2

Hope you are good. I have Xammp on fedora and changed owner of opp/lampp/htdoc to root. Why I did so because whenever someone creates new folder through sharing, they don't have permission to dynamically create folder or files or to write images. Then I run command

chmod -R 777 /opt/lampp/htdocs

But when system goes to restart then I again need to run this command. So avoid again and again run this command I changed the owner on "opt/lampp/htdocs" and run 

chmod -R 777 /opt/lampp/htdocs

Now, whenever server restarts, assigned permissions don't need to be set again and again. That is resolved.

I have an issue, that old directories can be used to write something. But if any network user creates new directory under htdocs, that new directory needs to be changed the permission for it.

  • previously created, and can use this one directory to run script to create files 

    drwxrwxrwx   2 root root     4096 2011-06-15 14:09 aaa

  • Newly created, cannot be used to run a script to create image or to write anything

    drwxr-xr-x   2 root root     4096 2011-06-17 15:17 aaaa

drwxr-xr-x this one is really annoying to me for each newly created folder in htdocs :(

Just to let you know that my htdocs user and rights are: 

 drwxrwxrwx 101 root root  4096 2011-06-17 15:17 htdocs

Why is it so? Can anybody please help me to figure this problem out? I am waiting for quick response anxiously.

Martijn Courteaux
  • 67,591
  • 47
  • 198
  • 287
Umer
  • 133
  • 2
  • 11

3 Answers3

3

First off, you should investigate what permissions you really need - chmodding everything to 777 is a security risk as it will allow any user to write inside of your web root.

However, to address your actual question of the default permissions when a new folder is created by a user, you want to adjust the default "umask" which determines such things.

This question has some information for changing it for the Apache user (if a "network user" is a user creating new files and directories through the httpd process):

Setting the umask of the Apache user

If you need to adjust it for other users or processes, the solution will be similar.

Good luck!

Edit

Since you're on Fedora, try this: (from the question I linked above)

[root ~]$ echo "umask 002" >> /etc/sysconfig/httpd
[root ~]$ service httpd restart

The first command will add that line to the /etc/sysconfig/httpd which is a permanent configuration file, and the second command will make it active.

Community
  • 1
  • 1
baraboom
  • 1,398
  • 9
  • 9
  • Furthermore, I have used "umask" which was set as default "0022" I changed it while running "umask 002" and when checked with "umask". It was "0002" but when system will be restarted then umask value reset again automatically :( Secondly I need my network developers to work in htdocs and I need to set this permission for all of them. Like if they create any new folder then they must have full rights to do anything in their folders. Concerning security, everything is taken care, which I am no gonna address but only to resolve this problem. Thanks in advance. – Umer Jun 17 '11 at 12:55
  • Another thing from your provided URL there is answer "Apache inherits its umask from its parent process (i.e. the process starting Apache); this should typically be the /etc/init.d script. So put a umask command in that script." Can you please elaborate it more that how can I set this up? – Umer Jun 17 '11 at 12:59
  • I'll be back to update the answer in a little bit if no one else does, haven't had time today yet. – baraboom Jun 17 '11 at 18:04
  • @Baraboom: I really thought that your command will work but in vain. I did same and checked httpd file where I could see **umask 002** written but after running command **"/opt/lampp/lampp restart"** or restarting my linux machine did not effect anything what I want. When I again access my shared folder htdocs and create any folder it gives same rights **"drwxr-xr-x"** :( -- Urgent help required now. – Umer Jun 20 '11 at 04:50
  • @Umer, try editing the /etc/init.d/http script - simply add a line with "umask 002" (without the quotes) and try restarting apache to see if that does the trick. I've googled long and hard but nobody actually specifies WHERE in the script to put it, so I would start at the top... if that doesn't work, try moving it into the part of the script that handles the "start" command. Sorry the original answer is not working for you. – baraboom Jun 20 '11 at 19:37
  • **@Baraboom**: I have written umask 002 in /etc/init.d/httpd file, which I did confirm and restarted XAMPP. Still in vain :( ... Next move? – Umer Jun 21 '11 at 10:53
  • **@Baraboom:** No more comments? – Umer Jun 29 '11 at 08:52
  • @Umer, sorry, I am at a loss. However, since I've adopted this question, there is now a +50 bounty on it - please keep track and see if someone else can help you figure it out. Good luck! – baraboom Jun 29 '11 at 14:57
3

You are tackling the problem from the wrong side. Restore your apache configuration to use apache.apache as default user/group, and set your samba server to use those credentials when someone write to your document root.

If you are using nfs or another posix compatible filesystem, use chmod g+s to keep all files readable from your apache server.

Pablo Castellazzi
  • 4,164
  • 23
  • 20
0

Try it:

#umask 000

have a good time!!

mylxsw
  • 1
  • Quick question plz: if I set "umask 000" it will be implemented but you know I need to restart the machine and if system will be restarted. Umask again shows 022 :( Would like to say anything about it? – Umer Jun 17 '11 at 13:59