PDA

View Full Version : suPHP, Joomla! 1.5, file & diretory permissions


pjdevries
2nd February 2008, 15:37
Joomla! 1.5 is officially released, so I decide to use it for my next website. Unfortunately I ran into a file & directory permission problem I also ran into using Joomla! 1.0.13. The problem has to do with suPHP and the default file & directory creation permissions of Joomla! and it first appeared when I tried to get WYSIWYG editors to work. For Joomla! 1.x the problem could be solved by changing the default creation permissions in the "Global Configration - Server" section of the Joomla! administrator back-end (thanks to Hans for the tip). Changing the default directory permissions to 0775 instead of the default 755 (and applying them to existing directories) solved the problem.

In Joomla! 1.5 that administrator section doesn't exist anymore and so I'm stuck once again. Is there an alternative Apache and/or ISPConfig way of solving this problem? I don't know if Joomla! explicitly sets permissions or uses the system default umask. If it does use the system umask however, I would like to know how to change that for my Apache + suPHP setup. I would also like to know if it's possible to have a different umask for file and directory creation.

Hans
3rd February 2008, 00:53
I think, on the moment there are 2 possibilities:

1) If you use php5 as a module, you can make use of the new FTP-layer function within Joomla 1.5.
When you add the FTP-account of your web in there, problems with permissions should be solved.
This is the case on a default ISPConfig server (without suPHP).

2) You can use Joomla 1.5 with php5-cgi+suPHP but then you have to make the right permissions manually. This is the case if you use ISPConfig with suPHP enabled.

By the way, it is possible to use php5 as a module as well on an ISPConfig server with php5-cgi+suPHP, so you can make use of the new FTP-layer feature in Joomla 1.5. (If you prefer this).
For this do the following:

On the Linux shell as root:

a2enmod php5

/etc/init.d/apache2 force-reload

Within the Apache directives field of the site within ISPConfig:

suPHP_Engine off
RemoveHandler .php
php_admin_flag engine on

pjdevries
7th February 2008, 11:38
Thanks for the response Hans. For the time being, I don't see any other solution either. Disabling suPHP is not an option though, because it's exactly for sites like these, using a CSM like Joomla! or other PHP based sites, that I'm using suPHP.

Anyone else with clever alternatives?

pjdevries
21st February 2008, 10:41
As could have been expected, the problem has nothing to do with Joomla! itself, but with suPHP. Changing the default umask of 0077 in /etc/suphp/suphp.conf to 0022 solved the problem.

Hans
29th February 2008, 17:44
During an ISPConfig update (version 2.2.20 and up), the /etc/suphp.conf will be overwritten.

If the umask 0022 setting within /etc/suphp is important to you, you must change the umask setting from 0077 into 0022 manually after every ISPConfig update!

pjdevries
29th February 2008, 17:53
Thanks you very much Hans. I'm going to update ISPConfig to the latest version this weekend, so your tip comes just in time.

I think it's rather careless though, that an update of ISPConfig overwrites these kind of system files, without checking, warning and/or asking for permission to do so. Without this helpful tip, I wouldn't have known this and woul probably pull out my hair out of pure agony and frustration, as soon as the permission problems started to manifest themselves once again.

brunus
13th March 2008, 14:35
Hi Hans,
I've been encountering this same issue. I'm quite surprised that when you install Joomla 1.5 in ISPConfig everything is 777. Isn't it a security issue?

paolo

Hans
13th March 2008, 15:18
@brunus,
Do you use php5-cgi+suPHP or php5mod on your ISPConfig server?

bluethunder82
16th June 2008, 00:01
Hi Guys,
I'm experiencing the same problem with file/directory permissions with a Joomla 1.5 install.

I installed Joomla1.5 successful and I am able to log into the system. The problem starts when I try to add a template. I get the JFTP::write message. I have traced this to being a permission problem. Therefore I am not sure if I need to move to suphp or if I can stay with the default.

I am able to use the media manager and upload pictures and remove pictures, create articles, etc. The only thing I cannot seem to do at this time is upload a template form a zip file.

The tutorial posted for Joomla/ISPConfig is only for the first version. Any thoughts would be appreciated.

Hans
16th June 2008, 00:27
Please have a look here for the solution: http://www.howtoforge.com/forums/showthread.php?t=23436

Hope that the new upcoming version of ISPConfig uses the right settings for suphp as described by Vogelor.

bluethunder82
16th June 2008, 02:14
Hi Hans,
I tried to install suPHP using the post you provide + these two tutorials (site1 (http://www.howtoforge.com/install-suphp-on-various-linux-distributions-for-use-with-ispconfig-2.2.20-and-above), site2 (http://www.howtoforge.com/suphp_debian_ispconfig)).

I am now getting the internal 500 error message. In the log files I get the following output:

SoftException in Application.cpp:296: UID of script "/var/www/web7/web/index.php" is smaller than min_uid

This is probably something very small I'm missing but cannot seem to find it. The other posts that I have read do help resolve my problem.

Thanks for any ideas.

bluethunder82
16th June 2008, 07:50
Some additional info as I had time to play a bit more:

I am able to view php documents when I type in the full address (ie. www.mysite.com/index.php). This works for my webmail install, Joomla, etc. Now if I just typed in www.mysite.com expecting it to load I'm now asked to download the file (I'm in Firefox). Firefox calls it an application/x-httpd-php. I don't get anything in my suphp.log file as it doesn't process anything. Interesting to note however when I run Safari I don't have any issues in viewing the files.

To help figure this out (as I'm lost) my vhost data is:

<VirtualHost 192.1.1.1:80>
ServerName webmail.mysite.com:80
ServerAdmin webmaster@ mysite.com
DocumentRoot /var/www/web8/web
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
ErrorLog /var/www/web8/log/error.log
AddType application/x-httpd-php .php .php3 .php4 .php5
suPHP_Engine on
suPHP_UserGroup web8_admin web8
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
Alias /error/ "/var/www/web8/web/error/"
ErrorDocument 400 /error/invalidSyntax.html
ErrorDocument 401 /error/authorizationRequired.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/fileNotFound.html
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
AliasMatch ^/~([^/]+)(/(.*))? /var/www/web8/user/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web8/user/$1/web/$3
</VirtualHost>

I still get the 500 internal error when I load files too. These may or may not be related. All I'm trying to do is finish installing Joomla 1.5.

Thanks again for the help.

Hans
16th June 2008, 08:31
Do you see any related errors within your /var/www/webX/log/ ?

bluethunder82
16th June 2008, 08:48
The error I have in /var/www/webX/log/ is:

[Sun Jun 15 21:52:17 2008] [error] [client 192.1.1.1] SoftException in Application.cpp:296: UID of script "/var/www/web7/web/gallery/index.php" is smaller than min_uid
[Sun Jun 15 21:52:17 2008] [error] [client 192.1.1.1] Premature end of script headers: index.php

This is the same error I have in suphp.log.

Hans
16th June 2008, 10:34
I think it has something to do with permissions.
What's the output of the command ls -la /var/www/web7/web ?

bluethunder82
17th June 2008, 04:34
Hi Hans,
You were right the permissions were not set correctly. I ran chown and now the error 500 no longer occurs. However, Firefox is still trying to download any and all php files unless i directly type in the actual php file.

Also, is it possible to run Gallery2 (user/codebase) with suPHP? If so I'll start another topic on this as suPHP's log has the main.php launching but nothing happens (just blank site).

Hans
17th June 2008, 06:50
Running Gallery2 with the user-part within your /var/www/web7/web and the codebase within /var/www/ will not work with suPHP, because the codebase is outside the web of the user.

For such a situation, you can use php5mod. At the end of my suPHP howto (http://www.howtoforge.com/suphp_debian_etch_ispconfig), you can see how to to that.

If yo have a blank screen, please check your log file at /var/www/web7/log/ to find related errors.

bluethunder82
19th June 2008, 03:58
Hi Hans,
Ok I figured as much about needing to use php5mod for Gallery2. I have changed this and now Gallery2 is working.

Everything is basically working now expect some browsers are still trying to download the php file instead of displaying it. For example if I have index.php in the root and I just type the base domain name it tries to download index.php instead of displaying it.

1) User Permissions are set to that of the user (using suPHP)
2) There are no logs generated in /var/log/apache2/error.log or in the local website error.log file

I'm having difficulty still with Joomla but I'll start another thread as I'm unable to install new templates.

Thanks again for you help.