Find the answer to your Linux question:
Results 1 to 4 of 4
hi i am writing an web application, which allows an admin user to login and change the settings of the application (name of mysql db, etc) which i will store ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2013
    Posts
    2

    Apache permissions


    hi

    i am writing an web application, which allows an admin user to login and change the settings of the application (name of mysql db, etc) which i will store in a config file.


    currently i am developing this on linux mint (my desktop) but mint probably isn't the target distro.

    how should i set the permission on the .conf file ?
    currently apache looks it is running as www-data

    should i
    1. just make www-data the owner of the conf file
    2. change who apache runs as
    3. change the permission of the conf file



    thanks

    conrad

  2. #2
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    3,411
    Hi and welcome

    my suggestion would be to drop the idea of writing it yourself and
    instead invest the time and effort into an automation/systemmanagement tool like puppet

    It offers a descriptive language of resources (files, packages, services, etc) which are realized on the target nodes via providers.
    Essentially you can plan and code your datacenter/servers.
    You must always face the curtain with a bow.

  3. #3
    Just Joined!
    Join Date
    Jun 2013
    Posts
    2
    hi

    i'll explain a little more about what i am doing.

    I am developing an application like mailcleaner

    i'm not actually developing a spam gateway but it will effectively be a standalone appliance you can download and slot into your virtual infrastructure in the same way, and it needs to have an interface for the end user to configure it,

    i'm not developing this application exclusively for my own use, i was planning on releasing it as open source, so it needs the configuration built into the interface because i can't guarantee that the end users would want to deploy puppet.

    thanks

    conrad

  4. $spacer_open
    $spacer_close
  5. #4
    Linux User IsaacKuo's Avatar
    Join Date
    Feb 2005
    Location
    Baton Rouge, LA, USA
    Posts
    406
    How do you expect your software to be installed and updated? Do you expect it to be updated at all after the initial install?

    If it's installed by essentially copying over the files to the web server or hosting service, then there may generally not be a way to change the file owner anyway. The file owner may be the client's userid and that's that. The client may not have permissions to create groups either, but maybe so.

    The easiest thing would be to change the file permissions to 666, which will let the apache user modify the file...as well as anyone else. This is not very secure, of course, but it might be the only option for a client of a web hosting service.

    I'd recommend default file permissions of 660, along with installation documentation on how to configure things to make it work. This forces the end user to "do something", because by default the software probably won't work. The preferred configuration would be to create a group with just the end user and the apache user in it, and set that file's group. But other options would be for the end user to manually change the file permissions to 666, or change the file owner.
    Isaac Kuo, ICQ 29055726 or Yahoo mechdan

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •