I have a log folder /var/www/app/logs/ in an EC2 AMI instance. My PHP aplication is writing logs there, however every day I must logon and do chmod in order to avoid the error message that the folder is not writable:
$ sudo chmod 7777 -R /var/www/app/logs/
For some reason the instance this permissions are reset every morning automatically by some unknown process. Is there a way to make this change permanently?
My guess is that you have some log rotation rules set up for this directory, which might be responsible for the permission change.
And, don't set the permissions to 777, definitely. Either change the owner of the directory to your application user, or add your application user to a group which has write permission to the directory.
Not sure whether is the best solution, but solves my problem. Edit the /etc/httpd/conf/httpd.conf file and change:
User apache
By:
User ec2-user
Then restart the webserver.
Related
Faced a problem accessing the storage folder. A symbolic link was created, but when I try to access any file in the storage folder, I get an error 403 "You do not have permission to access this object. The file is not readable, or the server cannot read it." I have a second project on a local machine, everything works fine there. I tried to give 777 permissions to the storage folder, but this causes the "Permisson denied" error. I will be glad to any help!
Macos catalina
Laravel Permissions
first change ownership of the laravel directory to our web group.
sudo chown -R :www-data /var/www/laravel
Next we need to give the web group write privileges over our storage directory so it can write to this folder.
sudo chmod -R 775 /var/www/laravel/storage
where laravel is the name of the root
This is a weird one... On Ubuntu 14.04 I have a directory called /lib. As root, or on the server as a user with group privileges, I can write to this directory. Over FTP as the same user with group privileges I cannot, I get a Permission Denied error...
If I rename the /lib directory to anything else (in this case /lib-new) I can write to the directory over FTP.
What could be causing a Permission Denied error based purely on the name of the directory?
I've checked and tested the permissions of the directory (777, 775, 755, 664 and 644) as well as the directory above (/public_html - the root directory for the server) and nothing helps, unless I rename the directory something other than lib.
Please help, as SSH-ing into the server to make changes to anything within /lib is time consuming!
EDIT: The FTP server I'm using is ProFTP if it helps.
Try adding RLimitChroot off to /etc/proftpd.conf. May need to restart X for this change to take affect. By default, I think it will do the same thing to /etc directory as well.
I am having a hard time trying to figure out the issue.
I am creating a Model using this Artisan command,
Artisan::call('make:model',['name' =>'Models\\'.$module.'\\'.$model_name]);
For whatever reasons,
1.there is a lock icon in the file
2.owner of the file is www-data
3.the permission for the file is 644 but when I create the Model from CLI the permission of the file is 757.
It all depends who runs the code, in this case web-server runs the code, thus Apache or NGINX is the owner of newly created file (same goes for uploads).
You can change this using
umask
change user/group of web-server
Best option is to use artisan as its meant to be used, from command line.
I have a Postgres permissions problem, every time i brew install postgres it does so as root user resulting in permissions denial on initdb, createdb and or anything else i try.
I sudo chown the ownership of /usr/local/var/postgres and it seems to change and allow me manual entry into the directory from cmd line, which then only consists of a server.log file listing the error:
postgres cannot access the server configuration file "/usr/local/var/postgres/postgresql.conf": No such file or directory
I then go to initdb and it returns:
The files belonging to this database system will be owned by user "jamesbkemp".
This user must also own the server process.
The database cluster will be initialized with locale "en_GB.UTF-8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".
Data page checksums are disabled.
initdb: directory "/usr/local/var/postgres" exists but is not empty
If you want to create a new database system, either remove or empty
the directory "/usr/local/var/postgres" or run initdb
with an argument other than "/usr/local/var/postgres"
I then go back to look at /usr/local/var/postgresand the owner has changed back to root. I really am at a loss after many hours on this as to what's going on. Any ideas folks?
Postgresql install as non root is a pain if not impossible, because it was not designed this way: it is a multi-user service.
The same thing here: apache2 as non-root - you would have to build the server yourself changing the configuration a lot.
Let me add that for an experienced datacenter operator this is a strange idea, like driving a race car in your appartment.
I have just moved my Magento store from cPanel to DirectAdmin (Centos).
My problem is now with permissions. Previously on cPanel all folders were set to 755 and files 644. This worked great.
However on DirectAdmin the only way I seem to be able to get everything to work (including the downloader) is by setting all folders to 777. Is this safe to do so?
Also what should the User and Group ownership be set to?
Thanks!
Followed this and everything seems to be working well:
http://blog.nexcess.net/2010/12/06/securing-magento-file-directory-permissions/
chmod may not be your problem. Who is the owner of the files on new server? Set the ownership via chown to www-data (ubuntu) or whatever they should be on centos. They way you can find this out is by setting all to 777 then look at the some newly created file, from var/log or var/session and see who is the owner/group. Reset back to varien's recommended chmod settings and do the chown user:group on all files.
Its not good to have 777 on all your folders as it makes it publicly accessible and changeable. Some can be 777, more so 755, and most cases 644
Get set the folders to the right permissions the easiest way is to use the Magento cleanup tool here:
http://www.magentocommerce.com/wiki/groups/227/resetting_file_permissions
Scroll down a bit on that page to download the Magento Cleanup Tool
You can also reference the Magento installation cheat sheet Step 2 - Set file permissions:
http://www.magentocommerce.com/knowledge-base/entry/magento-installation-cheat-sheet#step2
So I would set everything back to 644, and then run the cleanup tool.
Magento Permission can be set by running a file in the installation.For that you need to download the magento cleaup tool.
Download Magento Cleanup Tool