473,232 Members | 1,539 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,232 software developers and data experts.

Permissions

I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I created
called "users". I am unable to figure out how to set permissions on this
directory, and what those permissions should be. I am using ShieldHost.

When there is a new user, and he enters his desired name and password, as
part of the process I want to create a small directory tree under "users"
with the username as the top level. I get that I don't have permission to
do that with the mkdir in the code. The line of code is:

mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly
Jul 17 '05 #1
10 2599
Shelly wrote:
I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I created
called "users". I am unable to figure out how to set permissions on this
directory, and what those permissions should be. I am using ShieldHost.

When there is a new user, and he enters his desired name and password, as
part of the process I want to create a small directory tree under "users"
with the username as the top level. I get that I don't have permission to
do that with the mkdir in the code. The line of code is:

mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly


Hi Shelly,

You question is not complete.

1) Who is the owner of /var/www/html/users/ ??
2) What are the permissions set on /var/www/html/users/ ??
3) Who is running PHP? Which user? Apache? WWW-DATA? NOBODY?
And does that user has rights to to add a new dir in /var/www/html/users/ ??

Maybe if you try to answer these questions, you may find out what goes
wrong. :-)

Good luck.

Regards,
Erwin Moller
Jul 17 '05 #2

"Erwin Moller"
<si******************************************@spam yourself.com> wrote in
message news:42***********************@news.xs4all.nl...
Shelly wrote:
I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I
created
called "users". I am unable to figure out how to set permissions on this
directory, and what those permissions should be. I am using ShieldHost.

When there is a new user, and he enters his desired name and password, as
part of the process I want to create a small directory tree under "users"
with the username as the top level. I get that I don't have permission
to
do that with the mkdir in the code. The line of code is:

mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly
Hi Shelly,

You question is not complete.

1) Who is the owner of /var/www/html/users/ ??


I created the users directory when I logged in as webmaster via the
ShieldHost.com admin interface for my website. So, webmaster owns the
directory as well as all the *.php code in the directory /var/www/html.
When a user uses the URL, it is that code that is run. I assumed that since
the code is owned by webmaster, that the permissions on the server are also
that for webmaster and so should be able to create the directories under
users.
2) What are the permissions set on /var/www/html/users/ ??
I don't know and can't seem to determine them from the interface provided by
ShieldHost. When I log into the administration interface there is a "File
Manager" option. If I drill down to the users directory, I don't have any
option to see the permissions.
3) Who is running PHP? Which user? Apache? WWW-DATA? NOBODY?
Apache on the server.
And does that user has rights to to add a new dir in /var/www/html/users/
??
I guess not since it says I don't have permission. How can I find out? How
can I give Apache that right, since it is Apache that is actually running
the code? In the ShieldHost admin interface (at ShieldHost.com), when I
click on services/Apache and then "Protect Directories", it shows that the
/var/www/html/users directory is unprotected. I don't see where to give
Apache any rights.

BTW, I just tried a little experiment. I tried to create a directory in the
/var/www/html of just the username supplied by the user. IOW, I didn't put
things in a subdirectory "users". It also failed due to permissions, so the
problem is not with the "users" directory, but with the parent directory.
Should I try some directory somewhere else?
Maybe if you try to answer these questions, you may find out what goes
wrong. :-)
Not yet :-(

Good luck.


Thanks.

Shelly
Jul 17 '05 #3
I found out how to get the permissions on the directories. They were set to
RE for group and others. Owner, webmaster, had RWE. Giving RWE to group
didn't do anything. Giving RWE to others didn't do anything.

Shelly
"Shelly" <sh************@asap-consult.com> wrote in message
news:C6********************@comcast.com...

"Erwin Moller"
<si******************************************@spam yourself.com> wrote in
message news:42***********************@news.xs4all.nl...
Shelly wrote:
I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I
created
called "users". I am unable to figure out how to set permissions on
this
directory, and what those permissions should be. I am using ShieldHost.

When there is a new user, and he enters his desired name and password,
as
part of the process I want to create a small directory tree under
"users"
with the username as the top level. I get that I don't have permission
to
do that with the mkdir in the code. The line of code is:

mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly


Hi Shelly,

You question is not complete.

1) Who is the owner of /var/www/html/users/ ??


I created the users directory when I logged in as webmaster via the
ShieldHost.com admin interface for my website. So, webmaster owns the
directory as well as all the *.php code in the directory /var/www/html.
When a user uses the URL, it is that code that is run. I assumed that
since the code is owned by webmaster, that the permissions on the server
are also that for webmaster and so should be able to create the
directories under users.
2) What are the permissions set on /var/www/html/users/ ??


I don't know and can't seem to determine them from the interface provided
by ShieldHost. When I log into the administration interface there is a
"File Manager" option. If I drill down to the users directory, I don't
have any option to see the permissions.
3) Who is running PHP? Which user? Apache? WWW-DATA? NOBODY?


Apache on the server.
And does that user has rights to to add a new dir in /var/www/html/users/
??


I guess not since it says I don't have permission. How can I find out?
How can I give Apache that right, since it is Apache that is actually
running the code? In the ShieldHost admin interface (at ShieldHost.com),
when I click on services/Apache and then "Protect Directories", it shows
that the /var/www/html/users directory is unprotected. I don't see where
to give Apache any rights.

BTW, I just tried a little experiment. I tried to create a directory in
the /var/www/html of just the username supplied by the user. IOW, I
didn't put things in a subdirectory "users". It also failed due to
permissions, so the problem is not with the "users" directory, but with
the parent directory. Should I try some directory somewhere else?
Maybe if you try to answer these questions, you may find out what goes
wrong. :-)


Not yet :-(

Good luck.


Thanks.

Shelly

Jul 17 '05 #4
Shelly wrote:
I found out how to get the permissions on the directories. They were set
to
RE for group and others. Owner, webmaster, had RWE. Giving RWE to group
didn't do anything. Giving RWE to others didn't do anything.

Shelly

Hi,

I don't know about schieldhost.com, so I cannot help there.

I could try to help you to open up the directory (chmod 777 style, which is
bad), but it is really better you know what you are doing, so you can fix
this yourself in future.
I suggest you read up a little on filepermission on Linux/GNU systems.
(links follow)

Do you have shell access to the computer where this material is located??
Can you start anything like BASH, SH, etc??
Or telnet?

If you have: log in and use commands like
ls -l
chown
etc..

Have a look at some online documentation, eg here is some from redhat:

https://www.redhat.com/docs/manuals/...started-guide/
look under: 11. Shell Prompt Basics
and click Ownership and Permissions

or if you have the time: read the whole chapter 11.

Hope this helps.

Regards,
Erwin Moller
Jul 17 '05 #5
Thanks, but I do understand the file permissions on a Unix system (I have
worked in Unix) and I do not have shell access to the hosting server. All I
have is the interface they supply, which does allow me to change
permissions, but not owners.

I have no way of determining what the "user name" for the Apache is -- and I
surmise that is who the user must be on the server.

I agree that opening it with 777 is bad. I used 755.

Shelly

"Erwin Moller"
<si******************************************@spam yourself.com> wrote in
message news:42***********************@news.xs4all.nl...
Shelly wrote:
I found out how to get the permissions on the directories. They were set
to
RE for group and others. Owner, webmaster, had RWE. Giving RWE to group
didn't do anything. Giving RWE to others didn't do anything.

Shelly

Hi,

I don't know about schieldhost.com, so I cannot help there.

I could try to help you to open up the directory (chmod 777 style, which
is
bad), but it is really better you know what you are doing, so you can fix
this yourself in future.
I suggest you read up a little on filepermission on Linux/GNU systems.
(links follow)

Do you have shell access to the computer where this material is located??
Can you start anything like BASH, SH, etc??
Or telnet?

If you have: log in and use commands like
ls -l
chown
etc..

Have a look at some online documentation, eg here is some from redhat:

https://www.redhat.com/docs/manuals/...started-guide/
look under: 11. Shell Prompt Basics
and click Ownership and Permissions

or if you have the time: read the whole chapter 11.

Hope this helps.

Regards,
Erwin Moller

Jul 17 '05 #6
On Tue, 21 Jun 2005 23:39:09 -0400, Shelly wrote:
I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I created
called "users". I am unable to figure out how to set permissions on this
directory, and what those permissions should be. I am using ShieldHost.

When there is a new user, and he enters his desired name and password, as
part of the process I want to create a small directory tree under "users"
with the username as the top level. I get that I don't have permission to
do that with the mkdir in the code. The line of code is:

mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly


Without root access you don't have permission to create users, which you
already know because your in Unix. I don't know Sheildhost but would I be
right in thinking (from your post) that you are expecting it to have some
means to create 'sub-users' for hosting purposes?

This could only really be a controlled access system rather than a real
owner:group at system level. More of a login system to your users. But in
the end the files will still be owned by yourself.
Jul 17 '05 #7

"BearItAll" <sp**@rassler.co.uk> wrote in message
news:pa****************************@rassler.co.uk. ..
On Tue, 21 Jun 2005 23:39:09 -0400, Shelly wrote:
I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I
created
called "users". I am unable to figure out how to set permissions on this
directory, and what those permissions should be. I am using ShieldHost.

When there is a new user, and he enters his desired name and password, as
part of the process I want to create a small directory tree under "users"
with the username as the top level. I get that I don't have permission
to
do that with the mkdir in the code. The line of code is:

mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly


Without root access you don't have permission to create users, which you
already know because your in Unix. I don't know Sheildhost but would I be
right in thinking (from your post) that you are expecting it to have some
means to create 'sub-users' for hosting purposes?

This could only really be a controlled access system rather than a real
owner:group at system level. More of a login system to your users. But in
the end the files will still be owned by yourself.


Last night they had the AFI show on with the 100 best quotes from the
movies. What came to mind is "It seems we have a failure to communicate" --
and it is my fault.

I don't want to create users that can access the server. The ShieldHost
admin interface allows me to do that -- but that is not the idea. I want to
create "users" in the same sense as "members" of a "club". This is just
like signing up for Yahoo or any of a myriad of products. None of those
users can access the server except to run the scripts from a URL and their
links. So, when I say creating a username it is for being part of a
group -- not for having an account on the server.

I want the new user/member to join the group with a username through the web
page interface I provide. I check that the name is available and then add
that user to the database. I also, at the same time as I add him to the
database of users, want to create a directory with that username under a
master directory called "users". Under this username directory I want to
create at least two other directories into which I will place files that he
will upload later. The reason for this is (a) to organize so it is
individual by users, and (b) to avoid file name collision.

The problem I am having is that no matter how I set the permissions for the
"users" directory -- or even the one above that -- I cannot create a new
directory with the username.

I hope that is clearer.

Shelly
Jul 17 '05 #8
>>> I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I
created
called "users". I am unable to figure out how to set permissions on this
directory, and what those permissions should be. I am using ShieldHost.
You apparently have *THREE* types of users here.

There are MySQL users, who are authorized to access the database.
Typically a PHP web page has one of these hidden in it somewhere
so the page can access the DB. Occasionally a user will enter their
own MySQL DB password into a web page for use accessing the DB, but
usually, it's the PAGE, not the USER who has the DB access authority.

There are web users, who log into a web page. Typically these users
are listed in a MySQL table (NOT the MySQL privilege table) but
they do not have authority to log into the DB directly. These are
a creation of the web page itself, which enforces logins.

There are OS users, who have permissions to access files.
When there is a new user, and he enters his desired name and password, as Web user.
part of the process I want to create a small directory tree under "users"
with the username as the top level. I get that I don't have permission
to
do that with the mkdir in the code. The line of code is:
The OS user Apache is running as does not have permission to
create a directory where you want it to.

mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly
Without root access you don't have permission to create users, which you
You can't create OS users, and you may or may not be able to create
MySQL users (later on it seems you can create MySQL users, which
isn't what you need). You CAN create web users, as your page handles
all of that.
already know because your in Unix. I don't know Sheildhost but would I be
right in thinking (from your post) that you are expecting it to have some
means to create 'sub-users' for hosting purposes?

This could only really be a controlled access system rather than a real
owner:group at system level. More of a login system to your users. But in
the end the files will still be owned by yourself.


Last night they had the AFI show on with the 100 best quotes from the
movies. What came to mind is "It seems we have a failure to communicate" --
and it is my fault.

I don't want to create users that can access the server. The ShieldHost


MySQL users.
admin interface allows me to do that -- but that is not the idea. I want to
create "users" in the same sense as "members" of a "club". This is just
Web users.
like signing up for Yahoo or any of a myriad of products. None of those
users can access the server except to run the scripts from a URL and their
links. So, when I say creating a username it is for being part of a Web users.group -- not for having an account on the server. MySQL users.
I want the new user/member to join the group with a username through the web Web users.
page interface I provide. I check that the name is available and then add
that user to the database. I also, at the same time as I add him to the Web users.
database of users, want to create a directory with that username under a
master directory called "users". Web users.
Under this username directory I want to
create at least two other directories into which I will place files that he
will upload later. The reason for this is (a) to organize so it is
individual by users, and (b) to avoid file name collision.

The problem I am having is that no matter how I set the permissions for the
"users" directory -- or even the one above that -- I cannot create a new
directory with the username.


The OS user that apache / PHP are running as does not have OS privileges
to create the directory.

It may simply be hosting site policy that the Apache/PHP OS user
does not have privileges to write files *ANYWHERE*. If you want
to write something, stuff it in the database, put it on a user
machine as a cookie, or forget about saving it. You FTP stuff in
as a different OS user which does give you permission to write.
This protects the web site against viruses and such. It can also
be very annoying to customers like you who want to write files.

If you want OS permissions to create a writable directory, I
think you'll have to ask your host for it. You might be able
to do it through the ShieldHost control panel, but I've never
seen that, so I don't know how.

Gordon L. Burditt
Jul 17 '05 #9

"Gordon Burditt" <go***********@burditt.org> wrote in message
news:11*************@corp.supernews.com...
I have a new server and I have my files up there. The files are in
/var/www/html/. In this directory I have another directory that I
created
called "users". I am unable to figure out how to set permissions on
this
directory, and what those permissions should be. I am using
ShieldHost.
You apparently have *THREE* types of users here.

There are MySQL users, who are authorized to access the database.
Typically a PHP web page has one of these hidden in it somewhere
so the page can access the DB. Occasionally a user will enter their
own MySQL DB password into a web page for use accessing the DB, but
usually, it's the PAGE, not the USER who has the DB access authority.
No, my users do not access the MySQL database. That is done solely by the
page. Oh, I, as the administrator, can access the database through the
admin interface. The users cannot.
There are web users, who log into a web page. Typically these users
are listed in a MySQL table (NOT the MySQL privilege table) but
they do not have authority to log into the DB directly. These are
a creation of the web page itself, which enforces logins.
Those are the only kind of users I have (other than administrators).
There are OS users, who have permissions to access files.


That is me.
When there is a new user, and he enters his desired name and password,
as Web user.
part of the process I want to create a small directory tree under
"users"
with the username as the top level. I get that I don't have permission
to
do that with the mkdir in the code. The line of code is:
The OS user Apache is running as does not have permission to
create a directory where you want it to.


Exactly!!!! How do make that possible? That is the $64K question.
mkdir($_SESSION['UserRoot'] . $ss_username, 0755);

where the session variable has the directory path ending in "/".

Any ideas?

Shelly

Without root access you don't have permission to create users, which you
You can't create OS users, and you may or may not be able to create
MySQL users (later on it seems you can create MySQL users, which
isn't what you need). You CAN create web users, as your page handles
all of that.
already know because your in Unix. I don't know Sheildhost but would I
be
right in thinking (from your post) that you are expecting it to have
some
means to create 'sub-users' for hosting purposes?

This could only really be a controlled access system rather than a real
owner:group at system level. More of a login system to your users. But
in
the end the files will still be owned by yourself.


Last night they had the AFI show on with the 100 best quotes from the
movies. What came to mind is "It seems we have a failure to
communicate" --
and it is my fault.

I don't want to create users that can access the server. The ShieldHost


MySQL users.
admin interface allows me to do that -- but that is not the idea. I want
to
create "users" in the same sense as "members" of a "club". This is just


Web users.
like signing up for Yahoo or any of a myriad of products. None of those
users can access the server except to run the scripts from a URL and their
links. So, when I say creating a username it is for being part of a

Web users.
group -- not for having an account on the server.

MySQL users.
I want the new user/member to join the group with a username through the
web

Web users.
page interface I provide. I check that the name is available and then add
that user to the database. I also, at the same time as I add him to the

Web users.
database of users, want to create a directory with that username under a
master directory called "users".

Web users.
Under this username directory I want to
create at least two other directories into which I will place files that
he
will upload later. The reason for this is (a) to organize so it is
individual by users, and (b) to avoid file name collision.

The problem I am having is that no matter how I set the permissions for
the
"users" directory -- or even the one above that -- I cannot create a new
directory with the username.


The OS user that apache / PHP are running as does not have OS privileges
to create the directory.

It may simply be hosting site policy that the Apache/PHP OS user
does not have privileges to write files *ANYWHERE*. If you want
to write something, stuff it in the database, put it on a user
machine as a cookie, or forget about saving it. You FTP stuff in
as a different OS user which does give you permission to write.
This protects the web site against viruses and such. It can also
be very annoying to customers like you who want to write files.

If you want OS permissions to create a writable directory, I
think you'll have to ask your host for it. You might be able
to do it through the ShieldHost control panel, but I've never
seen that, so I don't know how.

Gordon L. Burditt


I guess I will have to right a "trouble ticket" to get that to happen.

Shelly
Jul 17 '05 #10
Shelly wrote:

<snip>
The OS user Apache is running as does not have permission to
create a directory where you want it to.


Exactly!!!! How do make that possible? That is the $64K question.


1) By finding out which OS user it is that Apache runs as.
2) Making sure the directory in which you want to create files/directories
INCLUDES that user mentioned under 1).
This can be done by opening the directory to:
- everybody (chmod 777), which will surely include the user under 1).
- a group

I think the group-approach is the best.
Create a group called shellyapache, and add user shelly and user apache to
it.

Now create the directory IN WHICH you want to create new directories and
give appropriate filepermission TO THE GROUP shellyapache.

In that way you directory is safe for everybody.

One drawback is that other users on the same machine have access to the same
apache-user (under most configurations), and they could try to reach this
directory.
If this is a concern to you:
An easy (not state of the art) way to make this more difficult is naming the
directy strange, like HJKGJHFHTGDFHGJFJH76456546.
Nobody will guess that.
Hope this helps.

Regards,
Erwin Moller

PS: If you need help with groups and such, read the URL from Redhat I sent
you in a previous post.
Jul 17 '05 #11

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: Kim Lots | last post by:
Hi Sorry to disturb you again but i really like to know what's the NTFS folder permissions on a "virtual directory" folder for a public webserver iis 5.x running ASP 3.0 with an Access DB on a...
1
by: Brad H McCollum | last post by:
I'm writing an application using VB 6.0 as the front-end GUI, and the MSDE version of SQL Server as the back-end (it's a program for a really small # of users --- less then 3-4). I'm trying to...
6
by: !!! Klutzo !!! | last post by:
I give permissions for ASPNET on a top level subdirectory. A windows program copies a file into the subdirectory, however, my web service cannot access the file because it does not have...
2
by: Jozef | last post by:
Hello, Is there a way to change table permissions in VB Code? I can't seem to find much that's concise in the help file. Here's the situation; I have a table in the "data" portion of a split...
7
by: none | last post by:
Hello: I had a nice php application running on my server here at home, and I uploaded it to a shared public type server and it started to break all over the place. It turns out that some...
13
by: MLH | last post by:
Invalid qualifier error displays at compile time on this A97 example from Permissions Property HELP. What's wrong with the strContainerName assignment line? (6th line) Sub...
0
by: Curt K | last post by:
We run some web services (IIS 5 and IIS 6) that communicate to a COM out of process server, which in turn communicates to another out of process COM server (long story). We have had lots of...
8
by: jporter188 | last post by:
Hello, I am working on a project to manipulate XML files. All of the files, the code, and the output are on network drives. When I run my program I get an exception (see below). I tried giving...
3
by: palepimp | last post by:
Hello all, I have searched far and wide for a solution to my issue. In short, here is the problem: 1. 3 PC's enter data into an Access 2003 database (PC's are running Vista w/ Office 2007...
6
by: DotNetNewbie | last post by:
Hello, in my web application, I have to create permissions for each user. So what I am doing is that for each role (using sqlmembership in .net) I am creating a column in the database to hold a...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: fareedcanada | last post by:
Hello I am trying to split number on their count. suppose i have 121314151617 (12cnt) then number should be split like 12,13,14,15,16,17 and if 11314151617 (11cnt) then should be split like...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.