CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site

This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Installing CiviCRM »
  • Drupal Installations (Moderator: Piotr Szotkowski) »
  • www-data write permission to /var/www/drupal/sites/default
Pages: [1]

Author Topic: www-data write permission to /var/www/drupal/sites/default  (Read 21179 times)

michaellenahan

  • I post occasionally
  • **
  • Posts: 30
  • Karma: 0
    • mick.appspot.com
www-data write permission to /var/www/drupal/sites/default
September 27, 2008, 01:06:55 am
Hello, I'm installing CiviCRM from scratch as follows:

CiviCRM Version 2.1.beta6 Drupal PHP5
Ubuntu 8.04.1, Drupal 6.4, MySQL 5.0.51a, PHP 5.2.4-2ubuntu5.1

I am serving all files from my server over https.

On the CiviCRM Installer page (https://<drupal>/sites/all/modules/civicrm/install/index.php), one of the errors I get is as follows:

Is the sites/default folder writeable?

The user account used by your web-server - www-data - needs to be granted write access to the following directory in order to configure the CiviCRM settings file:
/var/www/drupal/sites/default

I'm not sure how to make the directory writeable (I must confess that most of my experience is in Windows rather than Linux).

I have tried:

sudo chown -R www-data:www-data /var/www/drupal/sites/default

followed by restarting ubuntu, but without success: the error message still appears.

Thanks for your help

Michael

Deepak Srivastava

  • Ask me questions
  • ****
  • Posts: 677
  • Karma: 65
Re: www-data write permission to /var/www/drupal/sites/default
September 27, 2008, 04:09:29 am
Quote
I have tried:
sudo chown -R www-data:www-data /var/www/drupal/sites/default

Following should work -
Code: [Select]
sudo chmod 777 /var/www/drupal/sites/default
Searching web on "chmod" will give you more details.

Make sure you remove the writable permission after successful installation.
Found this reply helpful? Contribute NOW and help us improve CiviCRM with the Make it Happen! initiative.

MacRonin

  • I post frequently
  • ***
  • Posts: 153
  • Karma: 14
Re: www-data write permission to /var/www/drupal/sites/default
September 27, 2008, 04:51:13 am
I'm still on Drupal 5.x so I can't be 100% sure, but if this is a new Drupal 6 install. I think it is trying to create the "Files" folder under "drupal/sites/default" This is where Drupal uploads files that you create (images whatever). After "Files" is created I don't think that "drupal/sites/default" will have to be writable anymore. but the "Files" folder will be.

Since "drupal/sites/default" can also contain your added modules you would not generally want it to be writable after the install in complete.

The automatic creation of this folder (If missing) is a new feature in Drupal 6. Previously it just gave a msg asking you to create it.

michaellenahan

  • I post occasionally
  • **
  • Posts: 30
  • Karma: 0
    • mick.appspot.com
Re: www-data write permission to /var/www/drupal/sites/default
September 27, 2008, 12:03:41 pm
Thank you both. I've learned a little about chown and chmod - as I understand it, only chmod affects permissions, so I was on the wrong track with chown. (I have re-run chown so www-data is no longer the owner).

So, the following commands work to remove the errors from the installation page

sudo chmod 777 /var/www/drupal/sites/default
sudo chmod 777 /var/www/drupal/sites/default/files

... this works by allowing the installer (via the www-data user) to do its work by (temporarily) giving *all* users the read, write, execute rights on the respective folders.

Once the installation is complete, do you have any advice for what should I do to roll it back?

Will it be sufficient to remove write rights for the www-data user? Would it be advisable for security to remove write rights for everyone by running chmod 555 on the folders?

Piotr Szotkowski

  • Moderator
  • I live on this forum
  • *****
  • Posts: 1497
  • Karma: 57
Re: www-data write permission to /var/www/drupal/sites/default
September 29, 2008, 12:50:56 am
Quote from: michaellenahan on September 27, 2008, 12:03:41 pm
Thank you both. I've learned a little about chown and chmod - as I understand it, only chmod affects permissions, so I was on the wrong track with chown. (I have re-run chown so www-data is no longer the owner).

You might actually want to keep www-data as the owner, as…

Quote from: michaellenahan on September 27, 2008, 12:03:41 pm
sudo chmod 777 /var/www/drupal/sites/default
sudo chmod 777 /var/www/drupal/sites/default/files

…this means both these directories are now world-readable and -writeable (i.e., any user on the system can read from and write to them). A better option would be to make the directories owned by www-data and make sure they’re readable and writeable by their owner.

Quote from: michaellenahan on September 27, 2008, 12:03:41 pm
Once the installation is complete, do you have any advice for what should I do to roll it back?

Will it be sufficient to remove write rights for the www-data user? Would it be advisable for security to remove write rights for everyone by running chmod 555 on the folders?

Definitely. If you want the most security, I’d go with something like the below (NOTE: NOT TESTED ON AN ACTUAL INSTALL):

Code: [Select]
sudo chown -R www-data:www-data /var/www/drupal/sites/default
sudo chmod u=rx,g=rx,o= /var/www/drupal/sites/default
sudo chmod u=rwx,g=rwx,o= /var/www/drupal/sites/default/files
sudo chmod u=r,g=r,o= /var/www/drupal/sites/default/*.php

i.e., make the www-data user and group the owner, make the default directory and the PHP config files in it readable only by www-data, and make the files subdirectory readable and writeable only by www-data.
If you found the above helpful, please consider helping us in return – you can even steer CiviCRM’s future and help us extend CiviCRM in ways useful to you.

Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Installing CiviCRM »
  • Drupal Installations (Moderator: Piotr Szotkowski) »
  • www-data write permission to /var/www/drupal/sites/default

This forum was archived on 2017-11-26.