English
Ask Your Question
1

How to set permissions for apache

asked 2017-06-17 22:24:08 +0000

waffel gravatar image

Hi there,

i'm running Fedora 25 and set up apache, mysql and php. It runs just fine. But I have some trouble to set the user permissions right. I want to use Fedora as my desktop environment and write and test php scripts on my local machine. Those scripts don't need to be accessible from the internet. Localhost only.

First i had some trouble to figure out what the problem actually was. But then I figured out that SELinux was blocking my script attempting to write to its own cache directory. I did the following to solve the problem:

sudo chown apache:apache -R /home/dave/www/html/mysite

find . -type f -exec chmod 0644 {} \;
find . -type d -exec chmod 0755 {} \;

sudo chcon -t httpd_sys_content_t /home/dave/www/html/mysite -R
sudo chcon -t httpd_sys_rw_content_t /home/dave/www/html/mysite/cache -R

According to the apache logs, it can now write to the cache folder just fine, but I don't have access to the directory at all. Which I understand because I chown it to apache. What, as a newbie, don't understand is, how I can give read and write access to my personal user and apache.

I read that i can add me to the apache group, as a subgroup. But that didn't work out (nothing changed). And when I do the command "groups" it only shows me "dave wheel". The command "users" shows me only "dave". So those functions don't show me an apache user or an apache group at all.

I'm pretty new to Linux and english is not my main language. So I just hope you understand what my problem is, what I want to archive and that my english is at least understandable.

Thanks for reading.

edit retag flag offensive close merge delete

Comments

Welcome to ask.fedora. Have you logged out and back in since adding yourself to the apache group? I ask, because if memory serves, you need to do this for any changes to your list of groups to take effect.

sideburns ( 2017-06-18 00:45:41 +0000 )edit

1 answer

Sort by ยป oldest newest most voted
2

answered 2017-06-18 10:36:37 +0000

David-LDA gravatar image

updated 2017-06-18 13:48:49 +0000

florian gravatar image

This is what worked for me in your same situation. I am not sure of your approach, but check this out. All your sites/php applications can now live in the folder 'sites' in your home directory.

mkdir ~/sites

sudo ln -s ~/sites /var/www/html # make symbolic link from the apache web directory to your sites folder

chcon -R unconfined_u:object_r:httpd_sys_rw_content_t:s0 ~/sites # tell SELinux that these files/directories are allowed to be modified by Apache

sudo sed -i "s/User apache/User $USERNAME/g" /etc/httpd/conf/httpd.conf # change the "User apache" string in the config file to "User (the username of the current user)". For a development machine, it's more convenient to run Apache as the current user to simplify permissions problems

Now apache is running as YOU ($USERNAME) rather than 'apache' so permission problems are gone. This may not be the most secure solution, but it's the only one I could get working reliably in the end! This all took a week to work out!!

edit flag offensive delete link more

Comments

Just FYI: I changed your formatting since the ask software is not able to correctly display the _ character (chcon command).

florian ( 2017-06-18 13:49:54 +0000 )edit

Tahnks! Changing the user for apache works perfectly.

waffel ( 2017-06-23 15:01:14 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

[hide preview]

Use your votes!

  • Use the 30 daily voting points that you get!
  • Up-vote well framed questions that provide enough information to enable people provide answers.
  • Thank your helpers by up-voting their comments and answers. If a question you asked has been answered, accept the best answer by clicking on the checkbox on the left side of the answer.
  • Down-voting might cost you karma, but you should consider doing so for incorrect or clearly detrimental questions and answers.

Question Tools

Follow
1 follower

Stats

Asked: 2017-06-17 22:24:08 +0000

Seen: 68 times

Last updated: Jun 18