欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

php touch 创建的文件 属于root???如何修改

程序员文章站 2022-05-03 18:20:23
...
环境:
os = debian linux
php = php5 用apt-get自动安装的
web服务器 = lighttpd 配置文件简单,只配置php的路径,能跑php

linux中用户两个 root 和 foo
php和lighttpd是root用户安装滴
网站根目录及它下面的所有文件与目录 都属于 foo

但是,问题来了- -!
一句代码:foo.php


用浏览器访问这个foo.php,结果foo.xml 属于root

哪位能说说这个大概是哪里的配置问题???



回复讨论(解决方案)

30,028 posts
LocationSydney, Australia.


Posted 29 December 2009 - 06:30 PM

The way I normally setup Debian systems is as follows:

1) As root, create a new group called 'www' then place yourself within that group, logout and back in for it to take effect.

sudo groupadd www
sudo gpasswd -a www
logout

2) Make the entire /var/www directory structure be owned by 'www-data' and the 'www' group. Give users belonging to the 'www' group write permissions, then set the sticky bit on the group for this directory structure so that any new directories created will take on these same permissions.

sudo chown -R www-data:www /var/www
sudo find /var/www -type f -exec chmod 664 {} \;
sudo find /var/www -type d -exec chmod 775 {} \;
sudo find /var/www -type d -exec chmod g+s {} \;

That should now give you sufficient permissions to create directories and files within /var/www manually (ie: Via a terminal). If you want these directories to be writtable by the server process you will however need to chown them to www-data:www. Any new directories created by the Apache process will automatically be owned by www-data:www.

3) Allow users within the 'www' group to change directories they own within /var/www to be owned by 'www-data:www'.

sudo sudoedit /etc/sudoers

Then add the following line.....

%www ALL = NOPASSWD: /bin/chown www-data /var/www/*, /bin/chown -R www-data /var/www/*

This means users within the 'www' group can now execute....

sudo chown www-data /var/www/

on directories they own, making them writtable via the Apache process.

That's basically it. Allot of people like to simply join the www-data group and set the sticky bit on /var/www but you generally don't want all directories to be writtable by the Apache process.

.

http://thorpesystems.com | http://proemframework.org | http://github.com/trq

SmtpCatcher - A very simple mock sendmail useful for testing PHP mail scripts.