Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am running software on a server which states that the file permissions should be:
cd /var/www/example.com/domain
chown -R $USER:www-data .
However, my server has no www-data account. httpd in centos runs as nobody.
As well. $USER could be anything from root to any other logged in user depending on how they are accessing the server - for example, when I login into the server via ssh I'm root, so in that case the user would root. I can also login as a user with name this-is-my-name in which case the $USER would be this-is-my-name.
www-data is not an account, but a group.
My guess is that the documentation of your software assumes you are logged into a certain account, but it's hard to guess the intentions of unknown software.
Distribution: openSUSE, Raspbian, Slackware. Previous: MacOS, Red Hat, Coherent, Consensys SVR4.2, Tru64, Solaris
Posts: 2,799
Rep:
Quote:
Originally Posted by bulgin
... for example, when I login into the server via ssh I'm root, so in that case the user would root. I can also login as a user with name this-is-my-name in which case the $USER would be this-is-my-name.
So what's the story?
Interesting that you are using ssh to directly get on the server as root. Normally, I would expect the root user to be restricted to logging into the server at the console. I thought this would be the norm on Linux these days. (Check /etc/securetty for "pts" entries.) I can't recall if the distributions I've been using do it by default or whether I've just gotten used to locking things down as a habit---I've been restricting root's access to either the physical console ("Hey! Who let you into the data center?"), via a "regular" user who has to use "su" to become root (which gets logged), or temporarily becoming root via "sudo" (again, logged). Many (many) years ago, we got called out by the internal auditors for not being as attentive as we should have been about root access on some of the servers we inherited during a corporate acquisition/re-org and had to go about locking things down (after we wiped the egg off our faces). Not allowing root to login directly via the network was the first fix we instituted.
www-data is specific to Debian/Ubuntu and derivatives so I'm wondering what software you are running on CentOS and where the instructions come from. See post 3 & 4 at the thread linked below.
I am running software on a server which states that the file permissions should be:
cd /var/www/example.com/domain
chown -R $USER:www-data .
However, my server has no www-data account. httpd in centos runs as nobody.
As well. $USER could be anything from root to any other logged in user depending on how they are accessing the server - for example, when I login into the server via ssh I'm root, so in that case the user would root. I can also login as a user with name this-is-my-name in which case the $USER would be this-is-my-name.
So what's the story?
The current (as of CentOS 7) default user for the web server is apache. It used to be nobody, and as I've upgraded over the years I've found it convenient to just keep it as nobody. The user is defined in the httpd.conf file with the User and Group directives.
In my experience, a directory should only be owned by the web user if there is an application which is creating or writing to files in that directory. Otherwise it is as you say, the content may be owned by any user as long as it's readable by the web user, which is accomplished by having directories permies set to 755 and file permies set to 644.
That said, the software is telling you to just change the group for all files in the directory, and the directory itself, to the user you're logged in as with the group set to your web server's group. See what's set on the Group directive in httpd.conf and replace www-data with that group name. It doesn't (probably) matter which user that is...the point is to change the group.
I too would question what software it is that's instructing that, however. I wonder what those instructions think changing the group will accomplish.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.