Lampwrights Forum > Linux, Apache, MySQL, PHP > Apache

Reply
 
Thread Tools
08-18-2010, 09:20 AM   #1
Jeff
Administrator
 
Jeff's Avatar
 
Join Date: Jul 2010
Posts: 402
Rep Power: 10
Jeff is getting browny points
Apache Umask and Writeable Files

Had an interesting issue arise this week. A couple servers I administer are loaded with many individual sites. Eventually root will create a file in one of these sites and when the user of that site logs in via FTP, they cannot modify the file (they do not own it). As a part of our weekly maintenance, we would go through each site and recursively CHOWN all the files to the proper ownerships. This though did not take into consideration files created by Apache. For example, a PHP script may create a directory somewhere. Once you change the ownership, even if the the user belongs to the Apache group, the directory becomes unwriteable to Apache.

After some searching I found a way around this. Set the umask variable to 002. It depends on your flavor of Linux but with CentOS and Redhat, you just add this to your /etc/sysconfig/httpd file:

Code:
umask 002
Now when a file or directory is created the group bit will be set writable, example: 775.

This still allows us to change ownerships weekly, but still keeps files created by Apache writeable for Apache.
Jeff is offline   Reply With Quote

Reply

Tags

apache security

,

configuring apache

,

php and apache

,

troubleshooting apache


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -4. The time now is 07:17 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.