Johannes Nohl wrote:
I installed libapache2-mod-suphp-0.6.2-1+etch0,but have some problems.
when I create new file with php code it's permissions seems ok.(644)
but uploaded files with same way is not.(600)
How files are created is managed by umask. Your php.ini is set to umask = 0644.
You must try to setup the right permissions.
It is part of your application behavior and should be handled by your
application at the time of create/upload/edit the file.
Actually, I have seen several applications with this as configurable.
As PHP process run as the user it apply the same right to change the
permissions.
Lots of people says that file upload operation is not related with suphp.
Right. It depends on how you load up. Let's say by ftp then you have
to adjust the umask setting in your ftpd config. Or if users create
new files using ssh you need to adjust the shells umask.
I'd prefer to have a script that will adjust files automatically. Did
anyone wrote something like it? Could be written in php. It
recursively go through the files (htdocs and under) and chmod them
depending on their suffix. Additionally there need to be a mechanism
that prevent unwished changes. Please post it here if you've done
already.
How about this? I'm using ACL under Debian Stable.
#!/bin/bash
####################################
#/usr/local/sbin/admin-repair-public_html
####################################
# Chech the executor is root
if [ "`whoami`" != "root" ]; then
echo "You must be root to execute this script"
exit 0
fi
# Ask for the username
echo -n "Username: "
read username
if [ -z "$username" ]; then
echo "ERROR: Must provide a username"
exit 0
fi
# Checking for the user
if [ -z "`grep ^${username}: /etc/passwd`" ]; then
echo "ERROR: The user does not exists"
exit 0
else
if [ ! -d "/home/${username}/public_html" ]; then
echo "ERROR: The user exists but the public_html directory doesn't"
exit 0
fi
fi
# Make owner of his files and acces to
chmodrecursive /home/${username} 750 640 ${username} > /dev/null
setfacl -m u:www-data:rx /home/${username}
setfacl -R -m u:www-data:rx /home/${username}/public_html
setfacl -d -R -m u:www-data:rx /home/${username}/public_html
chmodrecursive /home/${username} 750 640 ${username} > /dev/null
#!/bin/bash
####################################
#/usr/local/bin/chmodrecursive
####################################
DEBUG=""
IFS=$'\n';
function udf_change {
chown $4:$4 "${1}" -R
lstItem=`find "${1}"`
for iItem in ${lstItem} ; do
if [ "${iItem}" ]; then
if [ "${DEBUG}" ] ; then echo -n "${iItem}: " ; fi
if [ -L "${iItem}" ]; then
if [ "${DEBUG}" ] ; then echo -n "link" ; fi
elif [ -d "${iItem}" ]; then
chmod $2 "${iItem}"
if [ "${DEBUG}" ] ; then echo -n "dir" ; fi
else
chmod $3 "${iItem}"
if [ "${DEBUG}" ] ; then echo -n "file" ; fi
fi
echo " ."
fi
done
}
function udf_syntax {
echo "$0 directory chmod-dir chmod-file owner"
exit 1
}
if [ -z "${1}" -o -z "${2}" -o -z "${3}" -o -z "${4}" ]; then
udf_syntax
fi
udf_change "${1}" "${2}" "${3}" "${4}"
_______________________________________________
suPHP mailing list
suPHP@lists.marsching.biz
http://lists.marsching.com/mailman/listinfo/suphp
