RHEL 5 - chmod 777

James Bourne jbourne at hardrock.org
Fri Apr 24 23:25:39 UTC 2009 

On Fri, 24 Apr 2009, Lopez, Denise wrote:

> I bet the write doesn't work either but I am not sure how to test the
> code.  The programmer showed me the section with the append and was able
> to demonstrate that the append wasn't working through the website.
>
> I already have PHP configured to send errors to a log file so the
> programmers can read it. Nothing is getting written to the log file for
> that URL as far as PHP.
>
> In addition in my apache logs I can see that a fastcgi process is
> started as apache so I know I need the apache permissions.

Have they tried writting to something like
   $_SERVER["DOCUMENT_ROOT"]/auth/$source
instead of to a relative directory?  It could be that your servers root is
/etc/httpd/

Regards
James

>
> Thank for all your suggestions and help.  I will have to do some further
> investigating.
> Have a nice weekend.
>
> Denise Lopez
> 310/ 206-8216
> dlopez at humnet.ucla.edu
>
>
> -----Original Message-----
> From: redhat-sysadmin-list-bounces at redhat.com
> [mailto:redhat-sysadmin-list-bounces at redhat.com] On Behalf Of DOZIER,
> JACK T.
> Sent: Friday, April 24, 2009 2:05 PM
> To: redhat-sysadmin-list at redhat.com
> Subject: RE: RHEL 5 - chmod 777
>
> Is it only the append functionality that doesn't work? Does a regular
> write from PHP work?
>
> The next thing I'd probably do is configure PHP to write errors to a log
> and see if it complains.
>
>
> Jack Dozier
>
> -----Original Message-----
> From: redhat-sysadmin-list-bounces at redhat.com
> [mailto:redhat-sysadmin-list-bounces at redhat.com] On Behalf Of Lopez,
> Denise
> Sent: Friday, April 24, 2009 3:46 PM
> To: redhat-sysadmin-list at redhat.com
> Subject: RE: RHEL 5 - chmod 777
>
> No, it's in permissive mode.
>
> Denise Lopez
> 310/ 206-8216
> dlopez at humnet.ucla.edu
>
>
> -----Original Message-----
> From: redhat-sysadmin-list-bounces at redhat.com
> [mailto:redhat-sysadmin-list-bounces at redhat.com] On Behalf Of DOZIER,
> JACK T.
> Sent: Friday, April 24, 2009 1:44 PM
> To: redhat-sysadmin-list at redhat.com
> Subject: RE: RHEL 5 - chmod 777
>
> Is SELinux in enforcing mode?
>
>
> Jack Dozier
> Ozarks Technical Community College
>
> -----Original Message-----
> From: redhat-sysadmin-list-bounces at redhat.com
> [mailto:redhat-sysadmin-list-bounces at redhat.com] On Behalf Of Lopez,
> Denise
> Sent: Friday, April 24, 2009 11:18 AM
> To: redhat-sysadmin-list at redhat.com
> Subject: RE: RHEL 5 - chmod 777
>
> Thank you to everyone for the suggestions!
> Thank you Cameron for the explanation of the colors.  I didn't think the
> functionality had changed and thought it had to do with the color schema
> but just wanted to verify my hunch.
>
> What I have is a directory with owner apache, group www and permissions
> of 2775.  The problem I ran into was my umask was being set to 022 and I
> needed to change it to 002 in order for the permissions above to work
> correctly.
>
> What my programmers are trying to do is this:
>
> function auth_add_user($source, $uid) {
>        global $msg;
>        $users = get_users($source);
>        $uid = trim($uid);
>        if (!in_array($uid, $users)) {
>                if (is_writeable("auth/$source")) {
>                        file_put_contents("auth/$source", "$uid\n",
> FILE_APPEND);
>                } else {
>                        $msg[] = "auth/$source is not writeable.";
>                }
>        }
> }
>
> The appending functionality isn't working. The owner of the file is also
> a member of the www group.
>
> My apache installation has both PHP4 and PHP5 installed. PHP4 runs as an
> Apache Handler and PHP5 runs as CGI/FastCGI.  I don't have the
> SuexecUserGroup installed or configured.
>
> If I log into the box and su - apache, I can append to the file just
> fine which makes me believe that it has something to do with PHP.
>
> Not sure if this is the group to ask PHP questions to but does my logic
> that it probably is a PHP issue make sense or am I missing something?
>
> Thanks again all!
>
> Denise Lopez
> 310/ 206-8216
> dlopez at humnet.ucla.edu
>
> -----Original Message-----
> From: redhat-sysadmin-list-bounces at redhat.com
> [mailto:redhat-sysadmin-list-bounces at redhat.com] On Behalf Of Camron W.
> Fox
> Sent: Thursday, April 23, 2009 3:32 PM
> To: redhat-sysadmin-list at redhat.com
> Subject: Re: RHEL 5 - chmod 777
>
> Lopez, Denise wrote:
>> Hi all,
>>
>> I have a quick question.  One of my programmers is trying to get his
>> program working by chmod 777 directories.  On my RHEL 4 server the
>> program is working but on the RHEL 5 server when I do a ls -alh of the
>
>> directory, it is highlighted and the permissions are 777.
>>
>> Does anyone know what the highlighting means?
>>
>> P.S. I know about the security risk of chmod 777.  Does anyone know of
> a
>> way to allow a group of users and apache to write to a directory and
> all
>> directories underneath it.
>>
>> I have umask of 002 permission on directory are 2775 and user is
> apache
>> with group www.
>>
>> Thanks in advance.
>>
>> Denise Lopez
> Denise,
>
> 	By default, ls is aliased to:
>
> [cwfox at hiloii etc]$ alias ls
> alias ls='ls --color=tty'
> [cwfox at hiloii etc]$
>
> 	The colors are defined by LS_COLORS:
>
> [cwfox at hiloii etc]$ echo $LS_COLORS
> no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:
> or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;
> 32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;3
> 1:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.
> gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jp
> g=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.ti
> f=00;35:
> [cwfox at hiloii etc]$
>
> 	The defaults can be found by using "dircolors --print-database".
> The
> default setting between RHEL4/5 are different.
>
> Best Regards,
> Camron
>
> Camron W. Fox
> Hilo Office
> High Performance Computing Group
> Fujitsu Management Services of America, Inc.
> E-mail:		cwfox at us.fujitsu.com
>
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>
>

-- 
James Bourne                  | Email:            jbourne at hardrock.org
UNIX Systems Administration   | WWW:           http://www.hardrock.org
Custom UNIX Programming       | Linux:  The choice of a GNU generation
----------------------------------------------------------------------
"All you need's  an occasional kick in  the philosophy." Frank Herbert
Need an inexpensive domain alternative?  http://fastforwarddomains.com

More information about the redhat-sysadmin-list mailing list