PDA

View Full Version : CHOWN, PHP scripts, how does it work

Phanerothyme
27-11-2007, 08:59
Any Linux gurus out there?

We have a web site being developed for a customer. The site makes extensive use of the PHP file creation functions [fopen('this.inc','+w')] and so on.

The thing is, all the uploaded files (uploaded via ftp) are belong to the user:group called pentagon:pentagon.

However, all files created by the scripts belong to 99:99.

This means that the scripts cannot edit or remove files uploaded by ftp and that the files created by the scripts cannot be deleted or modified using PHP.

On a typical webserver, what's the setup like? Is this server typical?

We've installed these scripts on lots of other sites (using ftp) with no problem. CPanel doesn't give us the opportunity to CHOWN files only CHMOD, so we're a bit stuck.

All and any help, advice, tips or pointers much appreciated!
adaline
27-11-2007, 10:21
Any Linux gurus out there?

We have a web site being developed for a customer. The site makes extensive use of the PHP file creation functions [fopen('this.inc','+w')] and so on.

The thing is, all the uploaded files (uploaded via ftp) are belong to the user:group called pentagon:pentagon.

However, all files created by the scripts belong to 99:99.

This means that the scripts cannot edit or remove files uploaded by ftp and that the files created by the scripts cannot be deleted or modified using PHP.

On a typical webserver, what's the setup like? Is this server typical?

We've installed these scripts on lots of other sites (using ftp) with no problem. CPanel doesn't give us the opportunity to CHOWN files only CHMOD, so we're a bit stuck.

All and any help, advice, tips or pointers much appreciated!
Can you chmod to 777 does that work?
Server we have here does the same thing, the files created with php (uploaded for example) are not accessible by other (non root) users including ftp.
steev
27-11-2007, 10:30
If you don't want to leave everything as 777 (& I wouldn't) & can't think of owt else, could you put some kind of php-based upload script on there so everything you (re)upload would be owned by the apache user in the first place?

Or if you have a kind hosting company they may be able to change ownership to the same group as apache so the files only have to be group writeable rather than world writeable?
esme
27-11-2007, 11:45
all files created by the script are actually created by the webserver process and will belong to it and it's group, in this case 99:99

all files uploaded via ftp will belong to the user:group you connected to the server with

for some reason known only to themself the sysadmin set up the webserver without a known user or group which is why you have numbers instead of a name for username and group

there are chown and chgrp functions as part of the php core function set, you could use these to set the owner and group to some known user for script created files

for files transferred via ftp, connect to the server as a different user
carling
27-11-2007, 13:20
You can usually configure the ftp server to automatically chown for you. For example vsftpd on Fedora Core 5 has the setting shown below in its conf file:

# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
Phanerothyme
27-11-2007, 14:18
I'll pretend to understand all that, and state that most servers use suPHP (is this the same thing as suExec) in order to do this sort of thing.

Tried modding everything to 777 but it makes me nervous, even though it works.

Looks like a host change might be in order.

Many thanks for your replies, most illuminating.