Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can someone explain this permissions chaos!

Status
Not open for further replies.
rybo

rybo

Technical User
Jun 8, 2002
36
US
Hi,

I'm running apache on Linux Mandrake 9.1. One thing I don't understand - I'm trying to run cgi-scripts (mainly a statistics one). First off, what permissions should the cgi-bin folder have? What permissions should the cgi-scripts have? Who should own them, apache or root?

Apparently the system writes the apaches log files in /var/log/httpd - root owns them, and by default, only root can read or write them. So I'm assuming that my cgi-script, that will read them, has to be root, correct?

Any clarifications on this would be great. Another quick question - why sometimes do I need to give files the execute permission just to be read? Sometimes I can't get a program to do a simple read of a file until I give it execute perms.

Thanks, that's a lot to chew.

-Ryan
 
Sort by date Sort by votes
You can change where apache writes its logs. For example, I have a /logs directory in each of my virtual domain's root directory (not to be confused with DocumentRoot). Inside each vhost's directory I have /cgi-bin, /html, and /logs. This way every domain has there own logs. To do this, I just use the same log directives as in the main and copy them to each vhost container. Then edit the path (gots to do that :) ).

For permissions, there is no hard and fast rule. When I add a domain, I create a user account on the system then that user's home is his webspace. So you can see that every cgi-bin on the system will have a different owner. The question now becomes "who can do what to this file or directory?". Rather that use the ugo thing with +rwx, I like the numbers. They are a lot easier to work with. "So how does someone come up with a number like 755" you ask. Well, will notice that the number has 3 digits which represent the User, Group and Other (ugo) always in that order. There are also 3 permissions, Read, Write and Execute. Read has a value of 4. Write has a value of 2 and execute has a value of 1. I'll try to make a chart below that may be easier to follow:


User Group Other
Read=4 X X X
Write=2 X
Execute=1 X X X
------------------------------
7 5 5

Since apache is not the owner or group belonging to most files and directories, you must give your scripts permissions as "Other" also called "World".
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

theniteowl
  • Locked
  • Question
URGENT Permissions issue 1
Replies
6
Views
134
theniteowl
theniteowl
ComputersUnlimited
  • Locked
  • Question
Cannot login into Ubuntu via SSH 1
Replies
4
Views
138
ComputersUnlimited
ComputersUnlimited
bazil2
  • Locked
  • Question
Silently replacing characters in XML file using sed - can you help? 2
Replies
2
Views
85
SamBones
SamBones
bazil2
  • Locked
  • Question
Unable to mount Windows share due to error: can't read superblock - any ideas?
Replies
1
Views
197
RhythmAce
RhythmAce
fayevalentine
  • Locked
  • Question
cannot access shared folder 1
Replies
2
Views
77
SamBones
SamBones

Part and Inventory Search

Sponsor

Back
Top