Folder Permission on ubuntu

Question

I am using Laravel 5 and whenever i pull from git on my production server, which is azure vps, i have to give permission to my proejct directory, so that apache user can access it. Otherwise it says, permission denied exception. so i have to run following line in terminal every time whenever i pull new code,

sudo chown -R www-data:www-data projectDirectory

So after above command everything works fine. But the worst thing is whenever Laravel creates new files for log, same issue happens, which gives me following exception:

Symfony\Component\Debug\Exception\FatalErrorException: Exception 'Symfony\Component\Debug\Exception\FatalErrorException' with message 'Uncaught exception 'UnexpectedValueException' with message 'The stream or file " /storage/logs/laravel-2016-03-17.log

Can anyone tell me how i can get rid of this critical issue. Thanks

I've already gave you an answer here: http://stackoverflow.com/questions/36052051/laravel-5-0-permission-on-ubuntu — Alexey Mezenin, Mar 17 '16 at 17:56
I posted that question but no one answered it there, @AlexeyMezenin your solution is not working, it have already tried it. — Awn Ali, Mar 17 '16 at 18:05

Santosh Ram Kunjir · Answer 1 · 2016-03-17T18:04:43.517

0

Check with it will work. you have give permission to this folder to create temporary files

sudo chmod -R 755 /storage/

edited Mar 17 '16 at 18:04

answered Mar 17 '16 at 17:55

Santosh Ram Kunjir

1,074
1
12
23

Only do this in a local environment. You are basically opening up your configuration files to the outside world. – eggmatters Mar 17 '16 at 18:04
@eggmatters is right – Awn Ali Mar 17 '16 at 18:11
Each and every tutorial says about this solution. And you're not 'opening up your configuration files to the outside world' here. There are no any config files in this folder. Also, you usually use at least VDS for real Laravel project and adding user for this folder is a kind of paranoid solution. – Alexey Mezenin Mar 17 '16 at 18:20
Was this post edited? Because, I coulda swore you urged the OP to grant 755 on the entire project, not just a specific folder. And call it a paranoid solution but, log files could very well likely contain volatile data. If a tutorial urges you to make your application less secure, than at least do so knowing the risks. – eggmatters Mar 17 '16 at 18:31
chmod g+s /projectDirectory – Awn Ali Mar 20 '16 at 05:34

score 0 · Answer 2 · answered Mar 17 '16 at 18:01

0

Try adding www-data to your project group:

useradd -G <your-project-group> www-data

If larval writes to the logs directory with 'rwx' perms on the group, you will be fine. If the group by default doesn't have write permission on logs, which may be the case, then you will need to make the logs directory open (which @SRK hinted at) DO NOT, however run chmod 755 on your entire web app. You will be exposing configuration parameters (database access) to the outside world.

answered Mar 17 '16 at 18:01

eggmatters

1,130
12
28

my current user is already part of www-data group – Awn Ali Mar 17 '16 at 18:10
Yeah, so I thought. You're kind of relegated to @SRK's solution. I've done this in the past as well - but I don't feel good about it. – eggmatters Mar 17 '16 at 18:32

Folder Permission on ubuntu

2 Answers2