[BlueOnyx:00557] Re: Brian type permissions question..

[Michael Stauber]

Hi Jeff,

> Perhaps you are really Michael - the same person? Hmm!?

Haha, now that's a funny thought. :o)

> I seem to have some sort of fundamental permissions problem with PHP &
> BO (or pehraps PHP and ME)
>
> I have my /home/sites/www.foo.com/web/ folder - just to avoid issues -
> I've set it to RWX RWX R or 774 for now. I then would probably go 744
> later.  I have admin as the owner (which is default), and site1 as the
> group (also default). So this should all just work.
>
> And it does -  works fine on all my BQ sites - but for some reason -
> I'm getting 403 forbidden on this BO box.
>
> If I change the group to apache - then it works. But I don't want to
> do that.
> If I change it back to site1 group - and then apply 777 - then it
> works. But I REALLY don't want to do that.

Try this: Set the UID to "apache" and the group to "site1" (or whatever the 
site number is). Then you should be able to make do with 774 permissions.

The thing here is as follow: When a PHP script tries to write a file to the 
webspace, it does so as user "apache" and the GID is inherited from the 
toplevel directory of the web tree. So your files and folders ought to be 
writeable by user "apache".

Using "admin" or the UID of the siteAdmin for that site won't cut it. The 
obvious drawback is of course: You can either upload by FTP, or have your PHP 
script handle the files. But both at the same time will lead to UID conflicts 
where either FTP or the PHP script is unable to overwrite files.

-- 
With best regards

Michael Stauber