I recently moved a Symfony 1.3.2 website (a PHP web framework), from a windows machine to Linux (Ubuntu 9.10).
Ever since then, I have had all kinds of problems involving file permission (even though the app run without any of these problems on windows).
I run symfony fix-perms which applied a 777 mask to the web directory (presumably, including its sub folders) - (as an aside) I think that is a potential security hole ... I have been meaning to come in here to ask how to correctly set permissions.
Currently, when attempting to save a file from my website, I am getting the following error:
PHP Warning: imagejpeg() [0function.imagejpeg0]: Unable to open '/home/morpheous/work/webdev/frameworks/symfony/sites/project1/web/uploads/../images/thumbnail/959cd604cf6115014a3703bef5a50486a5520642.jpg' for writing: Permission denied in /home/morpheous/work/webdev/frameworks/symfony/sites/project1/apps/frontend/lib
Here are the permissions on the folders:
web
drwxr-xr-x 16 morpheous morpheous 4096 2010-02-24 21:01 web
web/uploads/../images
drwxr-xr-x 13 morpheous morpheous 12288 2010-04-09 15:25 images
web/uploads/../images/thumbnail
drwxr-xr-x 3 morpheous morpheous 4096 2010-02-24 20:44 thumbnail
Can someone kindly tell me how to set the permissions so that my website (presumably running as the Apache daemon) can write the files to the directory required above?
Foremost, files that are to be accessed by the web server in either read or write should usually be owned by the user and group the web server is running as (
apache:apache
ornobody:nobody
, not sure about the exact values on Ubuntu).From there, the user should have
r
on files andrx
on directories, except where write permissions are required. The group should usually match the user permissions. Everyone else should have read-only. This translates into0444
or0664
for files, and0555
or0775
for directories.Of course, you may have reasons for breaking this scheme in specific locations, but these are the base values you should have.
For ubuntu the apache and PHP user is www-data.
Run
sudo chown www-data:www-data web/uploads/ -R
and see if that fixes your issue.Also don't use 777 for the file permissions as Ignacio Vazquez-Abrams stated "0444 or 0664 for files, and 0555 or 0775 for directories"