Date: Mon, 19 Nov 2007 18:42:58 +0100 From: Laszlo Nagy <gandalf@shopzeus.com> To: stevefranks@ieee.org, freebsd-questions@freebsd.org Subject: Re: permissions for www acting strangely Message-ID: <4741CB22.9000401@shopzeus.com> In-Reply-To: <539c60b90711190935m4efdaf6ndecf5224271c24d1@mail.gmail.com> References: <539c60b90711190935m4efdaf6ndecf5224271c24d1@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Steve Franks wrote:
> Few weeks ago, I installed apache22. Just wanted to put up some
> family photos. Whenever I tried to connect, got a "apache doesn't
> have permisson to acess ~/. on this system or somesuch". The only way
> to get around it appeared to be a chmod 777 on my pic folder (no luck
> with 775!). Now I restored some stuff from a backup over my photos,
> and now 777 won't work either. Is there something fundamental about
> permissions I am totally missing?
>
Look at your apache config file. Most probably,
/usr/local/etc/apache22/httpd.conf.
Look for "User" and "Group" options - it tells you the user and group
apache is running under.
Now look at the ownership of your files and directories. Apache needs to
have rx on directories and r on file to read them.
One common approach for this problem is to set the "set group id" bit on
your folder containing your photos, and do
chown user1:group1 -R yourfolder
Where:
user1 - can be you (?)
group1 - should be the group apache is running under
Well, it is just a bad example. You need to develop your own strategy
for security. They key is that you also need to check ownership. It is
not enough to chmod, sometimes you need to chown.
Best,
Laszlo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4741CB22.9000401>