Files and directories remain unwritable after permissions change - linux

I am having this issue that I just don't seem to wrap my head around.
I uploaded a joomla site throught FTP, But all files and directories are unwritable. I have changed the owner and group to apache/apache ... tried every possible combination there is. But I seriously just don't understand the logic. Guys any help would be appreciated ... I have been trying for the last week to figure it out without success.
The apache server is running under user apache and group apache.
File permissions don't seem to change. Althought I ran:
sudo find /var/www/html -type f -exec chmod 644 {} \;
sudo find /var/www/html -type d -exec chmod 755 {} \;
I still get the following permission for directories
drwxr-xr-x.

I finally got it. If you run into the same problem, you may want to check this document out
https://superuser.com/questions/298373/file-still-unwriteable-in-var-www-html-after-the-chmod-command

Related

Ubuntu webserver permissions setup for Magento2

I am struggling with a proper setup of users and permissions on folders for Magento2. Site is installed in /var/www/html, web server is Apache operating as www-data:www-data on Ubuntu 16.04.
My command line user is mosadmin, but it doesn't have read and write permissions on some folders, so I am calling most of the commands using sudo.
Everything works fine if I set www-data as owner and group of everything:
$ sudo chown -R www-data: /var/www/html
The problem is, that when I install modules or do some admin tasks, I usually have to call
$ sudo php bin/magento setup:upgrade
$ sudo php bin/magento setup:static-content:deploy
When I do this, some folders like some subfolders of var/generation or var/cache get root:root as owner and Magento cannot write there. This triggers errors and takes the whole site down unless I manually revert everything to www-data again.
Obviously, I want permissions set so, that I don't have to touch them anymore and make sure, that even after calling admin commands the site will stay working. I've tried several things, but none of it worked 100%.
One thing I tried was set the guide bit on some of the folders, which makes sure that newly generated subfolders will inherit parent folder group instead of the group of the user calling the command:
$ cd /var/www/html
$ sudo chmod -R g+s pub/static pub/media var/cache var/generation
This seems to fix the problem with cache folders being unwritable, but I still get the errors in var/generation. The problem here is, that some folders there regenerate with root:www-data owners, and because they have permissions 755, group/apache cannot write there and I am screwed.
I think umask is supposed to solve this, but strangely enough when I call umask, it gives me 0002, so that should give write permissions to the group. Still when I do sudo mkdir test, it has permissions 755. If I change the umask to something else like umask 0022, nothing changes and the permissions still stay the same for new folders.
I am no Linux guru and am slowly running out of ideas. Is there any better way to set this so that I don't have to revert owner of all files after each content regeneration?
cd
`find . -type f -exec chmod 644 {} \; // 644 permission for files
find . -type d -exec chmod 755 {} \; // 755 permission for directory
find ./var -type d -exec chmod 777 {} \; // 777 permission for var folder
find ./pub/media -type d -exec chmod 777 {} \;
find ./pub/static -type d -exec chmod 777 {} \;
chmod 777 ./app/etc
chmod 644 ./app/etc/*.xml
chown -R :
chmod u+x bin/magento`

Linux Wordpress can't not write wp-config file

I installed the latest version of Apache2 / PHP / MYSQL on my pc
In the directory /srv/www/htdocs I created a directory wordpress with all wordpress file.
Then, when I tried to create the wp-config file through the web interface I get this error :
Sorry, but i can't write the wp-config file.
I tried this command to change the group of /src/www/htdocs/wordpress
chown -R root:root /srv/www/htdocs/wordpress
But it was not working. After some research, i seen lot of people saying to change the group to www-data but i do not see www-data using this commande :
cut -d: -f1 /etc/group
Anyone know what I am doing wrong ?
Sorry about my poor english.
This is what worked for me. (I'm a beginner and I'm using Debian 8)
First I checked the Apache config file to find the group that apache uses. In my case it was www-data.
grep ^Group /etc/apache2/httpd.conf
I checked my /etc/group file and the group www-data was there.
Then I changed the group ownership of my wordpress directory from root to www-data.
chown -R root:www-data /var/www/html/wordpress
I changed the permissions of my wordpress folder to 755 for directories and 644 for files, following the recommendations of other sites.
find /var/www/html/wordpress -type d -exec chmod 755 {} \;
find /var/www/html/wordpress -type f -exec chmod 644 {} \;
But since we want to give write permissions to the group www-admin for the wordpress folder and subfolders, I changed the permissions for directories to 775:
find /var/www/html/wordpress -type d -exec chmod 775 {} \;
Then it worked: All right, sparky! You’ve made it through this part of the installation. WordPress can now communicate with your database. If you are ready, time now to…
Notes: The username and password of my myssql database was root/root. The username I was using to login to my computer was root and the password was something different than root. Just in case I changed my password to root, so the credentials of mysql and my local account are the same. I don't know if by having the same name (root) they are the same account.
Sounds like www-data is not the group name used by apache on your system. To find what it actually uses, try the following:
ps xO gid | head -n 1; ps xO gid | grep httpd
(That's a capital O, not a zero). The column GID (probably the second column) is the numeric group ID that apache is running under. Look up its name in /etc/group.
unable to write to wp-config.php file.
I had this problem in my ubuntu 20.04, WordPress 5.x. I solved this issue with these steps:
First, change the group ownership of the WordPress directory from root to www-data.
sudo chown -R root:www-data /var/www/html/wordpress
Then change your WordPress folders permission by this command.
sudo find /var/www/html/wordpress -type d -exec chmod 755 {} \;
Then change your WordPress files permission by this command.
sudo find /var/www/html/wordpress -type f -exec chmod 644 {} \;
Run the installation again.
Even though I implemented CHOWN & CHMOD steps, but the issue was still persisting, then I found another scenario where this/same error could occur because of SELINUX CONTEXT issue (lack of write permission context).
To solve that - You can change Apache/HTTPD write context with in the web-content folder like this (Specific to the Debian environment, as mentioned in this question):
chcon -R -t httpd_sys_rw_content_t /src/www/htdocs
OR (on CentOS/Fedora):
chcon -R -t httpd_sys_rw_content_t /var/www/html
You can validate the output like this (on CentOS/Fedora):
# pwd
# /var/www
Notice the output of below command having changed RW (Read/Write) context on html (web-content) folder:
# ls -ltrZ
# drwxrwxr-x. 2 apache apache system_u:object_r:httpd_sys_script_exec_t:s0 4096 Jul 9 20:45 cgi-bin
# drwxrwxr-x. 5 apache apache system_u:object_r:httpd_sys_rw_content_t:s0 4096 Jul 14 19:28 html
NOTE: Do validate the Path, Web Server User-Names, and SELINUX write-context as per your environment before executing above commands.
You have to need permission..... Just open the terminal and execute: sudo chmod -R 777 /opt/lampp/htdocs/yourfolder
Example output

Restore permission denied on Ubuntu for files/folders

I've recently uploaded a cakephp web app on apache2 on a Linux server on an amazon ec2 instance. In order to edit files for development, i use filezilla to open files, make changes locally and then upload them. But to go around permissions to read write, I use:
sudo chmod 777 /var/www/myFolder/ -R
Only problem is, once I'm done editing, I don't know how to revert back to restricting permissions to avoid security issues.
I now need to make virtual hosts so to add conf file in etc/apache2 I need to make it writeable. How to make the folder unwriteable again?
Give these two a whack:
sudo find /var/www/yourfolder -type d -print0 | xargs -0 chmod 755
sudo find /var/www/yourfolder -type f -print0 | xargs -0 chmod 644
The first one sets the correct permissions for directories recursively, and the second one the correct permissions for the files. It's pretty well the standard permission set for apache servers.
Edit: for apache2.conf if you applied permissions recursively and need to change back - replace /var/www/ in the commands above with /etc/apache2/

Magento file permissions change after system backup - Cause 500 error

I'm having problems with Magento when doing a system backup. Every time I do a system backup Magento changes the file permissions and causes a 500 server error when the backup has completed and the admin screen is reloaded.
The problem is the same as this unanswered question. I am not setting 'maintenance mode' on. : https://stackoverflow.com/questions/13107963/magento-file-permissions-changing-to-chmod-666-after-system-backup
Can anyone tell me how to stop this from happening. It's a pain to have to reset the permissions every time I do a backup.
The problem comes about because Magento Backup sets permissions on files.
The offending piece of work is lib/Mage/Archive/Helper/File.php
In it you find a function public function open($mode = \'w+\', $chmod = 0666)
This causes issues where permissions are changed globally.
If you must use Magento's site crippling backup, then you must run a script to set the file/folder permissions back.
ssh commands (can be run as a shell script)
For Magento where PHP is running through FastCGI, suPHP, or LSAPI:
find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
chmod 500 pear
chmod 500 mage #for magento 1.5+
For Magento where PHP is running as a DSO module under Apache:
find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
chmod o+w var var/.htaccess app/etc
chmod 550 pear
chmod 550 mage #for magento 1.5+
chmod -R o+w media
For Magento to function, var/ and media/ may need to be recursively set to 777
From MagentoCommerce permissions settings page which also has a php script linked about halfway down that can be run to set permissions.
The other option is to dump Magento's backup system and do a roll-your-own approach with tar and mysqldump. Note: this will require plenty of free space to temporarily store the tar file till you download it unless you exclude the media/ folder and do the media folder backup in a different manner.
tar -czf magentobu.tgz --exclude="public_html/var/*" --exclude="public_html/media/catalog/product/cache/*" public_html
mysqldump -u $USER -p$PASS $DBASE > magentodb.sql
And copy the resulting files over to your offsite storage whether its your workstation, S3 bucket or vps.
Another option is to set up a system that you can rsync your Magento system to as well as pulling over a mysql dump file created once daily. Doing this, you can have a continuous, up-to-the-minute full site mirror that doesn't incur extra storage space on the server while you wait to pull the backup offsite.

Setting up permissions for WordPress on Amazon EC2 (Amazon Linux)

I setup WordPress on an Amazon EC2 instance. It's using Amazon Linux and is a standard setup (just php5 and mysql).
WordPress works fine, but there's some permission issues. Specifically I can't upload media, update permalink, plugins, etc. I have no write permission under the ec2-user and because I uploaded all the files over WinSCP the current owner is ec2-user.
My question is what's the best way to correct this issue? I could probably fix it by changing ownership of all folders/files to root, but that's not a very elegant or dynamic solution.
The path to my web directory is /var/www/html. Can I allow the ec2-user the correct permissions? Perhaps by having a group that both the Apache user and ec2-user share?
Any ideas would be appreciated
See http://blog.david-jensen.com/development/wordpress-amazon-ec2-apache-permissions-wordpress/ among other Google results. He looks to have had good luck:
I have been doing my best to figure out the Amazon EC2 Apache setup of
permissions to enable WordPress to be able to manage all of the files
on my Amazon EC2 instance without WordPress asking for FTP permissions
when I try to upload a plugin or theme via the Admin site. I ended up
having to give file and group ownership of the files in my html folder
to apache user for WordPress to run correctly.
http://www.chrisabernethy.com/why-wordpress-asks-connection-info/ and
its comments helped me reach this conclusion.
From the webpage:
Run
sudo su chown -R apache:apache /vol/html
I then set permissions to what the hardening WordPress guide recommends for my html root as all my WordPress files are there as I am running MultiSite with multiple domains.
find /vol/html/ -type d -exec chmod 755 {} \;
find /vol/html/ -type f -exec chmod 644 {} \;
As apache doesn’t have a login I feel this is worth the risk though there is probably a better way to do this. I then added ec2-user to the apache group and changed the permissions of the wp-content folder to have group write permission 775.
useradd -G apache ec2-user
sudo chmod -R 775 /vol/html/wp-content
This allows FileZilla or any other program logged in as ec2-user the ability to change files and folders in the wp-content folder only. If anyone has a better way of doing this I would like to know. I am only using SSH and SFTP to access the server with key files.
I set the owner to ec2-user:apache, then perform the hardening, then adjust the group read+write permissions for the folders.
sudo chown -R ec2-user:apache /vol/html
sudo chmod -R 755 /vol/html
sudo find /vol/html/ -type d -exec chmod 755 {} \;
sudo find /vol/html/ -type f -exec chmod 644 {} \;
sudo chgrp -R apache /vol/html
sudo chmod -R g+rw /vol/html
sudo chmod -R g+s /vol/html
Then edit /wordpress-install/wp-config.php and define the fs_method
define('FS_METHOD', 'direct');
Now wordpress can update/upload, etc. And you can still SFTP files without changing the permissions every time.
I tried the solution provided in the answer by #markratledge for my AWS EC2 instance (Amazon Linux).
Wordpress(apache) was good, but SFTP(ec2-user) was giving permission errors.
Then I tried the following:
I added ec2-user to the apache group:
usermod -a -G apache ec2-user
Next I set 'apache' as owner group and 'ec2-user' as owner user for the WordPress installation directory (/var/www/html in my case):
chown -R apache:ec2-user /var/www/html
Finally, WordPress was happy and I could SFTP too. Thanks!
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hosting-wordpress.html
To fix file permissions for the Apache web server
Some of the available features in WordPress require write access to
the Apache document root (such as uploading media though the
Administration screens). The web server runs as the apache user, so
you need to add that user to the www group that was created in the
LAMP web server tutorial.
Add the apache user to the www group.
[ec2-user wordpress]$ sudo usermod -a -G www apache Change the file
ownership of /var/www and its contents to the apache user.
[ec2-user wordpress]$ sudo chown -R apache /var/www Change the group
ownership of /var/www and its contents to the www group.
[ec2-user wordpress]$ sudo chgrp -R www /var/www Change the directory
permissions of /var/www and its subdirectories to add group write
permissions and to set the group ID on future subdirectories.
[ec2-user wordpress]$ sudo chmod 2775 /var/www [ec2-user wordpress]$
find /var/www -type d -exec sudo chmod 2775 {} \; Recursively change
the file permissions of /var/www and its subdirectories to add group
write permissions.
[ec2-user wordpress]$ find /var/www -type f -exec sudo chmod 0664 {}
\; Restart the Apache web server to pick up the new group and
permissions.
[ec2-user wordpress]$ sudo service httpd restart Stopping httpd:
[ OK ] Starting httpd: [
OK ]
I came across this question searching for the answer. I set all ownership and group ownership to Apache. However, if I want to upload something ftp I have to ssh change permissions to ec2-user upload the file and change it back. I figured it was a small price to pay to have the permissions set to WordPress's recommended settings.

Resources