[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: RHEL 5 - chmod 777



On Fri, 24 Apr 2009, Lopez, Denise wrote:

I bet the write doesn't work either but I am not sure how to test the
code.  The programmer showed me the section with the append and was able
to demonstrate that the append wasn't working through the website.

I already have PHP configured to send errors to a log file so the
programmers can read it. Nothing is getting written to the log file for
that URL as far as PHP.

In addition in my apache logs I can see that a fastcgi process is
started as apache so I know I need the apache permissions.

Have they tried writting to something like
  $_SERVER["DOCUMENT_ROOT"]/auth/$source
instead of to a relative directory?  It could be that your servers root is
/etc/httpd/

Regards
James


Thank for all your suggestions and help.  I will have to do some further
investigating.
Have a nice weekend.

Denise Lopez
310/ 206-8216
dlopez humnet ucla edu


-----Original Message-----
From: redhat-sysadmin-list-bounces redhat com
[mailto:redhat-sysadmin-list-bounces redhat com] On Behalf Of DOZIER,
JACK T.
Sent: Friday, April 24, 2009 2:05 PM
To: redhat-sysadmin-list redhat com
Subject: RE: RHEL 5 - chmod 777

Is it only the append functionality that doesn't work? Does a regular
write from PHP work?

The next thing I'd probably do is configure PHP to write errors to a log
and see if it complains.


Jack Dozier

-----Original Message-----
From: redhat-sysadmin-list-bounces redhat com
[mailto:redhat-sysadmin-list-bounces redhat com] On Behalf Of Lopez,
Denise
Sent: Friday, April 24, 2009 3:46 PM
To: redhat-sysadmin-list redhat com
Subject: RE: RHEL 5 - chmod 777

No, it's in permissive mode.

Denise Lopez
310/ 206-8216
dlopez humnet ucla edu


-----Original Message-----
From: redhat-sysadmin-list-bounces redhat com
[mailto:redhat-sysadmin-list-bounces redhat com] On Behalf Of DOZIER,
JACK T.
Sent: Friday, April 24, 2009 1:44 PM
To: redhat-sysadmin-list redhat com
Subject: RE: RHEL 5 - chmod 777

Is SELinux in enforcing mode?


Jack Dozier
Ozarks Technical Community College

-----Original Message-----
From: redhat-sysadmin-list-bounces redhat com
[mailto:redhat-sysadmin-list-bounces redhat com] On Behalf Of Lopez,
Denise
Sent: Friday, April 24, 2009 11:18 AM
To: redhat-sysadmin-list redhat com
Subject: RE: RHEL 5 - chmod 777

Thank you to everyone for the suggestions!
Thank you Cameron for the explanation of the colors.  I didn't think the
functionality had changed and thought it had to do with the color schema
but just wanted to verify my hunch.

What I have is a directory with owner apache, group www and permissions
of 2775.  The problem I ran into was my umask was being set to 022 and I
needed to change it to 002 in order for the permissions above to work
correctly.

What my programmers are trying to do is this:

function auth_add_user($source, $uid) {
       global $msg;
       $users = get_users($source);
       $uid = trim($uid);
       if (!in_array($uid, $users)) {
               if (is_writeable("auth/$source")) {
                       file_put_contents("auth/$source", "$uid\n",
FILE_APPEND);
               } else {
                       $msg[] = "auth/$source is not writeable.";
               }
       }
}

The appending functionality isn't working. The owner of the file is also
a member of the www group.

My apache installation has both PHP4 and PHP5 installed. PHP4 runs as an
Apache Handler and PHP5 runs as CGI/FastCGI.  I don't have the
SuexecUserGroup installed or configured.

If I log into the box and su - apache, I can append to the file just
fine which makes me believe that it has something to do with PHP.

Not sure if this is the group to ask PHP questions to but does my logic
that it probably is a PHP issue make sense or am I missing something?

Thanks again all!

Denise Lopez
310/ 206-8216
dlopez humnet ucla edu

-----Original Message-----
From: redhat-sysadmin-list-bounces redhat com
[mailto:redhat-sysadmin-list-bounces redhat com] On Behalf Of Camron W.
Fox
Sent: Thursday, April 23, 2009 3:32 PM
To: redhat-sysadmin-list redhat com
Subject: Re: RHEL 5 - chmod 777

Lopez, Denise wrote:
Hi all,

I have a quick question.  One of my programmers is trying to get his
program working by chmod 777 directories.  On my RHEL 4 server the
program is working but on the RHEL 5 server when I do a ls -alh of the

directory, it is highlighted and the permissions are 777.

Does anyone know what the highlighting means?

P.S. I know about the security risk of chmod 777.  Does anyone know of
a
way to allow a group of users and apache to write to a directory and
all
directories underneath it.

I have umask of 002 permission on directory are 2775 and user is
apache
with group www.

Thanks in advance.

Denise Lopez
Denise,

	By default, ls is aliased to:

[cwfox hiloii etc]$ alias ls
alias ls='ls --color=tty'
[cwfox hiloii etc]$

	The colors are defined by LS_COLORS:

[cwfox hiloii etc]$ echo $LS_COLORS
no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:
or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;
32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;3
1:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.
gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jp
g=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.ti
f=00;35:
[cwfox hiloii etc]$

	The defaults can be found by using "dircolors --print-database".
The
default setting between RHEL4/5 are different.

Best Regards,
Camron

Camron W. Fox
Hilo Office
High Performance Computing Group
Fujitsu Management Services of America, Inc.
E-mail:		cwfox us fujitsu com


--
redhat-sysadmin-list mailing list
redhat-sysadmin-list redhat com
https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list

--
redhat-sysadmin-list mailing list
redhat-sysadmin-list redhat com
https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list

--
redhat-sysadmin-list mailing list
redhat-sysadmin-list redhat com
https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list

--
redhat-sysadmin-list mailing list
redhat-sysadmin-list redhat com
https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list

--
redhat-sysadmin-list mailing list
redhat-sysadmin-list redhat com
https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list

--
redhat-sysadmin-list mailing list
redhat-sysadmin-list redhat com
https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list



--
James Bourne                  | Email:            jbourne hardrock org
UNIX Systems Administration   | WWW:           http://www.hardrock.org
Custom UNIX Programming       | Linux:  The choice of a GNU generation
----------------------------------------------------------------------
"All you need's  an occasional kick in  the philosophy." Frank Herbert
Need an inexpensive domain alternative?  http://fastforwarddomains.com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]