Make directory writable for me and apache

mzh · 01-11-2012, 03:06 AM

Dear Forum
I'm working on some webapplication. It's probably avoiding every single best practice possible, but still it does what it should do for those who need it. I serve it with Apache, so the directory is owned by www-data. The scripts for the app are placed in that directory, but now if I want to edit a script (and save it in this directory), I'm required to do so under root, because my user is not owning this directory (however I own the scripts and they are all 755).
How should I set this up correctly? Should the directory be owned by me? Will Apache still be able to read and execute the scripts?
How do the ownerships of the directory and the read/write/execute permissions of files in that directory (together with their respective ownership) interplay?

tronayne · 01-11-2012, 07:15 AM

There's something to be said for adhering to standards; root owns things for a reason and altering things for convenience can come back and haunt you when you least expect it. Keep that in mind as you go along.

When you're developing and editing and testing software it can be a real pain to need to use su or sudo all the time but there actually is a way to get around that with Apache: you can set up a directory in your home directory to work in, get it the way you want it, then simply (as root) copy your software to the Apache directory. If you create a directory in your home directory named public_html, make a change to your httpd.conf file, and restart httpd (the daemon), you can do what you want.

First, the httpd.conf file (possibly located in /etc/httpd). There may be a section in that file that looks like this (down near the bottom):

Code:

# User home directories
Include /etc/httpd/extra/httpd-userdir.conf

It will be commented-out (with #Include) -- simply remove the sharp and restart the daemon.

What that does in include the file in the /etc/httpd/extra directory so you can have a local web page.

If you don't have the above in /etc/httpd/httpd.conf, you may have the actual section in the httpd.conf file. It will look something like this:

Code:

# Settings for user home directories
#
# Required module: mod_userdir

#
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.  Note that you must also set
# the default access control for these directories, as in the example below.
#
UserDir public_html

#
# Control access to UserDir directories.  The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory "/home/*/public_html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    <Limit GET POST OPTIONS>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>

and all of that will be commented-out, so, just remove the sharps and there you go.

The way you get to the web page is

Code:

http://server.domain/~userid

where server.domain is your server address and userid is your user account name.

You can fiddle to your heart's content in your public_html directory until you're happy with it then copy what you've done to your server directory.

Hope this helps some.

mzh · 01-11-2012, 11:51 AM

@Tronayne: Thanks a lot for the comprehensive reply. I'll be giving it a try. It definitely is a new perspective to me.