Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I don't know much about this. I have a Ubuntu 20.04 Server for my little homework webpage.
I just made an upload form for students to send me files.
I had public_html permissions set to 750. That didn't work.
I tried 755, upload kind of worked, except the uploaded file could not be written to the target directory
/public_html/uploads20BE/php/uploads/
PHP error was: permission denied
Only after I set permissions in public_html to 777 could PHP send my file to the target directory.
Do I need different permissions for every folder??
Consider which files your server needs to be able to read to serve a page, and you can answer if the permissions need to be applied recursively or not, to files and folders.
But, more importantly, also consider file ownership, also group membership! It's usually (almost always) safer to adjust that, to make things work.
chmod 777, otoh, is extremely unsafe and shoul really never be used, server or not.
As which user does your server software and PHP run?
While the master process is probably root, the workers usually run as www-data:
Code:
$> ps aux | grep -E 'nginx|php'
root 581 0.0 0.2 214184 7192 ? Ss 2021 8:20 php-fpm: master process (/etc/php/7.3/fpm/php-fpm.conf)
www-data 3816 0.1 0.7 217168 27392 ? S 14:51 0:21 php-fpm: pool www
www-data 6485 0.1 0.9 222228 34288 ? S Feb10 2:16 php-fpm: pool www
www-data 22339 0.2 0.7 215612 27000 ? S 08:01 1:38 php-fpm: pool www
root 29139 0.0 0.0 18852 784 ? Ss 11:42 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 29140 0.0 0.1 19440 5888 ? S 11:42 0:24 nginx: worker process
In this scenario
Code:
#> chown -R www-data:www-data /public_html
might already help (after undoing all your chmod shenanigans).
I can imagine, 777 is maybe not so good (good thing it is only a homework page), but it was the only way I could get PHP to park the file where I wanted it!
On my laptop, I have /var/www/html/ set to: owner: pedro, group www-data
That works at home. I always try everything here first, then upload when I know it works.
So I set the server the same: /var/www/mywebpage.com/public_html/ owner: pedro, group www-data (This is the first time I have a cloud server, before I only had shared hosting.)
You seem to be saying, I should make the owner www-data? (and add myself to group www-data??)
On the server, pedro is a sudoer.
If I set everything to owner www-data, when it comes to editing files on the server, will I have problems??
Following advice from LQ, I often run these commands, because when I copy a file into /var/www/html/ at home, www-data can't touch it.
The directory to which the uploads are to be saved needs to be writable by the web user…the one that is running the PHP script. I usually do that by setting the owner of that directory to the web user. Permissions to 755. Just that one directory…not “everything”.
You (pedro) should still be able to read the files therein.
A student clicks a button on the webpage and the data are sent.
Your web server is running the script.
AFAIK, PHP is automatically started by your web server, so it runs as the same user.
Web servers ususally run as www-data - look at its config file to make sure.
Lesson learned: on a server owner, group should be www-data!
Only for the specific directories and files which need to be written by the web server. Everything else should belong to other accounts and groups, as read-only access is all that's needed for basic web services. Think in terms of least privilege and privilege separation.
No, and no, at least not in any way that will reduce the trouble.
If two or more accounts are to share write access to part of the file system then you'll have to use the appropriate permissions. The chown, chgrp and chmod you showed in the first part of #3 were very close.
pedro@ebs-105224:/var/www/mywebpage.com/public_html/20BE1cw$ ls -al
total 300
drwxrwsr-x 3 pedro www-data 4096 Nov 17 07:50 .
drwxrwsr-x 21 pedro www-data 4096 Feb 12 12:12 ..
-rw-rw-r-- 1 pedro www-data 2450 Oct 14 10:34 20BE1leitfile.html.php
-rw-rw-r-- 1 pedro www-data 21053 Oct 14 10:34 20BE1wW1.html.php
-rw-rw-r-- 1 pedro www-data 10985 Nov 17 12:12 20BE1wW11.html.php
-rw-rw-r-- 1 pedro www-data 21300 Oct 14 10:34 20BE1wW2.html.php
-rw-rw-r-- 1 pedro www-data 21350 Oct 14 10:34 20BE1wW3.html.php
-rw-rw-r-- 1 pedro www-data 20342 Oct 14 10:34 20BE1wW3html.php
-rw-rw-r-- 1 pedro www-data 18523 Oct 14 10:34 20BE1wW4.html.php
-rw-rw-r-- 1 pedro www-data 26821 Oct 14 10:34 20BE1wW5.html.php
-rw-rw-r-- 1 pedro www-data 22267 Oct 14 10:34 20BE1wW6.html.php
-rw-rw-r-- 1 pedro www-data 16538 Oct 14 10:34 20BEsW1.html.php
-rw-rw-r-- 1 pedro www-data 18854 Oct 14 10:34 20BEsW2.html.php
-rw-rw-r-- 1 pedro www-data 2211 Oct 14 10:34 changePW.php
-rw-rw-r-- 1 pedro www-data 2632 Oct 14 10:34 changePW_form.php
-rw-rw-r-- 1 pedro www-data 1482 Oct 14 10:34 checkboxes_fieldset.html
-rw-rw-r-- 1 pedro www-data 407 Oct 14 10:34 conn.php
-rw-rw-r-- 1 pedro www-data 809 Oct 14 10:34 function.js
-rw-rw-r-- 1 pedro www-data 1406 Oct 14 10:34 holiday_week_page.html
-rw-rw-r-- 1 pedro www-data 3879 Nov 17 12:09 index.php
-rw-rw-r-- 1 pedro www-data 1406 Oct 14 10:34 jsclock.html.php
-rw-rw-r-- 1 pedro www-data 5863 Nov 17 09:38 login.php
-rw-rw-r-- 1 pedro www-data 3566 Oct 14 10:34 login.php.backup
-rw-rw-r-- 1 pedro www-data 3568 Oct 14 10:34 login.php.backup2
-rw-rw-r-- 1 pedro www-data 5636 Nov 17 07:36 login.php~
drwxrwsr-x 2 pedro www-data 4096 Nov 17 07:51 php
-rw-rw-r-- 1 pedro www-data 2445 Oct 14 10:34 register.php
-rw-rw-r-- 1 pedro www-data 3067 Oct 14 10:34 register_form.php
-rw-rw-r-- 1 pedro www-data 1226 Oct 14 10:34 register_success.html.php pedro@ebs-105224:/var/www/mywebpage.com/public_html/20BE1cw$
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.