Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
New at administering a server, and need some explanation or description. When I try install software on my Linux server, some packages say "need to run as nobody" or some other user name. My web server runs as user Apache.
In a case where multiple web packages have different users they want to run as, which one should own a folder? And do I need to add the other users to the Apache group?
Also, I am running php and having a problem b/c one package, which has been running for about 6 months, says that it can't write to the session folder. I checked the permissions. It is owned by the Apache group w permissions of
If this other package says it can't write to it, but had been running for several months w steady usage, then can someone tell me a clue about:
1. What to change tyhe permissions to so that the session folder is both secure, but can be used by the packages that need it?
2. What the background relationship should be between these multiple users (apache, nobody, etc) in a case like this?
Some processes require to run as 'nobody' or 'apache' as these are system users without passwords, to make the running processes more secure.
Like for instance, some will run apache or httpd as the user web, which is a user and group. It doesn't have a password. In some cases, the files shared thru the apache server will also be owned by the user 'web' and belong to the 'web' group. If you need particular users to be able to edit such files, add them to the 'web' group. In other cases, the users themselves can own the files themselves, they'll just need to make the files readable by all. Usually permissions of -rwxr-x-r-x is sufficient for most pages to be read by all and you won't get any errors trying to view the pages, etc.
The sessions you find in /tmp should be owned by the user that apache runs as. If you find that you get errors saying that it can't be read, the majority of the time apache was shutdown and restarted uncleanly. Whenever I encounter such problems, I'll shutdown apache, remove the session files in /tmp and then restart apache.
In other cases, if your running a daemon, it's best to run it as 'nobody' or another account that has no actual shell or login capabilities. Like for example, mysql will run as the mysql user in which is created during the install process of mysql.