On Aug 8, 2013, at 12:20 PM, John Iliffe <john.iliffe@xxxxxxxxx> wrote: > Apache has to start as root so it can get permission on the socket > (presumably 80). It then does an su to the uid it runs under. Could be > apache but you can have anything you want. It does not need write or > execute on any of the page directories just read. They could be owned by > you or you might just be in the same group so you can update them. > > You have a LOT of options, read the docs! > > Regards, and good luck > > John > ===================================== > On Wednesday 07 August 2013 19:42:47 Noah Duffy wrote: >> On Aug 7, 2013, at 6:36 PM, Yehuda Katz <yehuda@xxxxxxxxxx> wrote: >>> Check out how the default configuration of apache works on >>> Debian/Ubuntu. They run as the user www-data and have the correct >>> permissions set on the /var/www folder. >> >> I'm running Ubuntu Server 12.04 and just checked the default permissions >> on /var/www and the owner is actually root. Apache is run as www-data, >> however. >> >> The problem I'm having is knowing exactly what to do. Someone has >> already suggested not having the owner of /var/www be the same user >> that is running Apache. I'm not one to say if that is correct or not, >> but it confuses me a little more on how to make sure the directory is >> writable for any PHP I may be using. WordPress may be a bad example, but here's what I'm trying to accomplish: I'm going to be using a blogging platform called Dropplets. It's very simple and pretty much just generates static pages from text files to create the entries. When installing, there are just a few files and directories which contain the pages and PHP. Upon first visit, it has you enter your admin password and then it generates a config file. That file cannot be generated if Apache (or the user) does not have write permissions to the web directory. Even if I temporarily change the permissions, uploading posts would have to be done over SFTP instead of through the website. This doesn't bother me, but it does make it take just a few more steps. So, should I not give write permissions to any other user other than myself? Currently, I created a new directory under /srv for the files to be hosted and made the owner and group www-data. I then added myself as a user to the www-data group so files could make changes and the site could create whatever files it needed to. Would that not be safe? I hope no one feels like I'm beating this subject, I'm just trying to get a better understanding. :) Thanks again! -- Noah Duffy noahduffy@xxxxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|