0

I have a daemonized service that generates content at /usr/share/service/content

I need this content to be accessible from PHP.

The service runs under a user named _service which belongs to the same group as the one running PHP (www-data). Both service and content directories are owned by www-data, and has group write permissions enabled, which I assumed it should suffice.

The service's content is being generated but not stored/written in/to content.

If I make the service to run under the www-data user it does write the content, and it's accessible from PHP.

What part of my assumption is wrong?

Also, what are the implications of having a folder outside /srv/... being accessible to the www-data user?

goliatone
  • 115
  • 1
  • 5

1 Answers1

1

I would start troubleshooting with:

su - _service
ls -la /usr/share/service        # test rx permissions on the parent
echo > /usr/share/service/content/delete_me
cd /usr/share/service/content    # test x permission
rm delete_me
env
exit

su - www-data
env
exit

More advanced:

su - _service -c "strace /my/path/to/service -options -options"

kubanczyk
  • 13,812
  • 5
  • 41
  • 55
  • ok, _service `cannot create /content/delete_me: Directory nonexistent` but can `cd` into *content* and `rm` existent files in that directory. Also, it can `nano eraseme.txt` and will create the file. – goliatone Dec 06 '11 at 12:40
  • su - _service "ls -la /usr/share/service" # test rx permissions on the parent – kubanczyk Dec 06 '11 at 17:37
  • Done, output: `-su: Can't open ls -la /usr/share/service` – goliatone Dec 06 '11 at 19:59