[CentOS] apache docroot permissions
Gordon Messmer
yinyang at eburg.comThu May 5 00:38:57 UTC 2011
- Previous message: [CentOS] apache docroot permissions
- Next message: [CentOS] apache docroot permissions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 05/04/2011 12:49 PM, Johan Martinez wrote: > Thanks for the suggestions Richard and Kenneth. I installed drupal here > and it requires user running apache to have write access on filesystem. > Otherwise it complains: 'The directory sites/default/files is not > writable'. The content editors/developers need write access to > theme/pictures folders. So it seems like I can't avoid giving write > access to apache user. Any hacks or tips here? Tip 1: Your files and directories can have different permissions. Rather than your original setup, try: chown -R apache:contenteditors /var/www/html find /var/www/html -type f -exec chmod 0464 {} + find /var/www/html -type d -exec chmod 2575 {} + or: chown -R apache:apache /var/www/html find /var/www/html -type f -exec setfacl -m g:contenteditors:rw {} + find /var/www/html -type d -exec setfacl -m g:contenteditors:rwx {} + Tip 2: Don't install drupal in /var/www/html. Generally, /var/www/html should be used only for static content. Web applications should be installed outside the document root to prevent a misconfiguration from allowing remote clients from downloading files that might contain configurations, passwords, or other sensitive information. See the rpm packaged drupal for an example of how this is done. Tip 3: If your application says that it needs write access to "sites/default/files", then add write access only for that directory.
- Previous message: [CentOS] apache docroot permissions
- Next message: [CentOS] apache docroot permissions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list