Forums / Install & configuration / Permissions

Permissions

Previous topic

Install & configuration

Next topic

Author	Message
Trond Åge Kvalø	Thursday 30 September 2004 5:47:46 am Hi folks! I find the permission problem one of the most difficult ones to comprehend in eZ publish. If you install eZ publish on a server where you have root access, then no problem, you can chown and chmod as much as you want. BUT, and this should stand out more in the documentation than it does today, if you're on a shared host environment with next to no control on the ownership you must ask your ISP to give you the needed permissions. And that may even not be enough. I have asked my ISP to grant the webserver the ownership of the var/ design/ and settings/ directories, the webserver apparently run under the same username and group as I am when I am logged in via SSH. So apparently I should be able to chown my files with myusername:mygroup and then set e.g. chmod 700 or something similar to avoid the files being read/writable by others. But I still get permission denied errors in the debug. The only solution I've seen sofar is to chmod 777 everything that the webserver needs access to. Some of the directories and files are owned by nobody:nobody, but my ISP has reassured me that the webserver is running as myusername:mygroup. Can anyone please take the time explain how the permission system works in eZ publish installed on linux? Or maybe point me to a resource that can explain it. And, by the way, why does eZpublish need to run chmod 666 on images in the var/ subdirectories? trondåge
Trond Åge Kvalø	Friday 01 October 2004 6:06:03 am This is getting quite frustrating. My ISP (an eZ partner) claims that the webserver runs as myuser.mygroup, but when eZ publish creates files they are owned by nobody.nobody. Doesn't this indicate that the webserver runs as nobody.nobody? If the webserver runs as myuser.mygroup, then why are the files owned by nobody? Is it possible that PHP can run as a different user than Apache? If so, what user should then own my var/ design/ and settings/ directories? Can permission problems be the reason why some of my overrides won't work? Please help me solve this. Best regards trondåge

Author

Message

Trond Åge Kvalø

Thursday 30 September 2004 5:47:46 am

Hi folks!

I find the permission problem one of the most difficult ones to comprehend in eZ publish.

If you install eZ publish on a server where you have root access, then no problem, you can chown and chmod as much as you want.

BUT, and this should stand out more in the documentation than it does today, if you're on a shared host environment with next to no control on the ownership you must ask your ISP to give you the needed permissions. And that may even not be enough.

I have asked my ISP to grant the webserver the ownership of the var/ design/ and settings/ directories, the webserver apparently run under the same username and group as I am when I am logged in via SSH.

So apparently I should be able to chown my files with myusername:mygroup and then set e.g. chmod 700 or something similar to avoid the files being read/writable by others. But I still get permission denied errors in the debug. The only solution I've seen sofar is to chmod 777 everything that the webserver needs access to.

Some of the directories and files are owned by nobody:nobody, but my ISP has reassured me that the webserver is running as myusername:mygroup.

Can anyone please take the time explain how the permission system works in eZ publish installed on linux? Or maybe point me to a resource that can explain it.

And, by the way, why does eZpublish need to run chmod 666 on images in the var/ subdirectories?

trondåge

Trond Åge Kvalø

Friday 01 October 2004 6:06:03 am

This is getting quite frustrating.

My ISP (an eZ partner) claims that the webserver runs as myuser.mygroup, but when eZ publish creates files they are owned by nobody.nobody.

Doesn't this indicate that the webserver runs as nobody.nobody?

If the webserver runs as myuser.mygroup, then why are the files owned by nobody?

Is it possible that PHP can run as a different user than Apache? If so, what user should then own my var/ design/ and settings/ directories?

Can permission problems be the reason why some of my overrides won't work?

Please help me solve this.

Best regards

trondåge