Permission Denied Editing Web Files

I am a bit confused and not sure what to look up to fix this issue. When I log in as user, I cannot edit my /var/www/html files.

I have the ownership of /var/www/html set to apache:apache (using centos 7). When I check groups for user it shows user and apache. That does mean I'm apart of the apache group right, and if the /var/www/html is owned by apache, I should be able to edit?


Similar Content



Chgrp Not Changing A File?

Hello,

OS: CentOS 6.3

Background:
I'm trying to set up a situation where my FTP account is in a group where my phpbb forums were created. This will allow me to upload changes as I customize my forums (ie: .css files). However, right now, my problem is that I'm running into invalid permissions and the only way to move the files is to upload the file to a directory my FTP account has access too and then sudo cp the file over. Upon closer inspection of my files, it appears the groups the files have been made under are not the correct group.

Problem:
I am trying to use chgrp on a specific file to change the group owner to the group my FTP account is a member of but it does not seem to be working. Here is a snippet of what I'm doing:

Code:
zzz@aaaa:/var/www/html/yyy/forums/styles/GlossyBlack/theme]$ sudo chgrp apache colours.css -v
group of `colours.css' retained as apache
zzz@aaaa:/var/www/html/yyy/forums/styles/GlossyBlack/theme]$ ls
total 164
drwxr-xr-x 3 5645316 apache  4096 Mar 27 15:11 .
drwxr-xr-x 6 5645316 apache  4096 Nov 18  2012 ..
-rw-r--r-- 1  root     apache 23480 Mar 27 19:05 colours.css

I'm not sure why it still says root so I suspect I am doing something incorrect. When looking around, at first it seemed chgrp could change group owner on files but as I dug more, it seemed it can also change groups themselves. So I'm a little confused and require some clarity of experts.

I hope changing the group owner of this file will give access to my FTP account so I can apply this change to all needed locations.

Thanks.

Normal Linux User Recursively Write Access To Apache Document Root

I tried adding two users in apache group and given 775 permission to Document root but user is not able to write into files in DocumentRoot

Tried adding user and DocumentRoot Folder in sudo file but not able to do it recursively

please help


Thanks for reply,
I have already given chmod 775 -R DocumentRoot - for recursively writting permission
You have told to add user in www-data group and chmod 775 -R to DocumentRoot
usermod -a -G www-data <user1>

How can users in www-data can able to write in DocumentRoot which has apache:apache owner and group
please clarify...

Done below steps to solve this:
1) I have created a new group webdata and added required users in this group
2) set sticky bit to document root with below command
setfacl -m g:webdata:rwx -R /path/to/documentroot/
this command will set rwx permission to DocumentRoot so that members in webdata can have full access but still DocumentRoot user and group will be apache

Zoneminder URL Can't Be Found By Apache2

Having tried several posts on this issue and browsing numerous conf files I am at a loss... Any suggestions beyond the reload, and apache to apache2 ln's?

Apache2 is working, I get the default page when attempting to log in via browser... Apache (not2) config does not seem to be present, I get an error when trying ln.

I can't seem to find the zm html pages and don't really understand some of the more sophisticated ways to direct to pages and scripts...

Not sure where to go next, maybe Apache manuals?

I's sure this is in the wrong place but as a newwwbie, I thought I'd throw it in here as an intro...

Remove Write-protected Regular File Without Permission

I wanted to delete a couple of files, so I did. Then I noticed that they were "write-protected". What does that mean? Why was I able to delete the files considering I wasn't the owner and the files did not have group write permission?

Code:
[Michael@devserver backup_database]$ ls -l
total 4344
-rw-r--r--. 1 apache apache   50639 Feb  6 05:42 2015_02_06_05_42_01.sql
-rw-r--r--. 1 apache apache  654623 Feb  6 05:45 2015_02_06_05_45_54.sql
-rw-r--r--. 1 apache apache 3738269 Feb  6 05:49 2015_02_06_05_49_02.sql
[Michael@devserver backup_database]$ rm *
rm: remove write-protected regular file `2015_02_06_05_42_01.sql'? y
rm: remove write-protected regular file `2015_02_06_05_45_54.sql'? y
rm: remove write-protected regular file `2015_02_06_05_49_02.sql'? y
[Michael@devserver backup_database]$ ls -l
total 0
[Michael@devserver backup_database]$

Httpd Server Taking 90% Cpu Usage

Hi,
my server centos 6 32bit, server config. 12core 16gb ram,only http and mysql(innodb).
promble: httpd service taking 90% cpu usage.
below is top command result and my.cnf conf..
some times site hangs.
any solution on this issue

top - 16:11:13 up 6 days, 5:38, 3 users, load average: 31.50, 30.64, 24.67
Tasks: 259 total, 35 running, 224 sleeping, 0 stopped, 0 zombie
Cpu(s): 61.2%us, 7.9%sy, 0.0%ni, 30.5%id, 0.2%wa, 0.1%hi, 0.1%si, 0.0%st
Mem: 15982704k total, 6111196k used, 9871508k free, 365788k buffers
Swap: 6291448k total, 0k used, 6291448k free, 2648472k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1500 apache 20 0 81188 55m 4660 R 47.7 0.4 3:53.51 httpd
1167 apache 20 0 80184 55m 4680 R 36.3 0.4 13:37.91 httpd
942 apache 20 0 86352 61m 4708 R 34.3 0.4 12:59.12 httpd
1157 apache 20 0 84272 59m 4704 R 34.3 0.4 13:04.18 httpd
1307 apache 20 0 86316 60m 4684 R 34.3 0.4 10:33.57 httpd
1363 apache 20 0 80164 55m 4676 R 34.3 0.4 7:07.59 httpd
1386 apache 20 0 86336 60m 4676 R 34.3 0.4 5:58.29 httpd
1620 apache 20 0 80164 54m 4660 R 34.3 0.3 3:01.97 httpd
937 apache 20 0 84084 59m 4712 R 32.4 0.4 13:04.31 httpd
1147 apache 20 0 84260 59m 4696 R 32.4 0.4 12:21.55 httpd
1158 apache 20 0 84084 60m 4688 R 32.4 0.4 12:39.18 httpd
1159 apache 20 0 84288 59m 4696 R 32.4 0.4 13:12.04 httpd

my.cnf conf. file
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
set-variable=max_allowed_packet=100M
set-variable=max_connections=500
set-variable=key_buffer_size=100M
#set-variable=key_buffer_size=64M
set-variable=sort_buffer_size=64M
#set-variable=innodb_buffer_pool_size=32M
set-variable=innodb_buffer_pool_size=1024M
#set-variable=innodb_buffer_pool_size=2048M
#set-variable=table_cache=1024
set-variable=table_cache=256
set-variable=thread_cache_size=16
set-variable=query_cache_size=16M
#set-variable=innodb_log_file_size=100MB
set-variable=interactive_timeout=60
set-variable=wait_timeout=60

Permission Denied For PhpMyAdmin

Hi,

On Centos 7 I haven't been able to configure phpmyadmin. I've got Apache 2.4.6 and I've installed the latest phpmyadmin, both with yum.
I've changed all the 127.0.0.1 to my public ip and I've disabled the 'denied all' directives. This is how it looks:
Code:
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip X.X.X.X
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     #Deny from All
     Allow from X.X.X.X
     Allow from ::1
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip X.X.X.X
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     #Deny from All
     Allow from X.X.X.X
     Allow from ::1
</IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
    Order Deny,Allow
    #Deny from All
    Allow from All
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
    Order Deny,Allow
    #Deny from All
    Allow from All
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
    Order Deny,Allow
    #Deny from All
    #Allow from None
    Allow from All 
</Directory>

on /var/log/httpd/error_log:
Code:
AH01630: client denied by server configuration: /usr/share/phpMyAdmin

The httpd.conf hasn't been changed except this:
Code:
<Directory />
    AllowOverride none
    #Require all denied
    Allow from all
</Directory>

Normal access to my apache works fine (a default test page shows up)

SELinux is disabled and I've also stopped iptables to test it.

Apache Not Working Properly After Update To Debian 8

Hi,
I just upgraded my server from Debian 7 to Debian 8. Everything seemed to go fine. However, Apache doesn't seem to be able to see the web files. If I go to my server's IP, I get an empty directory listing, as if the document root was pointed to an empty directory. However, my apache.conf points to /var/www, and there are indeed files the
Code:
root@maples-server:~# ls -la /var/www/
total 624
drwxr-xr-x  5 www-data www-data   4096 Apr 28 19:35 .
drwxr-xr-x 13 root     root       4096 Mar 28 11:43 ..
lrwxrwxrwx  1 www-data www-data     18 Jan 10 20:47 anthony -> /home/anthony/web/
-rw-------  1 www-data www-data   1455 Apr 23 21:41 .bash_history
-rw-r--r--  1 www-data www-data   3388 Jan 21 19:34 .bashrc
drwxr-xr-x 11 www-data www-data   4096 Apr 23 21:41 chat
lrwxrwxrwx  1 www-data www-data     14 Mar 23 16:20 dad -> /home/dad/web/
drwxr-xr-x  2 root     root       4096 Mar 15 05:52 html
-rw-r--r--  1 www-data www-data    323 Mar 26 18:35 index.htm
drwx------  2 www-data www-data   4096 Jan 21 19:50 Mail
-rw-r--r--  1 anthony  anthony  592795 Apr 23 19:52 phpfreechat-1.7.tar.gz
-rw-r--r--  1 www-data www-data     41 Apr 15 21:52 robots.txt
-rw-------  1 www-data www-data   1541 Apr 23 21:41 .viminfo

Here's my apache.conf (with the comments stripped; there were no "end of line" comments):

Code:
root@maples-server:~# cat /etc/apache2/apache2.conf | grep -v "#"

Mutex file:${APACHE_LOCK_DIR} default

PidFile ${APACHE_PID_FILE}

Timeout 300

KeepAlive On

MaxKeepAliveRequests 100

KeepAliveTimeout 5


User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

HostnameLookups Off

ErrorLog ${APACHE_LOG_DIR}/error.log

LogLevel warn

IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

Include ports.conf


<Directory />
	Options FollowSymLinks
	AllowOverride None
	Require all denied
</Directory>

<Directory /usr/share>
	AllowOverride None
	Require all granted
</Directory>

<Directory /var/www/>
	Options Indexes FollowSymLinks
	AllowOverride None
	Require all granted
</Directory>

AccessFileName .htaccess

<FilesMatch "^\.ht">
	Require all denied
</FilesMatch>


LogFormat "v:p h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent


IncludeOptional conf-enabled/*.conf

IncludeOptional sites-enabled/*.conf

I also checked sites-enabled/000-default, and everything seems to be fine the
Code:
root@maples-server:~# cat /etc/apache2/sites-enabled/000-default 
<VirtualHost *:80>

	DocumentRoot /var/www
	<Directory />
		Options FollowSymLinks
		AllowOverride All
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride All
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Additionally, the connections are no longer showing up in /var/log/apache2/access.log. The last access time in that file is from before the update. I don't know enough about systemd to know if it is responsible for redirecting the logs to somewhere else...

At this point, I have no idea why it's not working. If anyone could point me in the right direction, I would really appreciate it.
Thanks!

EDIT: After looking around some more, it seems that the output of "apachectl -S" is helpful. So here it is:
Code:
root@maples-server:~# apachectl -S
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl 
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: ENABLE_USR_LIB_CGI_BIN
User: name="www-data" id=33
Group: name="www-data" id=33

It appears that it's looking in a subdirectory html, which was not the case previously (before the upgrade). I've currently got a (ugly but useable) work-around using a symlink:
Code:
root@maples-server:~# cd /var/www/
root@maples-server:/var/www# rm -r html/
root@maples-server:/var/www# ln -s /var/www/
root@maples-server:/var/www# mv www html
root@maples-server:/var/www# ls -l html
lrwxrwxrwx 1 root root 9 Apr 28 22:36 html -> /var/www/

While this does work, I'd like to find the proper way of doing it. Any ideas?

Samba-Apache-Webdav Permission Problem With User Www-data

I'm not sure if this should be in the newbie section, but I am somewhat of a newbie, so here goes:

In a home network, I have an Xubuntu file server with a Samba share that has me as the owner and authorizes me to access the share.

On another computer, I have Mint running and providing various services, including webdav on Apache with SSL. In the var/www/webdav directory of the Mint computer, I have the Xubuntu Samba share mounted. This is supposed to allow me to access the Samba share from the public internet.

Everything works fine except for one big problem: Apache requires the owner of the webdav directory to be user "www-data," and I can't figure out how to give www-data access to the Samba share, since www-data is not a user on the Xubuntu computer, and moreover I don't know the password for user www-data.

Can anyone figure out how to get around this problem? In particular, is there a way to configure the Samba share on the Xubuntu computer so that user www-data on the Mint computer can have access to it?

(Incidentally, I have my reasons for using two computers, one as a file server and one as a web server. Also, I am thinking about switching to NFS instead of Samba, but I'm not sure if even that would solve my problem.)

Rsync Copy Permission Denied

hi experts

I am rsyncing a user's home dir across the NFS and the local PC, but when it tries to copy over the hidden files it fails with permission denied. Both dir are owned by the proper user and I am root when I execute the script, so I am not sure what went wrong here.
For example: this is the content and permissions of the source:

-rw------- 1 user test 115 Nov 14 11:28 .bash_history

and here is my error:

rsync: send_files failed to open "/home/user/.bash_history": Permission denied (13)

Thanks

User Migration Issues

Hello, I'm sort of a novice Linux user and was running into an issue with user migration. I'm trying to migrate users and groups from a RHEL 5.11 install to a CentOS 6.6 install, both systems are 64 bit. Initially I tried to do an rsync of the passwd, shadow, group and gshadow files with no luck. When trying to login with an existing account on the new server I get access denied. I tried to change the password on the new server, but even then it doesn't seem to change the password and I still get access denied. I then tried to tar up the four above files and then extracted them on the new server, but the same issue existed. I also created a new account on the old server, copied all the necessary files over to the new server and still have the same issues. Any ideas what I may be doing wrong or what I can try next? This is getting frustrating!

Thanks!