2

I recently moved a Symfony 1.3.2 website (a PHP web framework), from a windows machine to Linux (Ubuntu 9.10).

Ever since then, I have had all kinds of problems involving file permission (even though the app run without any of these problems on windows).

I run symfony fix-perms which applied a 777 mask to the web directory (presumably, including its sub folders) - (as an aside) I think that is a potential security hole ... I have been meaning to come in here to ask how to correctly set permissions.

Currently, when attempting to save a file from my website, I am getting the following error:

PHP Warning: imagejpeg() [0function.imagejpeg0]: Unable to open '/home/morpheous/work/webdev/frameworks/symfony/sites/project1/web/uploads/../images/thumbnail/959cd604cf6115014a3703bef5a50486a5520642.jpg' for writing: Permission denied in /home/morpheous/work/webdev/frameworks/symfony/sites/project1/apps/frontend/lib

Here are the permissions on the folders:

web drwxr-xr-x 16 morpheous morpheous 4096 2010-02-24 21:01 web web/uploads/../images drwxr-xr-x 13 morpheous morpheous 12288 2010-04-09 15:25 images web/uploads/../images/thumbnail drwxr-xr-x 3 morpheous morpheous 4096 2010-02-24 20:44 thumbnail

Can someone kindly tell me how to set the permissions so that my website (presumably running as the Apache daemon) can write the files to the directory required above?

Improve this question

2 Answers 2

Reset to default
2

For ubuntu the apache and PHP user is www-data.

Run sudo chown www-data:www-data web/uploads/ -R and see if that fixes your issue.

Also don't use 777 for the file permissions as Ignacio Vazquez-Abrams stated "0444 or 0664 for files, and 0555 or 0775 for directories"

Improve this answer
3
  • @andrew: thanks for that. I'll get back to you soon. Once I've had the chance to try this out. Commented Apr 23, 2010 at 17:07
  • @andrew: Thanks, it worked. Could you please explain how I can change the file permissions to 0555 or 0775 as you recommended?. Thank you Commented Apr 30, 2010 at 7:41
  • Sorry for the late reply sudo chmod 0555 web/uploads/ -R Commented Sep 8, 2010 at 3:49
2

Foremost, files that are to be accessed by the web server in either read or write should usually be owned by the user and group the web server is running as (apache:apache or nobody:nobody, not sure about the exact values on Ubuntu).

From there, the user should have r on files and rx on directories, except where write permissions are required. The group should usually match the user permissions. Everyone else should have read-only. This translates into 0444 or 0664 for files, and 0555 or 0775 for directories.

Of course, you may have reasons for breaking this scheme in specific locations, but these are the base values you should have.

Improve this answer
2
  • +1 for taking the time to answer. Apologies for the delay in testing this out and getting back to you... Been tied up with something else - but I hope to give feedback and select an answer once I have tested this Commented Apr 23, 2010 at 17:05
  • Bah, can't vote up yet (forgot I havent got enogh points here yet) Commented Apr 23, 2010 at 17:07

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.