:20 AM
assigning permissions ziox Programming 1 01-10-2005 10:13 AM
Assigning local permissions to imported SMB shares Ron Cook Linux - Networking 1 12-17-2004 06:12 AM


All times are GMT -5. The time now is 08:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration