Linux Read only attribute (undoing this in terminal)

erjohnson227 · 08-24-2009, 03:25 PM

So heres the deal. Please excuse me as i am used to dos based commands and do not know the first thing about unix commands. I have apache running on Ubuntu 9.04 and the default folder is /var/www . now what is the command i can type into terminal to make this folder read/write instead of read only. (NOTE) i cannot change the attributes of this folder through the GUI because although i created this computer it says i dont have root access. So i figured it would be faster to just use the SUDO command.

i92guboj · 08-24-2009, 04:04 PM

Unix/Linux permissions are not as simple as those in DOS. If my memory serves correctly (though admittedly it's been a long time since) DOS uses a simple scheme with three attributes for each file: read, write and hidden. There's no exec permission, since both DOS and Windows determine if a file is a program based on its extension.

In Linux you have much more than that. The basic ones that should worry about are the read, write and exec permissions, but these are defined in three triplets: read (+r), write (+w) and exec (+x) for the owner of the file; read, write and exec for the group; and read, write and exec for the rest of persons. Also, the exec permission on directories mean "access". So you can't cd to a dir if you don't have the +x permission over it for your user. All this info can be seen with "ls -l" (or -ld for directories), for example, in /var/www you should have something similar to this:

Code:

$ ls -ld /var/www/
drwxr-xr-x 3 apache root 4,0K oct 29  2008 /var/www/

This means that the owner of the file is the user "apache", it's the ID under which the apache server usually runs. The group is "root", the permissions are "rwxr-xr-x", which means "rwx" for the user apache, "r-x" for all the users which belongs to the group "root", and "r-x" for the rest of the users. These are usual permissions for a web.

To set a permission you use chmod. For example, to set write permissions for everyone you would do "chmod a+w /var/www" (I hihgly advise against that). "a" means all, "+w" means to set write permissions. After that, to remove the write permissions again from "group" and "others" you would use these two commands: "chmod g-w /var/www" and "chmod o-w /var/www", where "g" is "group" and "o" is "others", and "-w" is to remove write permissions.

So, first, you need to decide what do you mean when you say that you want to give read and write permissions to /var/www. It really shouldn't be world-writable, this would have many security implications, unless you are only serving it locally in a trusted intranet and can't be reached from the outside. And even then, there's no reason to use a so poor security policy.

erjohnson227 · 08-25-2009, 02:32 PM

thank you very much for the fast reply. that did the trick, the "chmod" command made the files writable so i now have full access to my apache document folder.

i92guboj · 08-25-2009, 05:33 PM

Again (and feel free to igonre me if you already know this, but it's important), you shouldn't be doing that if the web server is exposed to the public. You are granting *everyone* around the world the permission to write in your web server.

erjohnson227 · 08-26-2009, 12:04 AM

how would i remotely write to my server? ive got it up and running now and was wondering about how to set up FTP so that i can remotely upload files from another authorized computer