Community « Discussion forum « Installation support « Installation problem «
Comment: Installation problem
| << Previous | Next >> |
Jiji: ok, maybe some light would come from going back to the roots.
YACS has to write to any PHP script (for example, during the update process), and to other places as well (for example, to write configuration files).
As you may know, every directory and file on a Unix system has an owner, and also an associated group. It also has a set of permission flags which specify separate read, write and execute permissions for the 'user' (owner), 'group', and 'other' (everyone else with an account on the computer). The 'ls' command shows the permissions and group associated with files when used with the -l option.
To understand permissions set by the 'chmod' command, remind that these are numerically equivalent to those reported by the 'ls' command, namely:
Normally, user/group information is set based on the FTP account used to upload YACS files to the web server, for example foobar/users.
Ideally, a properly configured web server should impersonate you when executing your scripts, for example with user/group information set to foobar/nobody. In this case the server has exactly the same rights that you have through FTP, and you can 'chmod' everything to 700 if you like.
Sometimes, and this is probably where you are, the web daemon uses dedicated accounts, such as apache/www-data.
In that case the web daemon effectively has no rights to your files. How to overcome this?
Solution 1- Ask your system administrator to run your scripts with your account information, as explained before. See www.suphp.org if he is looking for an adequate solution.
Solution 2- You can attempt to 'chmod' everything to 707, to give maximum permissions to the world, including the web daemon. Check actual results with 'ls -l', since your account may be prevented to do this. For example:
Solution 3- Another option is to change group information of all files, to re-use the one of the web daemon. Then you will have to give maximum permissions to the group. For example:
Solution 4- Lastly, you can ask your system administrator to put the web user account in your own group, and then to give maximum permissions to the group. For example:
YACS has to write to any PHP script (for example, during the update process), and to other places as well (for example, to write configuration files).
As you may know, every directory and file on a Unix system has an owner, and also an associated group. It also has a set of permission flags which specify separate read, write and execute permissions for the 'user' (owner), 'group', and 'other' (everyone else with an account on the computer). The 'ls' command shows the permissions and group associated with files when used with the -l option.
To understand permissions set by the 'chmod' command, remind that these are numerically equivalent to those reported by the 'ls' command, namely:
- 7 means "may read, write, and execute"
- 6 means "may read and write"
- 4 means "may read"
- 0 means "forbidden access"
Normally, user/group information is set based on the FTP account used to upload YACS files to the web server, for example foobar/users.
Ideally, a properly configured web server should impersonate you when executing your scripts, for example with user/group information set to foobar/nobody. In this case the server has exactly the same rights that you have through FTP, and you can 'chmod' everything to 700 if you like.
Sometimes, and this is probably where you are, the web daemon uses dedicated accounts, such as apache/www-data.
In that case the web daemon effectively has no rights to your files. How to overcome this?
Solution 1- Ask your system administrator to run your scripts with your account information, as explained before. See www.suphp.org if he is looking for an adequate solution.
Solution 2- You can attempt to 'chmod' everything to 707, to give maximum permissions to the world, including the web daemon. Check actual results with 'ls -l', since your account may be prevented to do this. For example:
cd your_home_directory
chmod -R 707 .
ls -l
Solution 3- Another option is to change group information of all files, to re-use the one of the web daemon. Then you will have to give maximum permissions to the group. For example:
cd your_home_directory
chgrp -R www-data .
chmod -R 770 .
Solution 4- Lastly, you can ask your system administrator to put the web user account in your own group, and then to give maximum permissions to the group. For example:
cd your_home_directory
chmod -R 770 .
This comment has inspired:
by Bernard on Jan. 4 2006
