How to set default permissions

Support for security such as Firewalls and securing linux
Post Reply
Neobugu
Posts: 1
Joined: 2019/02/06 23:00:29

How to set default permissions

Post by Neobugu » 2019/02/06 23:13:14

Greetings,

CentOS 6.9

I would like help regarding to the issue of my server, since Jan, my hosting provider isnt capable to id my issue.

I have a webtool to create invoices, but suddenly it was not capable to use commands, mkdir(), file_put_contents and similar, the folder permissions are 0755 and file permissions are 0644 (which I suppose are the correct ones), few days ago I tried to modify permission via terminal (I have a VPS so I can't use remote desktop, just via PuttY) I used:

Code: Select all

sudo chown -R root:_user home/path/to/folder 
sudo chmod -R 755 home/path/to/folder
At initial it worked partially, it let me create folders via mkdir, but some files I use werent able to use it, but now I am uncapable to upload/modify/delete files using ftp with filezilla

So I tried using:

Code: Select all

sudo chown -R root:root home/path/to/folder 
sudo chmod -R 755 home/path/to/folder
But as I see, I returned to initial point.

Is there any way I can default value permissions of my server and/or a way to work normally with my server. please.

tyler2016
Posts: 13
Joined: 2019/02/07 16:06:54
Contact:

Re: How to set default permissions

Post by tyler2016 » 2019/02/25 15:15:08

I see you are setting the owner to root for everything? Are you logging in as root via FTP or some other user? I really hope you aren't logging in as root over plain FTP. What about the process that is suppose to be creating the invoices? If it is running as say, www, and the directory is owned by root with 755, it won't be able to write to it. Also, is selinux enabled? Even if a file is 777, selinux labels can prevent access of any kind to it.

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: How to set default permissions

Post by TrevorH » 2019/02/25 15:59:34

When you chown something root:$user and set its permission to 755 then you giving rwx access to the owner (root) and r-x (no write) to the group that the user belongs to. That means root can read and write it, the user can read it but since they are not the owner of the file, they pick up access from the group they belong to and in this case you've only given them read access (no w).

If you want the directory owned by root then you must also chgrp it to $user and then adjust the group permissions to it has write access - e.g. chown root:user thing; chmod 775 thing;
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply