2

I am having problem that apache can't write file via PHP (for example, write csv file) - I have to change file permission to 777 and it work but it is very bad security. I am trying to use sufficient permissions to write, maybe 664. What went wrong?

Apache is running as apache and group is also apache. All the files in /var/www/html are owned by root and group is web-content

I can login to FTP client and read/write files to /var/www/html without any problem.

I have created an ftp user called intranet, here what I did:

groupadd web-content
usermod -G web-content intranet
chown root:web-content /var/www/html
chmod o+rx /var/www/html
find /var/www/html -type f -exec chmod 0664 {} \;
find /var/www/html -type d -exec chmod 0775 {} \;

ls -la /var/www/

drwxrwxr-x.  4 root web-content 4.0K Sep  6 16:09 html

When I upload new files on FTP.

ls -la /var/www/intranet/

-rw-r--r--.  1 intranet intranet       0 Sep  6 17:42 test
user1246800
  • 287
  • 1
  • 3
  • 14

1 Answers1

2
7 - owner bits, read/write/execute
5 - group bits, read/execute
5 - everyone else bits, read/execute

Since the file is 755, only the owner has write permissions. You've got apache running as apache, and the file is owned by root, so the owners don't match, and you end up with no write permissions.

You'd probably want to chown the file to apache:web-content or at least root:web-content and make the file 575 instead, so that the group permissions match up.

Marc B
  • 356,200
  • 43
  • 426
  • 500
  • Thanks, that seem to fixed when I apply `root:web-content` again. I've notice when I upload file on FTP client the owner and group changed to `-rw-r--r--. 1 intranet intranet 0 Sep 6 17:42 test` which can cause a bit of problem for write permission. I am using `vsftd` server. – user1246800 Sep 06 '13 at 16:45