WSL + Docker file permission issues - wordpress

I'm using docker-compose in a WSL environment. Currently Wordpress runs in the docker composer. All files in the Projects folder are at www-data group and user which allows Wordpress to create everything and upload plugins.
But vs-code has file permission errors as soon as I want to edit files.
Switching user to and www-data groups allows vs-code to edit files but Wordpress has permission errors when uploading plugins or deleting plugins/files.
wsl.conf looks like that:
# Enable extra metadata options by default
[automount]
enabled = true
root = /windir/
options = "metadata,umask=22,fmask=11"
mountFsTab = false
# Enable DNS – even though these are turned on by default, we'll specify
here just to be explicit.
[network]
generateHosts = true
generateResolvConf = true
Using Win 11 with Ubuntu-20.04 - Kernel: 5.10.60.1 and latest docker version.
EDIT:
Still, when I want to edit stuff in Wordpress, upload Media or uploading plugins I need to sudo chown -R www-data * and if I want tot edit files in VScode I need to sudo chown -R <username> *

I had a similar issue on my local WordPress development setup. (Windows 10 + WSL2), here is a link to the git repo:
https://github.com/dorumarginean/wordpress-docker
For uploading images / plugins I updated the owner like you mentioned and for write permissions with Visual Studio Code I edited the PHP container inside my docker-compose.yml.
user: “1000:1000”

Here's what I did when I had a similar problem:
create a new group that contains both www-data and the user that runs your editor.
Let's call your local user myuser and your new group mygroup for now.
First you need to create a new group
sudo addgroup mygroup
Add both the webserver user and your user to this new group
sudo adduser myuser mygroup
sudo adduser www-data mygroup
now give the ownership of the website directory to this new group. cd to your website's directory, then
sudo chown -vR :mygroup .
grant write permission to the group
sudo chmod -vR g+w .
Check to make sure that the changes took effect with ls -ld to see the owner and the permissions of the files and groups myuser www-data to see if both users are indeed in mygroup.
Then make sure to reinitialize the user environment so the permissions coming from the new group will be updated
newgrp - mygroup
You may need to log out and log in again for the user environment to update in the GUI.

Related

Nginx permissions with wordpress

I am trying to set up wordpress on digitalocean with nginx. I am running into permissions issues though. When I upload a file or try to install a plugin I get the cannot create in directory warning. So I came across the post Here that says I need to give nginx access to the folder. So I executed the following:
sudo chown -R www-data:www-data /path/to/folder
sudo chmod -R 755 /path/to/folder
This works except now I cannot add and delete files with filezilla. Obviously because the permissions to the folder are no longer with the me the user they are now with www-data.
So my question is what is the correct way to configure nginx to work with wordpress and still allow me to upload and delete files with ftp.
When using digital ocean droplets you will probably be using sftp access to your server.
Try the following commands in your terminal when logged in.
Add your currently logged in user to the www-data group:
sudo usermod -aG www-data $USER
Then change your vhost directory and all files and subdirectories to be owned by www-data group:
sudo chown -R www-data:www-data /var/www
Set the proper permissions so you can upload files via sftp, manage files via command-line, and upload plugins and media directly in WordPress:
sudo chmod -R 774 /var/www
Hope this helps
Saskia

wordpress: plugin updates not updating

To be clear on some things, I have tried:
going into config.php and inputting define FS_Method, FTP_Base, FTP_Content_Dir, FTP_Plugin_Dir, FTP_User, FTP_Pass, FTP_Host, FTP_SSL
setting file permissions to 755 on wp-content, wp-content/uploads, wp-content/plugins
Things I do not have access to: cpanel, file manager, ubuntu, commands, SSH credentials.
I have spoken to my web host (it is a shared host account), and they will not provide me info on SSH. The only backend I have access to is wordpress admin and FTP through FileZilla or WinSCP. The web host has declared this issue to be in my court and refuses to help me out (unless I want to be charged a hefty fee).
Now, the issue is updating plugins. I can activate and deactivate plugins. But I can't install, delete or update plugins. Originally, the issue was "can't create directory" but then I changed define(FS_METHOD) to ftpsockets. Originally it was direct. (ftpext did not work whatsoever).
NOW the issue is "Update Failed: Could not copy file. all-in-one-wp-migration/all-in-one-wp-migration.php" for the plugin All-in-one WP Migration.
Can anyone help me out or point out what I'm doing wrong?
check your disk quota , the space assigned to your account , it looks like you may be overquota and hence the updates are failed.
As other posts indicate, the root cause is a permissions problem in /var/www/html/wordpress. In my case, I used Microsoft document https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-lamp-stack to install LAMP in Azure on Ubuntu 18.x LTS. I set the app to use the SFTP plugin for updates & uploads per https://wordpress.org/plugins/ssh-sftp-updater-support/. Then I changed permissions in as needed to the directories 'plugins themes upgrade uploads', group www-data (I used top to determine this, but other tools will do the trick), 775 on directories and 664 on files. Of course the user ID used to SFTP files had to be added to the www-data group on the system. I DID NOT set permissions to 777 as some have suggested in other posts and blogs.
Your situation may vary for required group ownership permissions. So analyze accordingly.
And best of luck.
Get your webhost to do this or you can do it yourself if you have SSH access
sudo usermod -aG www-data $USER
sudo chown -R www-data:www-data /var/www
sudo chmod -R 774 /var/www
you may want to revert back to the default: prevent writeable
sudo chmod -R 755 /var/www

Giving Wordpress permissions on LAMP - Ubuntu

I'm setting up lots of wordpress install on ubuntu. Digital Ocean suggest running these commands to grant Wordpress permissions in order to be able to update, download plugins etc:
sudo chown www-data:www-data * -R
sudo usermod -a -G www-data linux_user_name
src: https://www.digitalocean.com/community/tutorials/how-to-set-up-multiple-wordpress-sites-on-a-single-ubuntu-vps
I've been running everything as the root user, and I'm concerned these commands are not the most secure way of doing this. Is there a better way, without having to run commands for every domain?
Many thanks.
Ideally you don't want to be doing everything as root as when Wordpress runs it won't be running as the root user on the Ubuntu box meaning that you'll probably run into problems when trying to install plugins and updates.
This is because the default Apache user will be www-data and is the user you should be using to setup folders and permissions in which to install and run Wordpress. If you are managing permissions for each domain, use www-data in the root folder i.e. public_html and the sub folders will be set to the www-data user. There are loads of good tutorials on digital ocean for just this, I'd try getting setup with www-data as you'll run into a lot less issues going forwards.

LEMP + wordpress file permissions to be able to edit, upgrade and use sftp client

I am trying to manage file permissions on a debian webserver that runs nginx, so that wordpress can edit, upload and upgrade without having to use ftp. I also want to be able to login using sftp with my user account.
I am aware of the fact that this question has been asked before, see here
or here, but following the steps in those answers hasn't been satisfying. The setup currently looks as follows:
The wordpress folder is in /var/www/html/
I made a new user ("user") and group ("group"). The server user is
"www-data".
All files in the wordpress folder are owned by user:group.
Both "user" and "www-data" are set to belong to "group".
I changed file and folder permissions as follows:
find /var/www/html/ -type d -exec chmod 2775 {} +
find /var/www/html/ -type f -exec chmod 664 {} +
I set the default umask to 0002.
I would have thought this should work, but currently I can edit and upload files from within wordpress, but not update wordpress, functions or themes.
It also does not work with "group" set as default group for "user" and/or "www-data" (by editing /etc/passwd).
Alternatively, I made all files in /var/www/html/ owned by user:www-data, but also without success.
The only way I seem to get wordpress to update without ftp is by making the wordpress-folder and all its files owned by "www-data". Unfortunately, the result of that is that I cannot upload files using an sftp-client (because the target is now a folder that is not owned by "user").
How can this be? As far as I understand these steps should give wordpress the proper permissions, but something still is wrong.
Your help would be greatly appreciated.
On a debian server I followed these steps. It might not be the most secure solution as I read here, but it works (wordpress can edit, upload and upgrade - and I can upload using sftp).
Create a new user "user"
Create a new group "group" (you can choose to use www-data as group as well)
Add user and www-data to group
usermod -G group user
usermod -G group www-data
Check group numerical id in /etc/group
e.g. group:x:1002
Change default group of www-data and user in /etc/passwd
e.g. user:x:1001:1002:...
In /etc/php5/fpm/pool.d/www.conf (in my case) change group=www-data to ;group=www-data. Now nginx will use the default group of www-data which we just set to "group". Reload service (php5-fpm).
Recursively change owner of your wordpress folder to user:group
chown -R user:group /var/www/html
Change permissions in your wordpress folder (The 2 is to assign new files to the parent folder's group)
find /var/www/html/ -type d -exec chmod 2775 {} +
find /var/www/html/ -type f -exec chmod 664 {} +
Change umask to UMASK 0002 in /etc/login.defs
In wordpress, enforce direct upload (so no ftp) by adding define('FS_METHOD','direct'); to wp-config.php. In my case, this was an essential step.
To get things working, I needed to reboot.
I ran into this issue and I figured that I would share how I fixed it on Ubuntu running PHP 7 in case it can help someone. I adapted the following after reading this article that outlines how it is done with PHP 5.
Nginx needs to be optimized with PHP pools in order to give ownership of files and folders to users.
First, you need to create a new PHP-FPM memory pool. Do this by copying the default memory pool and renaming it with the user that you want to associate it with:
sudo cp /etc/php/7.0/fpm/pool.d/www.conf /etc/php/7.0/fpm/pool.d/username.conf
Edit the file:
sudo nano /etc/php/7.0/fpm/pool.d/username.conf
Go through the file and change username in the following locations:
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[username]
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = username
listen = /run/php/php7.0-fpm.username.sock
Now you need to update your server block(s). You will need to adjust to the correct sockets to allow access to the newly created pool.
Open your server configuration file:
sudo nano /etc/nginx/sites-available/default
Or if you setup server blocks (virtual hosts), then:
sudo nano /etc/nginx/sites-available/example.com
Edit the following line and replace username:
fastcgi_pass unix:/run/php/php7.0-fpm.username.sock;
Finally, restart Nginx:
sudo service nginx restart

Update wordpress theme on ec2

I'm hosting a wordpress site on ec2 and I'm trying to update my theme through the admin screen. Its asking me for Hostname and ftp username and password. Is ec2-xxx.compute-1.amazonaws.com:22 my hostname? I tried along with ec2user and root for my ftp username but no luck. What am I doing wrong?
Skip the FTP info altogether and just change the permission of the directory structure where Wordpress is installed.
VIA SSH
sudo chown -R apache:apache path/to/wordpress
sudo makes sure you execute as the root user
chown will change the owner of the directory
-R will make it recursive, so it changes all files and directories within
apache:apache is user:group
And then the path to wordpress. Could be /var/www/html/sitename.com or if you navigate to the folder where Wordpress is installed, you can use a period (.) to tell it to change the current directory.
This will make is so that you can't copy files via sftp though, so it is good to change at least the themes directory back to the ec2-user:ec2-user user and group.
So this changes back to your ssh/sftp user:
sudo chown -R ec2-user:ec2-user path/to/wordpress
You can assign the folders to the ftp user and the apache group and then make them group writable as well. This will allow you to ftp into the directory, and allow everything to be auto updated within Wordpress.
// Set the wp-contents into the apache group and then make files group writable
sudo chgrp -R apache wp-content
sudo chmod -R g+w wp-content
// This makes new files created in wp-content and all of its sub-directories group-writable.
sudo chmod g+s wp-content
Then add this to wp-config.php to force Wordpress to update when only applying this wp-content:
define('FS_METHOD', 'direct');
You can also apply to the whole Wordpress install to auto update Wordpress and not just plugins/themes. If you do this, I would recommend putting your wp-config.php file one directory above your Wordpress install though, so you can lock it down separately.
EDIT: Whenever I am having permission troubles on EC2, I go to site root directory, and paste these lines in. I apply it to the whole Wordpress install these days:
sudo find . -type d -exec chmod 0755 {} \;
sudo find . -type f -exec chmod 0644 {} \;
sudo chown -R ec2-user:apache .
sudo chmod -R g+w .
sudo chmod g+s .
I use something similar on my Mac as well.
In your wp-config.php under directives add this line:
define('FS_METHOD', 'direct');
You can simply solve this problem by doing this via ssh:
sudo chown -R apache path/to/wordpress
then
sudo chmod -R 755 path/to/wordpress
Your hostname would be ec2-107-20-192-98.compute-1.amazonaws.com.
Your username will be the username you use to SFTP to the instance normally - ec2user for some instance types, ubuntu for Ubuntu AMIs, etc. EC2 generally doesn't use passwords, preferring SSH keys, so you'll have to set a password for your account by doing passwd on the commandline.
Try adding FTP credentials to wp-config.php: http://codex.wordpress.org/Editing_wp-config.php and http://codex.wordpress.org/Editing_wp-config.php#WordPress_Upgrade_Constants
That should make WP admin stop asking for FTP details. But depending on how you've set up permissions via the command line, may have to go to the command line to edit files like wp-config.php . And you may not have sufficient permissions to upload and for WP to unzip a theme.
As per other answers, I use SFTP with a server of ec2-xx-xxx-xx-xx.compute-1.amazonaws.com username of ec2-user
ec2-107-20-192-98.compute-1.amazonaws.com:22 represents both the hostname and the ssh port. (SSH is normally on port 22, though it can run on any port.)
Try just ec2-107-20-192-98.compute-1.amazonaws.com in the hostname field.
I'm still skeptical of a webpage asking for a username and password. Seems a bit silly to me, since you should just use SFTP to directly upload whatever content you want using your SSH identity key instead of a password.
You could simply use 127.0.0.1 as hostname and check FTP in Wordpress ftp settings.
To resume what has been said:
user is the same you actually use to SSH/SFTP
password needs to be set/updated logging in via SSH and typing
sudo passwd your-user-name

Resources