Results 1 to 4 of 4
Thread: Apache permissions
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Jun 2013
i am writing an web application, which allows an admin user to login and change the settings of the application (name of mysql db, etc) which i will store in a config file.
currently i am developing this on linux mint (my desktop) but mint probably isn't the target distro.
how should i set the permission on the .conf file ?
currently apache looks it is running as www-data
- just make www-data the owner of the conf file
- change who apache runs as
- change the permission of the conf file
Hi and welcome
my suggestion would be to drop the idea of writing it yourself and
instead invest the time and effort into an automation/systemmanagement tool like puppet
It offers a descriptive language of resources (files, packages, services, etc) which are realized on the target nodes via providers.
Essentially you can plan and code your datacenter/servers.You must always face the curtain with a bow.
- Join Date
- Jun 2013
i'll explain a little more about what i am doing.
I am developing an application like mailcleaner
i'm not actually developing a spam gateway but it will effectively be a standalone appliance you can download and slot into your virtual infrastructure in the same way, and it needs to have an interface for the end user to configure it,
i'm not developing this application exclusively for my own use, i was planning on releasing it as open source, so it needs the configuration built into the interface because i can't guarantee that the end users would want to deploy puppet.
How do you expect your software to be installed and updated? Do you expect it to be updated at all after the initial install?
If it's installed by essentially copying over the files to the web server or hosting service, then there may generally not be a way to change the file owner anyway. The file owner may be the client's userid and that's that. The client may not have permissions to create groups either, but maybe so.
The easiest thing would be to change the file permissions to 666, which will let the apache user modify the file...as well as anyone else. This is not very secure, of course, but it might be the only option for a client of a web hosting service.
I'd recommend default file permissions of 660, along with installation documentation on how to configure things to make it work. This forces the end user to "do something", because by default the software probably won't work. The preferred configuration would be to create a group with just the end user and the apache user in it, and set that file's group. But other options would be for the end user to manually change the file permissions to 666, or change the file owner.Isaac Kuo, ICQ 29055726 or Yahoo mechdan