Make writeable dir for www-data and user - unix

I'm new to Linux (using Debian). How to make writeable dir for user and for web-server?
I connect to server via ssh, upload my files. And run next commands:
sudo chown -R www-data:www-data writeable/
sudo chmod -R g+rw writeable/
Then nginx and php (running by www-data user) writes files to writeable. Auter that i do not able to edit or delete those files.
Please help me. I know what that question was asked a million times, but i could not to find solution.
Thanks!

not sure to understand, but I guess you want your dir to be writable for user "www-data" and for another user, let's call it "medvedev".
You can put both users in a group, and grant write permissions for owner (www-data) and group.
useradd -G medvedev www-data

Related

Nginx permissions with wordpress

I am trying to set up wordpress on digitalocean with nginx. I am running into permissions issues though. When I upload a file or try to install a plugin I get the cannot create in directory warning. So I came across the post Here that says I need to give nginx access to the folder. So I executed the following:
sudo chown -R www-data:www-data /path/to/folder
sudo chmod -R 755 /path/to/folder
This works except now I cannot add and delete files with filezilla. Obviously because the permissions to the folder are no longer with the me the user they are now with www-data.
So my question is what is the correct way to configure nginx to work with wordpress and still allow me to upload and delete files with ftp.
When using digital ocean droplets you will probably be using sftp access to your server.
Try the following commands in your terminal when logged in.
Add your currently logged in user to the www-data group:
sudo usermod -aG www-data $USER
Then change your vhost directory and all files and subdirectories to be owned by www-data group:
sudo chown -R www-data:www-data /var/www
Set the proper permissions so you can upload files via sftp, manage files via command-line, and upload plugins and media directly in WordPress:
sudo chmod -R 774 /var/www
Hope this helps
Saskia

centos add folder full access only to a specific group

In my centos server (amazon ami) with nginx installed i would to guarantee full access 777 (read write execute) at a specific folder only for user in a specific group and deny any type of access to all others.
Well, first i create the folder:
sudo mkdir var/www
then i create group:
sudo groupadd lavagrp
add specific user to the group:
sudo usermod -a -G lavagrp ec2-user
sudo usermod -a -G lavagrp nginx
then i add group permission to folder in this maneer:
sudo chgrp lavagrp: 777 var/www
but system respond:
"group not valid lavagrp"
if i check the group with
getent group lavagrp
group exist and system return
lavagrp:x:501:ec2-user,nginx
Someone know how can i garant to my folder var/www full control just for lavagrp users?
thanks in advance
There are a couple of issues with your chgrp command. The ":" character and the 777 parameter are causing the "group not valid lavagrp" error because the chgrp program doesn't understand what these are.
I also wouldn't recommend to set 777 on this folder either. You can achieve the same result using the following commands.
sudo chmod 770 /var/www
sudo chgrp lavagrp /var/www
This means the owner has read, write and execute permissions, the group has read, write and execute permissions and every other user cannot read, write or traverse into that directory.
you can use "setfacl" command like below :
setfacl -R -m g:lavagrp:rwx /var/www
with this command other users have default permission on this dir (in other words The same access as before), but lavagrp's users have 777 access on this directory and sub directories (and files)

Permission in google cloud sftp

I am using wordpress with google cloud and set it up for sftp connection. The permission to folders are 755 and files are 644. Even i have changed Cloud API access scopes to "allow full connection".
When i try to add plugin through wordpress backend it will ask me for ftp credentials unless i change to sudo chown -Rf www-data.www-data /var/www/html but then i can't upload or change any file through sftp unless i change sudo chown -R [my-user-name]:www-data /var/www/html.
So i have to change permissions every time i change something either through sftp or through backend.
I solved my problem like so.
First add your username(sftp username in mycase) in group www-data
then assign group www-data as an owner
and finally grant permission to www folder.
sudo adduser <username> www-data
sudo chown -R www-data:www-data /var/www
sudo chmod -R g+rwX /var/www
remember to restart filezilla or any sftp client you are using so the changes can take effect.
I think this one might be considerd off-topic as this is a linux permissions issue and not a Google Cloud one, and it have been answered many times. Usually done by adding your linux user to the webserver group.
Whats the simplest way to edit and add files to “/var/www”
www-data permissions?
[SOLVED] Can't Post Files to /var/www using Filezilla via SFTP on ...

What to set permissions to when developing a wordpress site locally

I've setup a domain through apache virtual hosts and set the permissions on the public_html directory as $USER:$USER. I also have wordpress installed in public_html/wp
When trying to add a local image to the media part of the site, wordpress threw an error saying it did not have permission to create the required folder to store the image. The directories are set to 755 and files to 644 so I assumed it was the ownership that needed to change. So I ran
sudo chgrp -R www-data /var/www/virtual-host-site.dev/*
So my ownership looked like $USER:www-data however, this still didn't give wordpress rights, so I tried
sudo chown -R www-data:www-data /var/www/virtual-host-site.dev/*
which fixed the problem. But then as a user, I have no write access to the directories. I thought adding $USER to the group www-data
sudo usermod -a -G www-data $USER
would give $USER rights like www-data, but this doesn't seem to be the case.
How do I keep my folders as 755 and files as 644 while allowing both $USER and wordpress write access to the application directories?
Thanks.
So I resolved this by changing my dev directory to www-data:www-data and changing my themes folder to $USER:www-data with the command
sudo chown -R $USER:www-data wp/wp-content/themes

Update wordpress theme on ec2

I'm hosting a wordpress site on ec2 and I'm trying to update my theme through the admin screen. Its asking me for Hostname and ftp username and password. Is ec2-xxx.compute-1.amazonaws.com:22 my hostname? I tried along with ec2user and root for my ftp username but no luck. What am I doing wrong?
Skip the FTP info altogether and just change the permission of the directory structure where Wordpress is installed.
VIA SSH
sudo chown -R apache:apache path/to/wordpress
sudo makes sure you execute as the root user
chown will change the owner of the directory
-R will make it recursive, so it changes all files and directories within
apache:apache is user:group
And then the path to wordpress. Could be /var/www/html/sitename.com or if you navigate to the folder where Wordpress is installed, you can use a period (.) to tell it to change the current directory.
This will make is so that you can't copy files via sftp though, so it is good to change at least the themes directory back to the ec2-user:ec2-user user and group.
So this changes back to your ssh/sftp user:
sudo chown -R ec2-user:ec2-user path/to/wordpress
You can assign the folders to the ftp user and the apache group and then make them group writable as well. This will allow you to ftp into the directory, and allow everything to be auto updated within Wordpress.
// Set the wp-contents into the apache group and then make files group writable
sudo chgrp -R apache wp-content
sudo chmod -R g+w wp-content
// This makes new files created in wp-content and all of its sub-directories group-writable.
sudo chmod g+s wp-content
Then add this to wp-config.php to force Wordpress to update when only applying this wp-content:
define('FS_METHOD', 'direct');
You can also apply to the whole Wordpress install to auto update Wordpress and not just plugins/themes. If you do this, I would recommend putting your wp-config.php file one directory above your Wordpress install though, so you can lock it down separately.
EDIT: Whenever I am having permission troubles on EC2, I go to site root directory, and paste these lines in. I apply it to the whole Wordpress install these days:
sudo find . -type d -exec chmod 0755 {} \;
sudo find . -type f -exec chmod 0644 {} \;
sudo chown -R ec2-user:apache .
sudo chmod -R g+w .
sudo chmod g+s .
I use something similar on my Mac as well.
In your wp-config.php under directives add this line:
define('FS_METHOD', 'direct');
You can simply solve this problem by doing this via ssh:
sudo chown -R apache path/to/wordpress
then
sudo chmod -R 755 path/to/wordpress
Your hostname would be ec2-107-20-192-98.compute-1.amazonaws.com.
Your username will be the username you use to SFTP to the instance normally - ec2user for some instance types, ubuntu for Ubuntu AMIs, etc. EC2 generally doesn't use passwords, preferring SSH keys, so you'll have to set a password for your account by doing passwd on the commandline.
Try adding FTP credentials to wp-config.php: http://codex.wordpress.org/Editing_wp-config.php and http://codex.wordpress.org/Editing_wp-config.php#WordPress_Upgrade_Constants
That should make WP admin stop asking for FTP details. But depending on how you've set up permissions via the command line, may have to go to the command line to edit files like wp-config.php . And you may not have sufficient permissions to upload and for WP to unzip a theme.
As per other answers, I use SFTP with a server of ec2-xx-xxx-xx-xx.compute-1.amazonaws.com username of ec2-user
ec2-107-20-192-98.compute-1.amazonaws.com:22 represents both the hostname and the ssh port. (SSH is normally on port 22, though it can run on any port.)
Try just ec2-107-20-192-98.compute-1.amazonaws.com in the hostname field.
I'm still skeptical of a webpage asking for a username and password. Seems a bit silly to me, since you should just use SFTP to directly upload whatever content you want using your SSH identity key instead of a password.
You could simply use 127.0.0.1 as hostname and check FTP in Wordpress ftp settings.
To resume what has been said:
user is the same you actually use to SSH/SFTP
password needs to be set/updated logging in via SSH and typing
sudo passwd your-user-name

Resources