2

When i try to upload php file using vsftpd to /var/www/ and visit the file from web server i got this error,

Warning: Unknown: failed to open stream: Permission denied in Unknown on line 0

Fatal error: Unknown: Failed opening required '/var/www/.../.../public_html/d.php' (include_path='.:/usr/share/php:/usr/share/pear') in Unknown on line 0

i tried chown -R www-data:www-data /var/www after that the error got fixed but i have to do the same every time i upload a new file, is there is anyway to fix that for all new files?

Vedbex
  • 47
  • 2
  • 8
  • You should be able to set the default permissions for uploaded files by modifying the `vsftpd.conf` try adding `file_open_mode=0777` and `local_umask=022`. The first setting states the default permission for uploaded files. Also you could checkout the man page for the configuration file: https://security.appspot.com/vsftpd/vsftpd_conf.html – Cyclonecode Feb 18 '17 at 16:53
  • @Cyclonecode i added both to vsftpd.conf and restarted vsftpd but still getting same problem with new files. – Vedbex Feb 18 '17 at 17:03
  • Are you sure you're modifying the correct configuration file? – Cyclonecode Feb 18 '17 at 17:11
  • 1
    ah sorry i edited wrong one, after editing correct file and reloading vsftpd, all new files works fine now. thank you very much! – Vedbex Feb 18 '17 at 17:15
  • 1
    @Vedbex do not do what was asked, you've just assigned full read,write,execute permissions to the whole world which has serious security implications. – Jonathan Feb 18 '17 at 17:20
  • @Augwa Thank you but i already know that. its alright since am the only one who have access to server/ftp. – Vedbex Feb 18 '17 at 17:22
  • @Augwa - I didn't mean that he should set complete permission on the file, I meant that he could set default permission by editing the config file. – Cyclonecode Feb 18 '17 at 17:38
  • @Vedbex you need to update your include_path to contain a path to the directory that you are trying to include. Right not your include path does not have access to search in the location - thus the fatal error. – Ray Hunter Feb 18 '17 at 17:48

1 Answers1

-1

The best way is to apply an ACL to the directory in question.

This will set the default so new files and folders are given the ACL, this says that the group of www-data will have read,write,execute permissions by default on all files/folders from /var/www recursively

sudo setfacl -Rdm g:www-data:rwx /var/www

This will set the ACL for existing files and folders, this says that the group of www-data will have read,write,execute from /var/www recursively for existing files and folders

sudo setfacl -Rm g:www-data:rwx /var/www
Jonathan
  • 2,778
  • 13
  • 23