root has to chown-ing files before you can use them

Discussion in 'Installation/Configuration' started by reinier, Dec 6, 2006.

  1. reinier

    reinier New Member

    Hi,

    i noticed in the Joomla! HowTo that root needs to chown the Joomla! files to be owned by the www:data group before a customer can use them properly.

    This works, technically.

    But if you sell a hosting package with PHP & FTP, i guess most customers would expect to be able to upload their applications (cms, weblogs, whatever), without having to call the admin to ask them to chown their files. (and the admin does not want all the calls.)

    What would be your ideas on a more pleasant, but still secure configuration for this?

    reinier
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    If you install suPHP, the chowning is not nescessary. Or the client has to set global write permissions on the directory where joomly wants to write to.
     
  3. reinier

    reinier New Member

    I looked a bit at the settings of my hosting provider (which have been very comfortable for me in the last 4 years)

    When open an FTP session and create a new file, the user of that file is my account (so for a ISPConfig setup, that would be something like web1_admin ), but the group is www-data. The chmod values are 664.

    If I upload a file over the web, both the user as the group are www-data.

    The user is not a member of the www-data group.

    These defaults make the trick work. The only thing that happens is that when a file is uploaded through the web, you need to set the access-rights to that file to be writeable by everyone using the web, too, in order to be able to change the file over FTP. So be it.

    My knowledge stops here.

    How can I force my FTP server to set the ownership of newly ftp´d files to this?

    user: the ftp-user
    group: www-data
    chmod: 664

    Reinier
     
  4. falko

    falko Super Moderator ISPConfig Developer

    If you want a chmod 664, you need to set Umask 002 in your ProFTPd settings.
     

Share This Page