Results 1 to 5 of 5

Thread: Yepp, Yet another permissions problem

  1. #1

    Default Yepp, Yet another permissions problem

    Hi all,

    I'm running OpenSuse 11.0 in a lamp configuration with Apache 2. I configured Apache with the .conf files instead of YAST because I am running virtual hosts (that's another story).

    My problem is that my server will not render the pages unless the permissions are set to 775 which I know is not necessary. This is also causing a problem because I am trying to install WordPress onto the server. WordPress will run, but it unable to upload images because it cannot create the directories required.

    Apache2 is running as 755 with root as owner and www as group.

    I changed the owner of the htdocs sub-directories to myself, and created a group that has permissions to write to the directory. WordPress runs as my user and has the same permissions (775).

    Thanks.

  2. #2
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,973

    Default Re: Yepp, Yet another permissions problem

    I do not know what you mean with "Apache is running as 755"????

    Apache should run:
    Code:
    henk@boven:~> ps -ef|grep apach
    root      2749     1  0 12:27 ?        00:00:00 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
    wwwrun    2750  2749  0 12:27 ?        00:00:00 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
    wwwrun    2751  2749  0 12:27 ?        00:00:00 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
    wwwrun    2753  2749  0 12:27 ?        00:00:00 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
    wwwrun    2754  2749  0 12:27 ?        00:00:00 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
    wwwrun    2755  2749  0 12:27 ?        00:00:00 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
    wwwrun    3351  2749  0 12:38 ?        00:00:00 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
    henk      6349  6313  0 16:30 pts/1    00:00:00 grep apach
    henk@boven:~>
    This means that it starts as root, but that it degrades it work horses to wwwrun:www. This means that where it wants to read files from your system, they must be readable (directories also searchable) by wwwrun. Most simple is of course to make them owned by wwwrun:www and readable (searchable) for the owner. Also mind that the directories in the path to the root of these files (mostly owned by root:root) are readable (and searchable) by the world.
    Henk van Velden

  3. #3

    Default Re: Yepp, Yet another permissions problem

    Thanks for the info. The 755 is the permissions on the /etc/apache2 directory. Root is the owner of that directory, www is the group.

    When I execute the grep with conditions as you did I get the same results:
    *********************************
    root 2297 1 0 09:12 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3042 2297 0 11:39 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3054 2297 0 11:44 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3114 2297 0 11:49 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3384 2297 0 12:45 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3385 2297 0 12:45 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3388 2297 0 12:46 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3389 2297 0 12:46 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3394 2297 0 12:46 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3402 2297 0 12:47 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    wwwrun 3403 2297 0 12:47 ? 00:00:00 /usr/sbin/httpd2 -f /etc/apache2/httpd.conf -k start
    arleen 3849 3839 0 12:59 pts/2 00:00:00 grep apach
    arleen@ehl3:~>
    ********************************

    The big problem I am having is that when I upload files the permissions are 600. I have to manually change them to 775 for Apache to serve the file. Otherwise there is an access forbidden - 403 error.

    It's not such a hardship to chmod in the FTP program, but I am trying to install WordPress, which gets installed in whatever sub directory of htdocs you choose. WP should run as long as it has the same owner as htdocs. But it is unable to create directories or files.

    Seems like this is a Suse problem - or at least my installation since I am able to upload and install WordPress on other web servers not related to this one without any problems.

    Thanks again.

  4. #4
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,973

    Default Re: Yepp, Yet another permissions problem

    In my systemm:
    Code:
    henk@boven:~> ls -dl /etc/apache2/
    drwxr-xr-x 10 root root 4096 apr 26 21:27 /etc/apache2/
    henk@boven:~>
    Why is this different from yours? The statement "Apache is running as 755" has no connection to this and is nonsense on its own.

    When you upload, where does it go? IMHO you should do less telling of stories and show more computer output. Like: "when i upload it comes out like:
    Code:
    ls -l <the uploaded file>
    Then we see what the system did and not what you think that the system did.
    Henk van Velden

  5. #5
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Yepp, Yet another permissions problem

    Quote Originally Posted by amwest View Post
    Thanks for the info. The 755 is the permissions on the /etc/apache2 directory. Root is the owner of that directory, www is the group.

    ...

    The big problem I am having is that when I upload files the permissions are 600. I have to manually change them to 775 for Apache to serve the file. Otherwise there is an access forbidden - 403 error.

    It's not such a hardship to chmod in the FTP program, but I am trying to install WordPress, which gets installed in whatever sub directory of htdocs you choose. WP should run as long as it has the same owner as htdocs. But it is unable to create directories or files.
    You have some strange ideas there about how processes, ownership and permissions interact that it's hard to know where to start to disabuse you of your misconceptions.

    Simplest is to let the ftp program chmod to 644. The owner on the WP files is not relevant as long as the files are readable because Apache runs as wwwrun:www.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •