I know file permissions have been covered on here before, but im struggling to get my head around the concept for my scenario.
- I created the files on an old ubuntu installation.
- Ive copied the files into my new ubuntu installation and put them in my webroot.
- When i attempt to run the files (theyre PHP files) i get an error relating to permissions
in an attempt to fix this, i assumed that they must still be owned by the previous owner, so i ran chown -R on the directory, with my username as an argument, in order to take ownership of all of the files in the directory. It should be noted that the usernames between new and old ubuntu installations were the same.
When i attempt to run the files again, same problem: 500 error due to permissions problems. Can anyone tell me what other steps i should take?
The webroot for my apache installation is inside my home folder. If i create new files in my webroot, they also work as expected, its only the old files that are causing the problem.
If your server documents are in
/home/$USER/public_htmldirectory you need to runto give ownership of the DocumentRoot folder to the user
www-dataand groupwww-data.Then you can add yourself to the group
www-dataFinally, you need to make the DocumentRoot folder writable by owner (www-data user) and to your self (as part of the
www-datagroup):For convenience you can make script named
public_html_fix.shwith content:Save it inside
/home/$USER/binand make it executable using:Then you call it whenever you need, from wherever on the file system you happen to find yourself like this:
The directories above your webroot should have the execute bit set to allow Apache descend into the directories.
If you have your webroot located at
/home/user/htdocs, the/,/home,/home/userand/home/user/htdocsshould have the execute bit set.The above solution "works", but it's not ideal. If you've created a folder, Apache cannot write to it. The reverse happens too.
This can be "fixed" by setting umask 0007 and adding yourself to the Apache group (www-data if I'm not mistaken), so that newly created files and folders are writeable by the group.
Alternatively, you can install an alternative Apache MPM: Apache2 MPM ITK (info on configuring) and adjust the configuration so Apache runs under your user.
Apart from chmoding files and editing apache .conf files, I want to say that nothing worked for me because my files were on a partition that I had auto-mounted via nautilus. This limits the partition for your user only.
To check if your files are visible by
www-rootor whatever user runs apache (runps -aux | grep apache2to check), run the following command:and try to read a file from your document root.
If the file is not readable check that:
1) you have set all other file permissions
2) you have used
FollowSymlinksin your.conffiles if needed3) you have set up DocumentRoot
3) mount your partition for all users. I had to edit
/etc/fstaband specify my partition via its UUID:Then unmount your partition via nautilus and do a
sudo mount -a. If all goes well your files are now under/mnt. Update your symlinks and you're good to go.The best way I have found to always set this up is the way VirtualMin does it.
create user and group "myhome"
Make apache user a member of group "myhome". Not the other way around like some of the explanations here describe
So now apache has read and execute access to /home/myhome in addition to /home/myhome/www
"myhome" user has write access