Apache server Docroot file permissions
I have an issue with file permissions, hopefully someone here will be able to help me.
Apache runs as apache:apache
user: alanp, groups: alanp
user: apache, groups: apache
I want to be able to rwx (read, write, execute) files in my docroot (/var/www) with my normal user account 'alanp'. The Apache server itself should normally only be allowed to r-x (read & execute) these files.
First, I issued a 'chown -R alanp:apache /var/www'. I am now the owner of the files and directories, and apache is the group.
I then issued a 'chmod -R 750 /var/www'. The permissions on the files are now -rwxr-x---. This means 'alanp' has +rwx and the apache group has +rx permissions.
This works great. My next problem arises however because I have a directory that allows the apache group write access for a php script that creates some flat-file logs. The permissions for this 'logs' directory are drwxrwx---. Apache is running as apache:apache, so that's how it's files get created, which means my normal user 'alanp' cannot access these files.
The only solution I can think of is to run apache as alanp:apache. Is this a suitable solution or is there anything better I could do?
I've just been informed that suPHP may be a solution. I'm looking in to it now but it seems like a bit of a botch fix.
You could add alanp to the apache group. Or you could create an 'apachewrite' group that has write access to whatever files, and add the apache and alanp users to that.
|All times are GMT -5. The time now is 10:44 AM.|