0

I've got a server setup with Centos 5.6, Apache 2.2.19 and PHP 5.2.17. PHP is being handled by suPHP.

In the global php.ini
safe_mode = off
open_basedir = none

Apache is set to run as nobody in the suPHP config.

I've got two domains setup in:
/home/user1/public_html and /home/user2/public_html

Both public_html directories have permissions of 0750 with group as nobody

All files/directories in each user directory are owned by that user and have the group set to that user as well.

I'm running a script in /home/user1/public_html/scripts/functions.php which is trying to create a directory in /home/user2/public_html/user_files (which has chmod permissions set to 0757), however I'm getting a permission denied error...

I'm assuming this is to do with the fact that PHP is being run as nobody, but I'm not sure what to change to enable scripts in each user's folder to write into the other user's folder, unless I make the user folder's writable by anybody, which doesn't sound very safe...

Does anybody know where I'm going wrong?

EDIT:

drwx--x--x    root.root      /home  
drwx-wx--x    user2.user2    /home/user2
drwxrwx---    user2.nobody   /home/user2/public_html 
drwxrwxrwx    user2.nobody   /home/user2/public_html/user_files
Improve this question

3 Answers 3

Reset to default
1

The directory /home/user2/public_html/user_files is owned by xxx:nobody and comes with the permissions 757, correct?
757 means it is read/accessible by anyone, but write access is only granted to users not in group nobody. So your problem might be solved if you just change the group of this directory, or better, change the permissions to 775. With 775 the owner and the group have write permissions, so they can create further files/directories in it, but no one else is able to write to this dir.

Improve this answer
1
  • I'll add the full permissions above.
    – Jon
    Commented Jul 5, 2011 at 11:30
1

I had a similar problem on F15, and SELinux was the culprit in my case. Try:

chcon -R -h -t http_sys_rw_content_t /home/user2/public_html/user_files

Use the same command on any other dirs where you want Apache to have R/W access. If it works, use semanage to make the context change permanent across reboots.

Improve this answer
2
  • The server has cPanel and WHM installed - do you know if I would need to change anything in cPanel/WHM in addition to this?
    – Jon
    Commented Jul 5, 2011 at 11:42
  • Additionally, SELinux is disabled...
    – Jon
    Commented Jul 5, 2011 at 11:43
0

In the end I created a new group containing user1 and user2 and just changed the group ownerships on the relevant folders to allow cross-folder writing.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .