LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   Permissions related to hosting. (https://www.linuxquestions.org/questions/linux-general-1/permissions-related-to-hosting-431333/)

WeNdeL 04-03-2006 09:41 AM
Permissions related to hosting.
 
I wasn't sure whether to post this in the Security Forum or not. If I should have, please feel free to move this post.

Ok... I am having some issues with some of the sites I am developing/hosting. I am utilizing a rather awesome CMS named Joomla. I REALLY like it and am actively developing custom sites and web-apps for people using it. One thing that is killing me about it though is the way that when the CMS writes files to disk, the ownership ends up being nobody.nobody. Which is obviously the user/group that that the webserver is running as. Here is where the problem comes in. I like to go back and edit some of the files that are put in place by the webserver. As the file is not owned by the user I use to connect to my FTP site, I cannot save the file. So I did some testing...

On my linux box at home I created a directory that is owned by a regular user and I set the group to nobody. I then su to root and create a file in this newly created directory and chown it to nobody.nobody. I then give up root and fall back to the regular user. I open the file in vi and force write-quit it. The user now owns the file. Yay!!!!

Unfortunately, I cannot get this same behavior to occur when editing via FTP. So I start thinking... Maybe I can run a cron job and have "find" execute "touch" on the files I ask it to find. Before figuring out the correct find command, I decide to test this on the command line. I quickly realize that touch won't do this for me. :(

Does anyone know a way that I can make it such that my user can edit these files that are owned by nobody.nobody yet exist in my user's directory? Is there a command that will duplicate whatever it is that vi is doing when it force write-quits a file? Granted, I could script vi to do this over and over but that would be ridiculous. Am I just missing something fundamental about permissions?

forrestt 04-03-2006 02:46 PM
If you want more than one user (you and nobody) to be able to edit the files, you will need to add group write permissions to the files in the directory, and make sure both users are in the group nobody (actually, you only need to make sure the user that DOESN'T own the file is in nobody, but adding both won't hurt). Otherwise, if you make it so you can ftp into the box and change files, then the Joomla software will not be able to modify files, and if it is able to modify files, then you will not be able to. If you are hosting Joomla on a machine you control, then you can add yourself to the nobody group (although, you probably want to run Apache as apache:apache instead and add yourself to the apache group, but that's a different rant). You will then need to modify the permissions on the files and directories in Joomla (although you probably only need to modify the files and directories under the templates directory (unless you are programming modules yourself):

# cd /path/to/joomla
# chmod -R g+w .

or change "." to "templates" if you just want to modify the templates directories. If you are just modifying a particular template, you can just change that one instead of all of them by doing:

# cd /path/to/joomla/templates
# chmod -R g+w my_template

If you don't have root control over the server, then this won't work. Post back if this doesn't work, and I'll try to walk you through any issues.

Hope this helps.

Forrest

WeNdeL 04-03-2006 11:14 PM
Hey man, the problem is that this is not my box and I cannot get ahold of root's crontab. In the past, I was having a root cronjob execute:

*/5 * * * * chown -R wendel /home/mystuff/public_html

And then my crontab looked like:

*/5 * * * * chmod -R g+w /home/mystuff/public_html

But alas, I have switched hosting providers and they won't do something as crazy as add my requested cronjob. :(

forrestt 04-04-2006 10:13 AM
In that case, you may need to delete (or move) the file on the server, and then upload your file. Just make sure that you have the file backed up somewhere.

WeNdeL 04-05-2006 01:59 PM
that was my thought as well. what a pain in the ass...

Sometimes I use JoomlaXplorer to edit files since it operates as nobody. But damn, I REALLY like using Dreamweaver to edit remote files.

So dissapointed in my host provider right now.


All times are GMT -5. The time now is 12:23 AM.