ansaurus

Question

A general linux file permissions question: Apache and WordPress

Answer 1

+2 A:

You can give ownership to www-data according to here.

Run the following command in your WordPress directory (sudo required):

sudo chown -Rf www-data *

Works for Apache.

KahWee Teng 2009-07-11 13:18:58

That works fine, but then I can't edit those files with my regular user and this is what freaks me out.. :(

kovshenin 2009-07-11 13:24:12

Are they not still group owned by kovshenin? You ought to be able to still edit them if they are.If not then you could try making the user kovshenin a member of the group that they are owned by and use newgrp to change your group to that before editing them.

Troubadour 2009-07-11 13:39:20

They are group owned by kovshenin, but new files which I'll upload from the user kovshenin will become kovshenin:kovshenin and I'd have to chown again. I'm setting up the hosting for a few clients of mine and I'd like their files to be kovshenin:kovshenin style, not apache (or www-data). I wonder how MediaTemple did that..

kovshenin 2009-07-11 13:42:46

You can add your regular user to the www-data group or you could also append sudo in the beginning of your command.

KahWee Teng 2009-07-11 13:44:43

What command? Please read what I'm trying to do, it's not that simple.. There are no additional groups.

kovshenin 2009-07-11 13:49:48

caf has an answer that you want.

KahWee Teng 2009-07-11 16:35:16

Answer 2

+4 A:

What should I do to make them readable and writable by both kovshenin and apache?

Create a new group, say "wordpress".
Add both koveshenin and www-data users to the wordpress group.
Change the group owner of all the files to wordpress (using chgrp).
Make sure all the files are group writeable.
Set the g+s (setgid) permission bit on all the directories of interest.
Make sure kovshenin and apache's default umask includes group read & write permission.

The second last step is the trick. It means that whenever kovshenin or apache creates a file in those directories, the group owner will be set to wordpress (instead of kovshenin or apache).

caf 2009-07-11 13:58:08

Okay this is closer, thanks so much, but how come the user www-data and kovshenin on the Media Temple shared hosting account don't have additional groups? What's that trick called? ;)

kovshenin 2009-07-11 14:11:21

Hard to say, but the shared hosting account might be set up using phpsuexec.

caf 2009-07-11 14:39:17

Okay caf, will check that out, thank you.

kovshenin 2009-07-11 14:42:52

Hey there caf, one more question. I changed the group owner of all the files and dirs in the wp folder to apache, the owner is still kovshenin, so it's kovshenin:apache and the rights are 0775, so both kovshenin and apache have rights to read write and execute files. Works fine. I did the g+s part, new files are created with kovshenin:apache, all fine, BUT, the rights for the new file are 755. How do I fix that for 775? Tried settings g+ws.. Doesn't seem to work. Any ideas?Thanks once more.

kovshenin 2009-07-11 17:44:08

Oh, sorry, that must be the umask.. =)

kovshenin 2009-07-11 17:48:01

Yes, your umask is probably 0022, you need to set it to 0002. By the way, kovshenin doesn't even need to be in the 'apache' group for this to work.

caf 2009-07-12 05:33:58

Could you elaborate a bit on how to set the umask ?I'm running Debian and I've tried setting it in .bashrc for the user, however to no avail.

Steffen 2010-06-08 17:42:40

@Steffen: Setting it in `.bashrc` will work for normal user accounts; for `apache` started from `init.d`, you can add a line setting the umask in `/etc/default/apache2`.

caf 2010-06-08 22:06:46

I'll try that out, thanks.Just one more question: setgid - is it a command or ? I tried typing setgid on Debian, and it didn't know it (could find anything through apt either)

Steffen 2010-06-09 06:15:45

@Steffen: The "setgid" bit is a file permissions bit - so it's set by `chmod`. In particular, you want `chmod g+s` on the directories of interest.

caf 2010-06-09 06:42:30

@caf: Aaah excellent, then I get it :-)Well I'll give it a try tonight, thanks alot for the elaboration.

Steffen 2010-06-09 06:55:59

I've gotten most of it to work, though I still have no luck with automatic updates in wordpress.All files 775 (chmod), the owner is my user, and the group is wordpress. Furthermore I setup my users default group to be wordpress, and set g+s on all directories (and files I think, just did a * :-D)Files are however still created with 644 rights, so my umask isn't in effect I guess.Anyway that's a minor issue, what's more important is that wordpress still asks for FTP access. Could it perhaps be that wordpress must be the owner of the files ? (chown)

Steffen 2010-06-10 18:36:42

@Steffen: If wordpress isn't the owner, the files will have to be 644 (and the directories 2775).

caf 2010-06-10 23:25:56

@caf: what's the first 2 in the directories ? I always thought there was only owner group guest ?Anyway all files and directories are 775 already.

Steffen 2010-06-11 09:23:36

Oh well I give up on it now, I'll just settle on FTP access to update, at least that works out of the box :-D

Steffen 2010-06-14 05:16:02

Answer 3

A:

I had the same problem and I solved it turning off PHP 'safe_mode' in plesk, now WP can create folders and move files without any problems.

I hope this help you.

Fede 2009-12-15 19:30:48

ansaurus

tags:

views:

answers:

A general linux file permissions question: Apache and WordPress

related questions