Apache Permissions - apache

I am having some trouble setting the permissions on an Apache Server (Ubuntu Server 12.04 LTS). I moved the directory to my home directory. I was able to give apache permissions to that directory. But, it didn't apply to the sub directories.
Is there a way to apply permissions to all the subfolders?
I am fairly new to Ubuntu Server and would appreciate the help.

chown -R www-data:www-data /home/
http://en.wikipedia.org/wiki/Chown
Also you can try what #mjgpy3 suggested

I think what you want is:
chmod -R <mode> <root>
This will recursively change permissions from a <root> to every sub directory and file. Be very careful setting the <mode> though. <mode> is an a number between 000 and 777 specifying mode and <root> is the parent of all files/folders that you want to change the permission of.
UPDATE
To specify <mode> you will, as I said above need to provide a 3 digit number, each of which is 0-7 inclusively. Each of these numbers specifies a different group (if you will). The first means current user, the second means a user's group and the third means the rest of the world. Now, the actual numbers themselves specify which privilege their respective group will be granted; this is done in binary. RWE (read, write and execute) are the available permissions on a file.
So, consider the number 5.
5 in binary is 101, this means that 5 specifies R-E, which means read, not execute and write. As you can see a 1 indicates that a privilege is enabled, whereas a 0 means disabled.
So, here are some common uses and what they mean:
chmod 777 file.txt
file.txt is now readable, writeable and executable by everyone who may ever come across the file.
A more used example is:
chmod 755 file.txt
This says that (since 7 is 111 in binary) the owner of the file (that's probably you) can do anything they want with it, I.E RWE, I.E. read, write and execute. Where those who are not the user may only read and execute it.
Here's an external source if my explanation did not make sense to you.

Related

Should POSIX sticky bit deny appending by root?

POSIX directory permissions include the "sticky" bit (S_ISVTX) which is described as limiting deletion or renaming to just the owner of a file, or to root. This is often used for directories such as /tmp and /var/tmp which may have permissions drwxrwxrwt to allow all users to create temporary files, but prevent other non-root users from deleting those files.
My question is about root's permission to modify files created by ordinary users within directories marked with the sticky bit.
Suppose, an ordinary user creates a file in a sticky-bit protected /var/tmp (which is on a local, non-NFS filesystem, with no SELinux restrictions):
echo "something" > /var/tmp/somefile
but then root tries to append to this file:
echo "else" >> /var/tmp/somefile
When I try this on some Linux systems (e.g. Debian-11, ArchLinux) this produces a bash: /var/tmp/somefile: Permission denied error. This seems an unexpected restriction on the powers of the superuser to change files in the local filesystem. Other flavours of Linux (e.g. Debian-10, Debian-9, Fedora-35) do not seem to have this restriction, despite no obvious differences in filesystem setup.
I've not been able to find any documentation that suggests that the sticky bit should prevent root from modifying such a file. For example, the POSIX documentation for sys/stat.h which underpins chmod, says very little about behaviour other than deletion of sticky-protected files.
Can anyone point me towards any official documentation of how the sticky bit should behave when the superuser tries to modify a file in a directory marked with the sticky bit, or what system settings influence this behaviour?
Answer found
The behavior you are showing seems to depend on the fs.protected_regular Linux kernel parameter, introduced along with fs.protected_fifos by this commit, with the aim to fix security vulnerabilities.
Solution:
sudo sysctl fs.protected_regular=0
Resources:
Since it is a patch, it probably won't be documented in more detail.
https://askubuntu.com/questions/1250974/user-root-cant-write-to-file-in-tmp-owned-by-someone-else-in-20-04-but-can-in/1251030#1251030
https://unix.stackexchange.com/questions/503111/group-permissions-for-root-not-working-in-tmp

gsutil rsync only files matching a pattern

I need to rsync files from a bucket to a local machine everyday, and the bucket contains 20k files. I need to download only the changed files that end with *some_naming_convention.csv .
What's the best way to do that? using a wildcard in the download source gave me an error.
I don't think you can do that with Rsynch. As Christopher told you, you can skip files by using the "-x" flag, but no just synch those [1]. I created a public Feature Request on your behalf [2] for you to follow updates there.
As I say in the FR, IMHO I consider this to not follow the purpose of rsynch, as it's to keep folders/buckets synchronise, and just synchronising some of them don't fall in that purpose.
There is a possible "workaround" by using gsutil cp to copy files and -n to skip the ones that already exist. The whole command for your case should be:
gsutil -m cp -n <bucket>/*some_naming_convention.csv <directory>
Other option, maybe a little bit more far-fetched is to copy/move those files to a folder and then use that folder to rsynch.
I hope this works for you ;)
Original Answer
From here, you can do something like gsutil rsync -r -x '^(?!.*\.json$).*' gs://mybucket mydir to rsync all json files. The key is the ?! prefix to the pattern you actually want.
Edit
The -x flag excludes a pattern. The pattern ^(?!.*\.json$).* uses negative look-ahead to specify patterns not ending in .json. It follows that the result of the gsutil rsync call will get all files which end in .json.
Rsync lets you include and exclude files matching patterns.
For each file rsync applies the first patch that matches, some if you want to sync only selected files then you need to include those, and then exclude everything else.
Add the following to your rsync options:
--include='*some_naming_convention.csv' --exclude='*'
That's enough if all your files are in one directory. If you also want to search sub folders then you need a little bit more:
--include='*/' --include='*some_naming_convention.csv' --exclude='*'
This will duplicate all the directory tree, but only copy the files you want. If that leaves empty directories you don't want then add --prune-empty-dirs.

Need to change permissions for a file/folder

In the diagnostics sections in textpattern, it's giving me the error:
"File directory path is not writable:...html/textpattern/files" (took out beginning of path)
I changed the permissions for the textpattern folder, and the folder named "files", which is in the root folder not in the textpattern folder, but it's still giving the error. Do I need to change permissions for all enclosed items of the textattern folder and not just the folder itself?
Maybe I got you wrong but I suppose you simply have to change the path to the files folder in your admin panel from "…html/textpattern/files" to "…/html/files".
Assuming you're on a *nix system...
It sounds like you want to change the permissions recursively.
A quick fix might be to change the permissions like so:
chmod -R 777 html/textpattern
This command will go through every folder and file and change its permissions (the -R turns on the recursive bit).
Warning, this is very broad and not a good idea for production.
A better approach would be to change the permissions at a finer level of granularity. Google for "Linux file permissions" or type man chown at the shell.

Joomla - Warning! Failed to move file error

I have found some solutions to this error and tried implementing them but none of which has worked and hope that some here at SO might have a different answer.
I get this error, "Warning! Failed to move file" when I try install modules into my new installation of Joomla here:
http://sun-eng.sixfoot.co.za
Here's some solutions I have tried to no avail:
http://forum.joomla.org/viewtopic.php?f=199&t=223206
http://www.saibharadwaj.com/blog/2008/03/warning-failed-to-move-file-joomla-10x-joomla-15x/
Anyone know of another solution to this please?
Thanks!
Go to Help -> System Info in your administrator backend and check your Directory Permissions tab to make sure everything is writable.
Also make sure your Path to Temp Folder is correct in Site -> Global Configuration.
Finally, check to make sure that the module isn't already installed. It's possible that some files already got copied or something and now your system is having problems overwriting them.
If none of this works, let us know if the error message specifies which file can't be moved. That would help figure out a solution.
In the configuration folder change the temporal folder location to /tmp (public $tmp_path = '/tmp';) or create your own temperate folder and set it to /myowntemp and change the file permission to 777. you are good to go .
This is typically a file permissions issue. If the system cannot write to the tmp directory within Joomla it will give you the "Warning Failed To Move File" error.
The typical solution is to make the directory wide-open, in general a bad practice but a quick fix. You log in to the Linux command line via a terminal (telnet or ssh) session and set the permissions of the directory.
# chmod -R 777 ./tmp
The better option is to find out what user/group the Apache server is running as and assign the permissions accordingly. For example, if Apache is running your site as the myuser:nobody user:group then you can open up write permissions for the group by changing ownership of the tmp folder and making it writable by anyone in the group:
# chgrp -R nobody ./tmp
# chmod -R 775 ./tmp
Security can be a pain to get set correctly if you don't know *nix commands and security settings, so most people just blast a huge hole in the security with chmod 777.
The next thing you'll probably run into is another error message about not being able to update a specific directory. Again, this is a permissions issue and is typically a piece of the file being unzipped into the administrator subdirectory. Depending on whether your installing a component, a module, or a complex plugin with multiple pieces you may need to open up one or more of these directories using the same approach as above. Here is the "blow a big open hole in security" method:
# chmod -R 777 ./administrator/
Or more selectively:
# chmod -R 777 ./administrator/components/
# chmod -R 777 ./administrator/modules/
If you are a linux user then it is very simple to solve. Just type the following command and try again to install plugin/entension.
sudo chmod -R 777 /var/www/html/my_joomla_folder
You can also refer this link for brief information regarding permission of each folder and file.
Cheers!!
In Joomla 3.x you should go to System->System Information to see directory permissions
If one or more directories that are listed are not "writable" then you should change the permission of those directories:
If you are using one of Linux distributions you can use this command
to give the directories read/write/execute permission:
sudo chmod 777 -R address_of_lampp_directory/lampp/htdocs/joomla_directory
I have had a similar issue today and found is was the permissions set on the 'temp folder'. To resolve I changed them to 777 and my plugin installs worked fine!!
Another thing to check is whether you actually have space on the disk. I had this error and discovered that the drive was 100% full. Removing some unused files fixed the problem.
One other thing to try if everything else is not working is to add the following to your .htaccess file:
php_value upload_max_filesize 10M
Make sure 10M covers the size of the file you are uploading - increase it if your file is 12Mb, for instance.
[Source]
This issue was solved like this.
On the configuration.php file change the tmp_path variable according to:
if you site is mysite.azurewebsites.net, the path should looks like
'C:\DWASFiles\Sites\mysite\VirtualDirectory0\site\wwwroot\tmp'
instead of
'C:\DWASFiles\Sites\mysite.azurewebsites.net\VirtualDirectory0\site\wwwroot\tmp'
Refer to the link: http://social.msdn.microsoft.com/Forums/en-US/windowsazurewebsitespreview/thread/2701eadc-9977-46ab-9c56-81a2234bdce4
I did it and every is working for every error problem with OSX, I use OSX version 10.9.2 and get many problems. The way to fix every error is
# cd /Applications
# chmod -R 777 ./XAMPP
some files might not change permission but the problem is gone.
you can create folder and upload fine and picture, including install plugin.

file permissions messed the site! what is the best permission? 644? 744?

just messed the websites at host by changing permission settings :( none of sites are working now!!! it gives
Forbidden
You don't have permission to access / on this server.
error! how can i fix it?! should i make files' permissions as 644?
thanks!!!
I think that 755 should do.
Basically, you shouldn't grant write permissions for any file/directory to anybody but yourself (the owner), except for dirs/files which are explicitly required by a particular website/framework to be writable. A common example would be a directory for uploading avatars by users of a forum application.
What matters is that you most probably need the 5 for others (hence, you might try 705 and it still could work) to grant execute access for foreign users. While it might not make sense to set +x for all your website's files, the directories use the execute right to check whether the user is allowed to enter that directory. If you set the rights of everything (including directories) to 644/744, nobody except the owner will be able to browse the directory structure of particular folders. As the http daemon hardly ever is run as the directory owner's process, it might be the reason why your website stopped working.
To set the minimal permission you can use:
chmod -R o+r ./
find ./ -type d -exec chmod o-r {} \;
find ./ -type d -exec chmod o+x {} \;
The first line sets the permissions of all files in the directory and any file inside it (including those in subdirectories) to allow read by others.
The second one removes the read permission from directories.
The third one adds the execution permission for directories.