Environment:
OS = Debian Linux
php = PHP5 is automatically installed with Apt-get
Web server = LIGHTTPD configuration file is simple, only configure PHP path, can run PHP
Linux users two root and foo
PHP and LIGHTTPD are installed by the root user.
The root directory of the website and all files and directories under it belong to Foo
But here's the problem--!
One sentence code: foo.php
Access this foo.php with a browser, and the results foo.xml belong to root
Who could say that this is probably where the configuration problem???
Reply to discussion (solution)
30,028 posts
Locationsydney, Australia.
Posted December 2009-06:30 PM
The I normally setup Debian systems is as follows:
1) as root, create a new group called ' www ' then place yourself within. T.
sudo groupadd www
sudo gpasswd-a Www
Logout
2) make the ENTIRE/VAR/WWW directory structure is owned by ' Www-data ' and the ' www ' group. Give users belonging to the ' www ' Group Write permissions, and then set the sticky bit on the group for this directory STRUCTU Re so, any new directories created would take on these same permissions.
sudo chown-r www-data:www/var/www
sudo find/var/www-type f-exec chmod 664 {} \;
sudo find/var/www-type d-exec chmod 775 {} \;
sudo find/var/www-type d-exec chmod g+s {} \;
That's should now give you sufficient permissions to create directories and files within/var/www manually (Ie:via a termin AL). If you want these directories to being writtable by the server process you'll however need to chown them to www-data:www. Any new directories created by the Apache process would automatically be owned by Www-data:www.
3) allow users within the ' www ' group-to-change directories they own within/var/www-be-owned by ' Www-data:www '.
sudo sudoedit/etc/sudoers
Then add the following line .....
%www all = nopasswd:/bin/chown www-data/var/www/*,/bin/chown-r www-data/var/www/*
This means users within the ' WWW ' group can now execute ....
sudo chown www-data/var/www/
On directories they own, making them writtable via the Apache process.
That ' s basically it. Allot of people like to simply joins the Www-data group and set the sticky bit on/var/www but you generally don ' t want all Directories to is writtable by the Apache process.
.
http://thorpesystems.com | http://proemframework.org | Http://github.com/trq
Smtpcatcher-a very simple mock sendmail useful for testing PHP mail scripts.