I've setup a new web server, I have created a user 'webuser', and have added the user to the group 'www-data'. When I try to upload a file via SFTP to /var/www/html I get an Permission Denied error.
So far I've tried;
usermod -aG www-data webuser
chown -R www-data:www-data /var/www/html
chmod -R 775 /var/www/html
None of these have allowed write permission on /var/www/html
The details of the folder are:
drwxrwxr-x 9 www-data www-data 4096 Oct 10 10:00 html
Related
+x Permission is provided for user and directory is owned by the user.
drwxr-xr-x. 3 www-data www-data 19 Nov 30 10:41 www
Still, I am unable to access the directory.
www-data is Nginx and PHP-fpm user. When I try su www-data I can't access any directory inside /var although I can do cd /var.
You can check if this account has a login access, by checking items in /etc/passwd.
If it has a "nologin", you can't login with this us
I have added jenkins to the www-data group
jenkins : jenkins www-data
Which owns my html folder
drwxrwxr-x 12 www-data www-data 4096 Sep 4 14:18 html
I try and copy a folder from the build
cp -R resources /var/www/html
but I get the errors
cp: cannot create regular file '/var/www/html/resources/assets/js/app.js': Permission denied
all the files and subfiles are owned by www-data and in the www-data group but I still get the error
cp: cannot create regular file '/var/www/html/resources/assets/js/app.js': Permission denied
i have a folder which contain uploaded file. for example /var/www/app/storage/public :
ls -al /var/www/app/storage/public
-rw-r--r-- 1 www-data www-data 835870 Aug 22 13:42 8b4c4e2a3d64.pdf
-rw-r--r-- 1 www-data www-data 835870 Aug 22 13:24 3d326ab2b3bc.pdf
I want to make a script to clean up that directory without using root user. What should i do if i want to delete those files using ordinary user like sanders so i can do something like:
sanders#localhost:~$ rm -rf /var/www/app/storage/public
Thank you :)
You will have to add this user to your "www-data" group:
sudo usermod -a -G www-data sanders
Then, make sure your folders have the correct group permissions:
sudo chgrp -R www-data /var/www/app/storage/public
sudo chmod -R g+w /var/www/app/storage/public
I'm not using SELinux, and still I can't get the apache user to create files in my cache storage directory. Can this work without using chown to change the user to the actual apache user?
[root#server live_storage]# getenforce
Disabled
[root#server live_storage]# su -s /bin/bash -c 'touch /home/admin/live_storage/c50d02d942c0a3d.cache' apache
touch: cannot touch ‘/home/admin/live_storage/c50d02d942c0a3d.cache’:
Permission denied
[root#server admin]# ls -lsa
total 84
4 drwx------. 10 admin admin 4096 24 mei 10:32 .
4 drwxr-xr-x. 3 root root 4096 9 mei 11:12 ..
4 drwxrwxrwx 3 admin admin 4096 24 mei 10:33 live_storage
[admin#server live_storage]$ touch '/home/admin/live_storage/c50d02d942c0a3d.cache'
[admin#server live_storage]$ ls '/home/admin/live_storage/c50d02d942c0a3d.cache'
/home/admin/live_storage/c50d02d942c0a3d.cache
Figured it out. Apache didn't have execute rights on the /home/admin directory. chmod +x /home/admin fixed the problem
I created an apache web server using CFT; this is using RHEL 7. In order to allow ec2-user to modify files in apache document root folder, I added the following in CFT (taken from var/log/cloud-init.log)
Jun 30 16:11:15 ip-10-205-0-135 cloud-init: groupadd www Jun 30 16:11:16 ip-10-205-0-135 cloud-init: usermod -a -G www ec2-user Jun 30 16:11:16 ip-10-205-0-135 cloud-init: chown -R root:www /var/www Jun 30 16:11:16 ip-10-205-0-135 cloud-init: chmod 2775 /var/www Jun 30 16:11:16 ip-10-205-0-135 cloud-init: find /var/www -type d -exec chmod 2775 {} \; Jun 30 16:11:16 ip-10-205-0-135 cloud-init: find /var/www -type f -exec chmod 0664 {} \;
As you can see from log, this went fine. However, when logged under ec2, it gives permission error as below:
[ec2-user#ip-10-206-32-92 html]$ aws s3 sync s3://gfrepo/releases releases download failed: s3://gfrepo/releases/binaries.html to releases/binaries.html [Errno 13] Permission denied: u'/var/www/html/releases/binaries.html' download failed: s3://gfrepo/releases/B1556013/B1556013.jar to releases/B1556013/B1556013.jar Could not create directory /var/www/html/releases/B1556013: [Errno 13] Permission denied: '/var/www/html/releases/B1556013'
I ended up elevating my permission as sudo to complete s3 sync. Not sure why it's giving permission error for ec2-user. Here are the listing of the permissions:
[ec2-user#ip-10-206-32-92 www]$ ls -l total 0
drwxrwsr-x. 2 root www 6 Mar 21 02:33 cgi-bin
drwxrwsr-x. 3 root www 55 Jun 30 16:11 html
[ec2-user#ip-10-206-32-92 www]$ groups ec2-user
ec2-user : ec2-user adm wheel systemd-journal www
As you can see ec2-user is part of www group and www is the owner of html sub-dir
You have to make sure the ec2-user belongs to the group that has write permission
if the directory /var/www/html is owned by root it will not let you write to the folder.
first do you an ls -l on /var/www/html
find out what's the group name, it's next to user
then issue this command
sudo usermod -a -G www ec2-user
You need to add ec2-user to the www group
You're logged in ec2-user, although you're issuing an aws s3 sync command, you need permission to write to the permissible directory, that's why it's failing.
This directory /var/www/html/releases/ does not have the permission.
Could not create directory /var/www/html/releases/B1556013 <----
or su to root and try the command.